CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-38094 Microsoft SharePoint Deserialization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose
Continue ReadingCategory: Dynamic Threat Feeds
CISA Releases One Industrial Control Systems Advisory
CISA released one Industrial Control Systems (ICS) advisory on October 22, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-296-01 ICONICS and Mitsubishi Electric Products CISA encourages users and
Continue ReadingICONICS and Mitsubishi Electric Products
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: ICONICS, Mitsubishi Electric Equipment: ICONICS Product Suite, Mitsubishi Electric MC Works64 Vulnerability: Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability
Continue ReadingISC Stormcast For Tuesday, October 22nd, 2024 https://isc.sans.edu/podcastdetail/9190, (Tue, Oct 22nd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingA Network Nerd’s Take on Emergency Preparedness, (Tue, Oct 15th)
Over the last month, two hurricanes barely missed me. Luckily, neither caused me any significant inconvenience. Sadly, others were not as lucky, and I think this is a good time to do a little "Lessons Learned"
Continue ReadingCISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-9537 ScienceLogic SL1 Unspecified Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose
Continue ReadingCybersecurity Awareness Month: How We Continuously Improve Security Practice
At Recorded Future, we understand the importance of practicing what we preach. As the worlds largest intelligence company, we're committed to ensuring that our internal security practices are as robust as the solutions we offer our
Continue ReadingISC Stormcast For Monday, October 21st, 2024 https://isc.sans.edu/podcastdetail/9188, (Mon, Oct 21st)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingWhy London Predict is the Must-Attend Cybersecurity Event
Ransomware attacks are escalating, geopolitical tensions are heightening cyber concerns, and AI is rapidly transforming the threat landscape. Security teams are under immense pressure to not only outpace adversaries, but also to justify their budgets and
Continue ReadingISC Stormcast For Friday, October 18th, 2024 https://isc.sans.edu/podcastdetail/9186, (Fri, Oct 18th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue Reading