As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack […]
Siemens SIMATIC RTLS Locating Manager Read More »
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2014-100005 D-Link DIR-600 Router Cross-Site Request Forgery (CSRF) Vulnerability CVE-2021-40655 D-Link DIR-605 Router Information Disclosure Vulnerability CVE-2024-4761 Google Chromium V8 Out-of-Bounds Memory Write Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose
CISA Adds Three Known Exploited Vulnerabilities to Catalog Read More »
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION: Low Attack Complexity
Siemens Industrial Products | CISA Read More »
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Exploitable remotely/low attack
Siemens SICAM Products | CISA Read More »
Microsoft has acknowledged a new known issue causing this month’s KB5037765 security update for Windows Server 2019 to fail to install with 0x800f0982 errors. “Windows servers attempting to install the May 2024 security update (KB5037765), released May 14, 2024, might face issues during the installation process,” Microsoft explains on the Windows health dashboard. “The installation
Windows Server 2019 updates fail with 0x800f0982 errors Read More »
Google has released a new emergency Chrome security update to address the third zero-day vulnerability exploited in attacks within a week. “Google is aware that an exploit for CVE-2024-4947 exists in the wild,” the search giant said in a security advisory published on Wednesday. The high-severity zero-day vulnerability (CVE-2024-4947) is caused by a type confusion
Google fixes third actively exploited Chrome zero-day in a week Read More »
Alexey Pertsev, one of the main developers of the Tornado Cash cryptocurrency tumbler has been sentenced to 64 months in prison for his part in helping launder more than $2 billion worth of cryptocurrency. The 31-year-old Russian national was arrested in Amsterdam in August 2022 for charges of hiding financial flows from criminal activities and facilitating money laundering. Tornado
Tornado Cash cryptomixer dev gets 64 months for laundering $2 billion Read More »
Banco Santander S.A. announced it suffered a data breach impacting customers after an unauthorized actor accessed a database hosted by one of its third-party service providers. With a strong presence in Spain, the United Kingdom, Brazil, Mexico, and the United States, Banco Santander is one of the largest and most significant banks in the world, known for a
Banco Santander warns of a data breach exposing customer info Read More »
Apple’s antifraud technology has blocked more than $7 billion in potentially fraudulent transactions in four years, the company states in its latest annual fraud prevention analysis. From 2020 through 2023, the company also detected more than 14 million stolen cards and blocked them from transacting on its platform along with 3.3 million accounts. Statistics for last
Apple blocked $7 billion in fraudulent App Store purchases in 4 years Read More »
The U.S. Department of Justice has indicted two brothers for allegedly manipulating the Ethereum blockchain and stealing $25 million worth of cryptocurrency within approximately 12 seconds in a “first-of-its-kind” scheme. Anton Peraire-Bueno and James Pepaire-Bueno were arrested in Boston and New York on Tuesday on charges of wire fraud and conspiracy to commit wire fraud
Brothers arrested for $25 million theft in Ethereum blockchain attack Read More »