Biden bans Kaspersky antivirus software in US over security concerns

Today, the Biden administration has announced an upcoming ban of Kaspersky antivirus software and the pushing of software updates to US companies and consumers, giving customers until September 29, 2024, to find alternative security software. “Today, the Department of Commerce’s Bureau of Industry and Security (BIS) announced a Final Determination prohibiting Kaspersky Lab, Inc., the […]

Biden bans Kaspersky antivirus software in US over security concerns Read More »

CAREL Boss-Mini | CISA

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: CAREL Equipment: Boss-Mini Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to manipulate an argument path, which would lead to information disclosure. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions

CAREL Boss-Mini | CISA Read More »

CISA Releases Guidance on Single Sign-On (SSO) Adoption for Small and Medium-Sized Businesses: (SMBs)

Today, CISA released Barriers to Single Sign-On (SSO) Adoption for Small and Medium-Sized Businesses: Identifying Challenges and Opportunities, a detailed report exploring challenges to SSO adoption by small and medium-sized businesses (SMBs). The report also identifies potential ways to overcome these challenges and improve an SMB’s level of security.  CISA also released a related blog

CISA Releases Guidance on Single Sign-On (SSO) Adoption for Small and Medium-Sized Businesses: (SMBs) Read More »

Westermo L210-F2G | CISA

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Westermo Equipment: L210-F2G Lynx Vulnerabilities: Cleartext Transmission of Sensitive Information, Improper Control of Interaction Frequency 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed or may allow remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS

Westermo L210-F2G | CISA Read More »

Yokogawa CENTUM | CISA

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.7 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Yokogawa Equipment: CENTUM Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary programs. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Yokogawa CENTUM, a distributed control system (DCS),

Yokogawa CENTUM | CISA Read More »

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems (ICS) advisories on June 20, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations. This content is being syndicated from Source link for documentation purpose. If

CISA Releases Three Industrial Control Systems Advisories Read More »

T-Mobile denies it was hacked, links leaked data to vendor breach

T-Mobile has denied it was breached or that source code was stolen after a threat actor claimed to be selling stolen data from the telecommunications company. “T-Mobile systems have not been compromised. We are actively investigating a claim of an issue at a third-party service provider,” T-Mobile shared in a statement to BleepingComputer. “We have

T-Mobile denies it was hacked, links leaked data to vendor breach Read More »

Crown Equipment confirms a cyberattack disrupted manufacturing

Image: DigitalIceAge Forklift manufacturer Crown Equipment confirmed today that it suffered a cyberattack earlier this month that disrupted manufacturing at its plants. Crown is one of the largest forklift manufacturers in the world, employing 19,600 people and having 24 manufacturing plants in 14 locations worldwide.  Since approximately June 8th, Crown employees have been reporting that the company was

Crown Equipment confirms a cyberattack disrupted manufacturing Read More »

Advance Auto Parts confirms data breach exposed employee information

Advance Auto Parts has confirmed it suffered a data breach after a threat actor attempted to sell stolen data on a hacking forum earlier this month. Advance operates 4,777 stores and 320 Worldpac branches and serves 1,152 independently owned Carquest stores in the United States, Canada, Puerto Rico, the U.S. Virgin Islands, Mexico, and various

Advance Auto Parts confirms data breach exposed employee information Read More »

CDK Global cyberattack impacts thousands of US car dealerships

Car dealership software-as-a-service provider CDK Global was hit by a massive cyberattack, causing the company to shut down its systems and leaving clients unable to operate their business normally. CDK Global provides clients in the auto industry a SaaS platform that handles all aspects of a car dealership’s operation, including CRM, financing, payroll, support and

CDK Global cyberattack impacts thousands of US car dealerships Read More »

Scroll to Top