CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation, as confirmed by Fortinet. CVE-2025-24085 Apple Multiple Products Use-After-Free Vulnerability These types of vulnerabilities are frequent attack vectors for
Continue ReadingBlog
Adversarial Misuse of Generative AI
Rapid advancements in artificial intelligence (AI) are unlocking new possibilities for the way we work and accelerating innovation in science, technology, and beyond. In cybersecurity, AI is poised to transform digital defense, empowering defenders and enhancing
Continue ReadingFrom PowerShell to a Python Obfuscation Race!, (Wed, Jan 29th)
Attackers like to mix multiple technologies to improve the deployment of their malicious code. I spotted a small script that drops a Python malware. The file was sent on VirusTotal and got a score of 2/60![1]
Continue ReadingISC Stormcast For Wednesday, January 29th, 2025 https://isc.sans.edu/podcastdetail/9300, (Wed, Jan 29th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingCISA Releases Seven Industrial Control Systems Advisories
CISA released seven Industrial Control Systems (ICS) advisories on January 28, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-028-01 B&R Automation Runtime ICSA-25-028-02 Schneider Electric Power Logic ICSA-25-028-03
Continue ReadingRockwell Automation FactoryTalk
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Vulnerabilities: Incorrect Permission Assignment for Critical Resource, Improper Control of Generation of Code ('Code Injection') 2. RISK EVALUATION Successful
Continue ReadingRockwell Automation DataMosaix Private Cloud
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: DataMosaix Private Cloud Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Dependency on Vulnerable Third-Party Component 2. RISK
Continue ReadingSchneider Electric Power Logic
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Power Logic Vulnerabilities: Authorization Bypass Through User-Controlled Key, Improper Restriction of Operations within the Bounds of a Memory Buffer
Continue ReadingRockwell Automation FactoryTalk
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Vulnerabilities: Incorrect Authorization, Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') 2. RISK EVALUATION
Continue ReadingSchneider Electric RemoteConnect and SCADAPack x70 Utilities
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low Attack Complexity Vendor: Schneider Electric Equipment: Electric RemoteConnect and SCADAPack x70 Utilities Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could
Continue Reading