Industry 4.0 Points Up Need for Improved Security for Manufacturers
Digital transformation within the manufacturing industry, often referred to as Industry 4.0, is bringing a new world of connectivity and efficiency to modern-day factories. Smart factories incorporate new technology — such...
CLOP Ransomware Activity Spiked in April
While on the whole the ransomware landscape remained fairly stable between March and April, a new analysis shows a sizable hike in attack activity from the CLOP ransomware group.
The...
Brexit Leak Site Linked to Russian Hackers
A new website has popped up called Very English Coop d'Etat, publishing what it claims are private emails from pro-Brexit leadership in the UK in an attempt to gin...
New Mend service auto-detects and fixes code, app security issues
Open-source application security company Mend, formerly WhiteSource, has announced the launch of an automated remediation service for addressing code security issues. According to the firm, the new service is...
Technical Advisory – SerComm h500s – Authenticated Remote Command Execution (CVE-2021-44080)
Current Vendor: SerComm
Vendor URL: https://www.sercomm.com
Systems Affected: SerComm h500s
Versions affected: lowi-h500s-v3.4.22
Authors: Diego Gómez Marañón & @rsrdesarrollo
CVE Identifier: CVE-2021-44080
Risk: 6.6(Medium)- AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
The h500s is a router device manufactured by SerComm and packaged...
DeFi Is Getting Pummeled by Cybercriminals
Decentralized finance (DeFi) platforms — which connect various cryptocurrency blockchains to create a decentralized infrastructure for borrowing, trading, and other transactions — promise to replace banks as a secure and convenient...
New Attack Shows Weaponized PDF Files Remain a Threat
When it comes to packaging malware, the file format of choice remains Microsoft Word or Excel, but a recent attack using a PDF file to lure in victims caught the...
Microsoft Elevation-of-Privilege Vulnerabilities Spiked Again in 2021
The number of privilege escalation bugs in Microsoft's products increased for the second year in a row in 2021, highlighting the growing risk this vulnerability category poses for organizations.
BeyondTrust...
‘There’s No Ceiling’: Ransomware’s Alarming Growth Signals a New Era, Verizon DBIR Finds
The past year has seen a staggering acceleration in ransomware incidents, with 25% of all breaches containing a ransomware component.
That's the top-line finding in the 2022 Verizon Data Breach...
Senate report criticizes feds’ approach to ransomware investigations
Written by Suzanne Smalley May 24, 2022 |...
