CISA will no longer update ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the latest on Siemens’ vulnerabilities, consult Siemens’ ProductCERT Security Advisories. Remember, outdated security is like wearing a medieval helmet in a modern warzone—hilarious but ineffective.

Watch this quick live stream update on CVE-2024-38063 to learn about the exploitability of your systems via IPv6. Spoiler: It’s as stable as a jellyfish on a trampoline.

CISA and partners are rolling out “Best Practices for Event Logging and Threat Detection.” This guide helps organizations set a logging baseline to combat cyber threats, especially those using living off the land techniques. Senior IT decision-makers and network admins should review and implement these recommendations to spot malicious activities and secure their networks.

Historian Server: SQL Injection Vulnerability. Affected versions include 2023 R2 through 2020 R2. Exploitation could allow read/write access to the database. Update to AVEVA System Platform 2023 R2 P01 to mitigate risk. Avoid clicking on suspicious links to prevent attack.

Crashing your manufacturing network is now easier than ever with the Kepware ThingWorx Kepware Server vulnerability! Exploitable from an adjacent network, this bug could lead to a spectacular resource allocation meltdown. Time to brush up on your VPN skills and firewall defenses—your factory’s uptime depends on it!

Bling Libra, known for ShinyHunters ransomware, has switched from selling stolen data to extorting victims. Using legitimate AWS credentials found online, they infiltrate organizations’ cloud environments. Despite limited permissions, they conduct reconnaissance and deletion operations using tools like S3 Browser and WinSCP. Robust cloud security practices are essential to mitigate such threats.

Ran into a Python ValueError while merging Pandas DataFrames? Turns out, those sneaky null bytes can crash your party! Discover how to squash these bugs and keep your data flowing smoothly.

CISA released three ICS advisories on August 29, 2024, detailing current security issues, vulnerabilities, and exploits. Administrators, it’s time to review these advisories and boost your defenses.

CISA, FBI, and DC3 warn that Iran-based cyber actors, such as Pioneer Kitten, are targeting U.S. organizations with ransomware attacks. These state-sponsored hackers aim to exploit vulnerabilities and develop network access. Critical infrastructure organizations are urged to review and implement mitigations to reduce ransomware risks.

CISA has added CVE-2024-7965 to its Known Exploited Vulnerabilities Catalog, highlighting a Google Chromium V8 vulnerability. Federal agencies must address such vulnerabilities promptly to mitigate risks.

Scam campaigns using deepfake videos of public figures are spreading like wildfire, targeting multiple countries with fake investment schemes and government giveaways. Quantum AI is a prominent example. Despite using sophisticated generative AI, traditional investigative methods still help track these scams. Palo Alto Networks’ Advanced URL Filtering aids in blocking these threats.

Cisco APIC vulnerability alert! If restricted security domains and port-mgmt permissions are your thing, you might want to double-check your setup. For the full scoop, see the Fixed Software section of this advisory.

Python is the Swiss Army knife for attackers, offering the ability to call any Windows API and perform low-level system activities. Discover how a Python script uses live patching to hook APIs like AmsiScanBuffer, allowing malicious code to bypass security controls.

Citrine Sleet, a North Korean threat actor, is exploiting CVE-2024-7971 to target the cryptocurrency sector. Using a zero-day vulnerability in Chromium, they aim for financial gain. Microsoft’s analysis reveals shared tools with Diamond Sleet and recommends timely updates to enhance security against these sophisticated attacks.

Microsoft researchers have uncovered a critical ESXi hypervisor vulnerability exploited by ransomware operators to gain full administrative access. This allows them to encrypt systems, access hosted VMs, and move laterally within networks. Apply VMware updates immediately to mitigate this risk.

Introducing Skeleton Key: a new AI jailbreak technique that bypasses model guardrails using multi-turn strategies. This attack can cause models to ignore safety protocols, leading to harmful content generation. Microsoft has implemented defenses in Azure AI to detect and block such attacks, ensuring robust protection for AI applications.

Generative AI systems are like overenthusiastic rookies – imaginative, yet sometimes unreliable. AI jailbreaks exploit this, making the AI produce harmful content or follow malicious instructions. Learn how to mitigate these risks by implementing robust layers of defense mechanisms and maintaining a zero-trust approach.

19 new top-level domains are now the playground for phishing, pranking, and torrents. Our graph-based detection system reveals that these TLDs are magnets for bad actors. From .zip phishing to .bot chat scams, the new TLDs are bustling with cyber mischief. Are you ready to dodge the digital dodgeball?

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, featuring two Draytek VigorConnect issues and one Kingsoft WPS Office flaw. BOD 22-01 urges federal agencies to fix these vulnerabilities promptly to thwart cyber threats. Prioritize timely remediation to keep those pesky cyber gremlins at bay!

View CSAF: LOYTEC electronics GmbH’s LINX series is under siege! With vulnerabilities including Cleartext Transmission of Sensitive Information, Missing Authentication for Critical Function, and Improper Access Control, even a cyber-rookie could wreak havoc. Update your firmware, follow the security guidelines, and, for heaven’s sake, stop using HTTP!