China Hacked Japan’s Military Networks
The NSA discovered the intrusion in 2020—we don’t know how—and alerted the Japanese. The Washington Post has the story: The…
Security
Nine flaws in CyberPower and Dataprobe solutions expose data centers to hacking
Multiple vulnerabilities in CyberPower PowerPanel Enterprise DCIM platform and Dataprobe PDU could expose data centers to hacking. Researchers from Trellix…
Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS
16 vulnerabilities in Codesys products could result in remote code execution and DoS attacks exposing OT environments to hacking. Microsoft…
Security Affairs newsletter Round 432 by Pierluigi Paganini – International edition
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free…
The DHS’s CSRB to review cloud security practices following the hack of Microsoft Exchange govt email accounts
The DHS’s CSRB will review cloud security practices following recent hacks of Microsoft Exchange accounts used by US govt agencies.…
Police dismantled bulletproof hosting service provider Lolek Hosted
A joint operation conducted by European and U.S. law enforcement agencies dismantled the bulletproof hosting service provider Lolek Hosted. Lolek…
Python URL parsing function flaw can enable command execution
A severe vulnerability in the Python URL parsing function can be exploited to gain arbitrary file reads and command execution.…
2023 OWASP Top-10 Series: API3:2023 Broken Object Property Level Authorization
Welcome to the 4th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a…
UK govt contractor MPD FM leaks employee passport data
UK govt contractor MPD FM left an open instance that exposed employee passports, visas, and other sensitive data MPD FM,…
Power Generator in South Africa hit with DroxiDat and Cobalt Strike
Threat actors employed a new variant of the SystemBC malware, named DroxiDat, in attacks aimed at African critical infrastructure. Researchers…