Siemens patches vulnerability that allows attackers to irreparably compromise entire SIMATIC S7-1200/1500 PLC product lines
Update to new versions of the vulnerable PLC and engineering workstation or implement the workarounds [300 words]. What: A critical vulnerability (CVE-2022-38465 ) exists within Siemens SIMATIC S7-1200, S7-1500 programmable logic controllers (PLCs) and TIA Portal that gives attackers a way to extract “heavily guarded, hardcoded, global private cryptographic keys” in the vulnerable products. Threat actors […]
Read MoreMultiple APTs Exploiting Zimbra Vulnerability CVE-2022-41352
Patch or mitigate now [300 words] What: Organizations using Zimbra Collaboration suite (ZCS) 8.8.15 and 9.0 should immediately update to Zimbra 9.0.0 P27 released on October 10. Those that cannot should implement Zimbra’s recommended workaround which is to install the pax utility and restart Zimbra services. Ubuntu-based Zimbra installations are not impacted because pax is […]
Read MoreMicrosoft looking into reports of a third Exchange Server zero-day?
Security vendor that discovered bug recommends organizations limit IIS app operating privileges on Exchange Server [297 words] What: Microsoft apparently is looking into a report it received from South Korean cybersecurity vendor AhnLab about yet another Exchange Server zero-day vulnerability. To be clear, the vulnerability it is reportedly looking into now is different from the […]
Read MoreUpdate: Attackers actively exploiting recently disclosed authentication bypass vulnerability in FortiOS, FortiProxy and FortiSwitchManager
Key takeaway: Adversaries can exploit the vulnerability remotely to gain full control of affected systems [297 words]. What: Attackers have begun actively exploiting a critical authentication bypass vulnerability (CVE-2022-40684) that Fortinet privately disclosed last week in its FortiOS, FortiProxy and FortiSwitchManager technologies. The vulnerability allows a remote, unauthenticated attacker to gain full administrative control of […]
Read MoreCritical vulnerability puts vm2 JavaScript sandbox environments at risk of remote code execution attack
Key takeaway: “Although sandboxes are meant to run untrusted code within your application, you shouldn’t automatically assume that they are safe.”—Oxeye [260 words] What: Organizations using JavaScript sandbox vm2 should immediately update to version 3.9.11 of vm2. Why: A critical vulnerability (CVE-2022-36067) exists in all previous versions of vm2 that gives remote attackers a way […]
Read MoreFortinet warns of critical severity remotely executable authentication bypass vulnerability
Key takeaway: Fortinet products are a popular attacker target. Update now if you have affected versions of FortiOS and FortiProxy in your environment. If you cannot patch immediately disable Internet facing HTTPS Admin till you can.[296 words] What: A critical authentication bypass vulnerability (CVE-2022-40684) exists in the following FortiOS and FortiProxy versions. FortiOS: From 7.0.0 […]
Read MoreNewly disclosed vulnerability in PHP package repository highlights growing software supply chain risks
Key takeaway: Attackers are increasingly trying to infiltrate software development environments via malicious and poisoned packages on public code repositories. Robust SBOM and SCA practices are key to mitigating the threat [289 words] What: Researchers at SonarSource have disclosed a new vulnerability (CVE-2022-24828) in PHP package repository Packagist that gives attackers a way to execute […]
Read More