Security researchers at Microsoft have discovered a vulnerability in VMware ESXi hypervisors that has been exploited by ransomware operators to gain full administrative access to a domain-joined hypervisor.
Category: Vulnerabilities
ICS malware FrostyGoop takes advantage of Modbus weakness, remains a threat to OT worldwide.
The malware leverages Modbus TCP communications to target operational technology assets — and can easily be repurposed to compromise other industrial controllers, putting widespread critical infrastructure at risk.
PKfail Secure Boot bypass lets attackers install UEFI malware
PKfail, a supply-chain issue, has affected hundreds of UEFI products for over 12 years, leaving nearly 900 devices vulnerable to malware installation. Vendors and users must follow best practices, apply updates and patches, monitor, and protect devices, and replace test keys. Prompt firmware upgrades are advised, and leaked AMI PK devices should be disconnected from critical networks.
CISA warns of actively exploited Juniper pre-auth RCE exploit chain
In addition, CISA is working with Juniper Networks to develop a patch for the vulnerabilities associated with the exploit chain. CISA is also working with other vendors to ensure that their products are not vulnerable to the exploit chain.
The State of Knowledge and Risk Management in Industrial Cybersecurity (ISA/IEC-62443-3-2)
The state of knowledge in industrial cybersecurity during the past decade is based on a vast experience. There is a lot more to come soon.
Industrial PLCs worldwide impacted by CODESYS V3 RCE flaws
Industrial PLCs around the world are vulnerable to CODESYS V3 RCE flaws, potentially leading to serious security risks. Learn more about the potential impacts and how to protect your systems.
Cisco warned customers of a high-severity cisco switch vulnerabilities.
Cisco has recently warned customers of a high-severity vulnerability impacting some of its switch models. This vulnerability could allow attackers to tamper with encrypted traffic, potentially leading to data theft or other malicious activities. Cisco has released a security advisory to address the issue and is urging customers to update their systems as soon as possible.
CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems
CISA has issued a warning about critical vulnerabilities in Siemens, GE Digital, and Contec industrial control systems. These flaws could allow attackers to gain access to and manipulate the systems.
CISA Alert: Veeam Backup and Replication Vulnerabilities Being Exploited in Attacks
CISA has issued an alert warning of active exploitation of vulnerabilities in Veeam Backup and Replication. Organizations should take steps to protect their systems from potential attacks.
New attacks use Windows security bypass zero-day to drop Qbot malware
New phishing attacks use a Windows zero-day vulnerability to drop the Qbot malware without displaying Mark of the Web security warnings.