Cybercriminals Increasingly Using EvilProxy Phishing Kit to Target Executives
Threat actors are increasingly using a phishing-as-a-service (PhaaS) toolkit dubbed EvilProxy to pull off account takeover attacks aimed at high-ranking…
rooter
Emerging Attacker Exploit: Microsoft Cross-Tenant Synchronization
Attackers continue to target Microsoft identities to gain access to connected Microsoft applications and federated SaaS applications. Additionally, attackers continue…
Encryption Flaws in Popular Chinese Language App Put Users’ Typed Data at Risk
A widely used Chinese language input app for Windows and Android has been found vulnerable to serious security flaws that…
New Report Exposes Vice Society’s Collaboration with Rhysida Ransomware
Tactical similarities have been unearthed between the double extortion ransomware group known as Rhysida and Vice Society, including in their…
Malicious Campaigns Exploit Weak Kubernetes Clusters for Crypto Mining
Exposed Kubernetes (K8s) clusters are being exploited by malicious actors to deploy cryptocurrency miners and other backdoors. Cloud security firm…
Microsoft Releases Patches for 74 New Vulnerabilities in August Update
Microsoft has patched a total of 74 flaws in its software as part of the company's Patch Tuesday updates for…
U.K. Electoral Commission Breach Exposes Voter Data of 40 Million Britons
The U.K. Electoral Commission on Tuesday disclosed a "complex" cyber attack on its systems that went undetected for over a…
Siemens SICAM TOOLBOX II
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity / public exploits available Vendor: Siemens Equipment: SICAM TOOLBOX II…
Siemens Address Processing in SIMATIC
1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: SIMATIC, SIPLUS Vulnerability: Improper Input Validation 2. RISK…
Siemens Software Center
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Software Center Vulnerabilities: Uncontrolled Search Path…