Vulnerability: it can be one or more weaknesses which can be used by a threat to compromise one or mode cyber-sensitive assets. In this context, vulnerabilities can be procedural, technological, or physical. A few real examples below.
FreeBSD Releases Urgent Patch for High-Severity OpenSSH Vulnerability
FreeBSD takes swift action to address critical OpenSSH vulnerability, issuing urgent patch for heightened security ...
0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices
A recently discovered "0.0.0.0 Day" vulnerability that affects major web browsers like Chrome, Firefox, and Safari. This vulnerability could be ...
VMware ESXi hypervisor vulnerability grants full admin privileges
Security researchers at Microsoft have discovered a vulnerability in VMware ESXi hypervisors that has been exploited by ransomware operators to ...
ICS malware FrostyGoop takes advantage of Modbus weakness, remains a threat to OT worldwide.
The malware leverages Modbus TCP communications to target operational technology assets — and can easily be repurposed to compromise other ...
PKfail Secure Boot bypass lets attackers install UEFI malware
PKfail, a supply-chain issue, has affected hundreds of UEFI products for over 12 years, leaving nearly 900 devices vulnerable to ...
CISA warns of actively exploited Juniper pre-auth RCE exploit chain
In addition, CISA is working with Juniper Networks to develop a patch for the vulnerabilities associated with the exploit chain ...
The State of Knowledge and Risk Management in Industrial Cybersecurity (ISA/IEC-62443-3-2)
The state of knowledge in industrial cybersecurity during the past decade is based on a vast experience. There is a ...
Industrial PLCs worldwide impacted by CODESYS V3 RCE flaws
Industrial PLCs around the world are vulnerable to CODESYS V3 RCE flaws, potentially leading to serious security risks. Learn more ...
Cisco warned customers of a high-severity cisco switch vulnerabilities.
Cisco has recently warned customers of a high-severity vulnerability impacting some of its switch models. This vulnerability could allow attackers ...
CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems
CISA has issued a warning about critical vulnerabilities in Siemens, GE Digital, and Contec industrial control systems. These flaws could ...
CISA Alert: Veeam Backup and Replication Vulnerabilities Being Exploited in Attacks
CISA has issued an alert warning of active exploitation of vulnerabilities in Veeam Backup and Replication. Organizations should take steps ...
New attacks use Windows security bypass zero-day to drop Qbot malware
New phishing attacks use a Windows zero-day vulnerability to drop the Qbot malware without displaying Mark of the Web security ...
Serious Security: Linux Kernel Bugs That Emerged After 15 Years
Researchers from cybersecurity company GRIMM recently published an interesting trio of bugs they found in the Linux kernel... ... In ...
The U.S. food supply is not cyber-secure or safe from threats to control systems
The U.S. Food and Drug Administration (FDA) issued the final rule on the Food Safety Modernization Act (FSMA) in November ...
