Props for the transparency though US sensor maker Sensata has told regulators that a ransomware attack caused an operational disruption, and that it’s still working to fully restore affected systems.… This article has been indexed from The Register – Security…
Threat actors thrive in chaos
Martin delves into how threat actors exploit chaos, offering insights from Talos’ 2024 Year in Review on how to fortify defenses against evolving email lures and frequently targeted vulnerabilities, even amidst economic disruption. This article has been indexed from Cisco…
Google Eyes User Browsing Data Search in New Patent Filing
Tech giant Google may soon help users find content they’ve previously seen, not by searching the web but by scanning their own digital history. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto…
US sensor giant Sensata admits ransomware disrupts operations
Props for the transparency though US sensor maker Sensata has told regulators that a ransomware attack caused operational disruption, and that it’s still working to fully restore affected systems.… This article has been indexed from The Register – Security Read…
NSA Warns of Fast Flux DNS Evasion Employed by Cybercrime Outfits
The FBI, the Cybersecurity and Infrastructure Security Agency, and a group of international partners have warned that cyber threat groups are utilising a technique known as “fast flux” to conceal the whereabouts of malicious servers, which poses a substantial…
Chinese Cyber Espionage Suspected in New Ivanti VPN Malware Attack
A newly discovered cyberattack campaign targeting Ivanti VPN devices is suspected to be linked to a Chinese cyberespionage group. Security researchers believe the attackers exploited a critical vulnerability in Ivanti Connect Secure, which was patched by the Utah-based company…
ToddyCat Hackers Exploit ESET Vulnerability to Deploy Stealth Malware TCESB
A cyber-espionage group known as ToddyCat, believed to have ties to China, has been observed exploiting a security flaw in ESET’s software to deliver a new and previously undocumented malware strain called TCESB, according to fresh findings by cybersecurity…
Siemens Solid Edge
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services…
ABB Arctic Wireless Gateways
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: Arctic Wireless Gateways Vulnerabilities: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’), Improper Privilege Management, Exposure of Sensitive Information to an Unauthorized…
Rockwell Automation Arena
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: Arena Vulnerabilities: Use of Uninitialized Variable, Out-of-bounds Write, Out-of-bounds Read, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could disclose information…
Subnet Solutions PowerSYSTEM Center
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Low attack complexity Vendor: Subnet Solutions Inc. Equipment: PowerSYSTEM Center (PSC) 2020 Vulnerabilities: Out-of-Bounds Read, Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker…
Siemens Insights Hub Private Cloud
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services…
IT Security News Hourly Summary 2025-04-10 18h : 27 posts
27 posts were published in the last hour 16:3 : Sensata Technologies hit by a ransomware attack 16:2 : Smokeloader Users Identified and Arrested in Operation Endgame 16:2 : ViperSoftX Malware Spreads Through Cracked Software, Targeting Unsuspecting Users 16:2 :…
OpenAI Countersues Elon Musk, Citing Interference
Escalation of feud between Sam Altman and Elon Musk, after OpenAI confirms it is now suing Musk who sued OpenAI twice last year This article has been indexed from Silicon UK Read the original article: OpenAI Countersues Elon Musk, Citing…
Shuckworm Group Leverages GammaSteel Malware in Targeted PowerShell Attacks
The Russia-linked cyber-espionage group known as Shuckworm (also identified as Gamaredon or Armageddon) has been observed targeting a Western country’s military mission located within Ukraine, employing an updated, PowerShell-based version of its GammaSteel infostealer malware. This campaign, which began in…
Sensata Technologies hit by a ransomware attack
Ransomware attacks are known to frequently occur over weekends, and Sensata Technologies, a prominent manufacturer of sensors and electrical components for critical applications, recently became a victim of such an attack. According to a filing with the U.S. Securities and…
Smokeloader Users Identified and Arrested in Operation Endgame
Authorities arrest 5 Smokeloader botnet customers after Operation Endgame; evidence from seized data links customers to malware, ransomware, and more. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article:…
ViperSoftX Malware Spreads Through Cracked Software, Targeting Unsuspecting Users
AhnLab Security Intelligence Center (ASEC) has unearthed a complex cyber campaign in which attackers, suspected to be Arabic speakers, have been distributing ViperSoftX malware to unsuspecting Korean users. This operation has employed cracked software and torrents as vectors for spreading…
China-based SMS Phishing Triad Pivots to Banks
China-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. Until recently, the so-called “Smishing Triad” mainly impersonated toll road operators and shipping companies. But experts say these…
CVE-2024-57727: Path Traversal Vulnerability in SimpleHelp Web Application
CVE-2024-57727 lets attackers read sensitive files via path traversal in SimpleHelp. Learn more about how attackers exploit this flaw. The post CVE-2024-57727: Path Traversal Vulnerability in SimpleHelp Web Application appeared first on OffSec. This article has been indexed from OffSec…
PC Shipments Grow In Q1 Amid Tariff Worries
Shipments of personal computers grew in the first quarter, IDC and Canalys report, amid concern at the impact of Trump’s tariffs This article has been indexed from Silicon UK Read the original article: PC Shipments Grow In Q1 Amid Tariff…
AI To Drive Data Centre Energy Demand
Report from International Energy Agency (IEA) warns AI is set to drive surging electricity demand from data centres This article has been indexed from Silicon UK Read the original article: AI To Drive Data Centre Energy Demand
RansomHub RaaS in Disarray After Affiliate Chat Access Suddenly Revoked
RansomHub, a leading Ransomware-as-a-Service (RaaS) group that emerged in early 2024, has found itself grappling with internal turmoil. The instability came to light on April 1st, 2025, when several of its client chat portals, critical for ransomware negotiations, went offline,…
A Seven‑Year‑Old Cisco Flaw Now Lets Hackers Execute Code Remotely on Network Gear
A Cisco’s Smart Install protocol (CVE-2018-0171), first patched in 2018, remains a pervasive threat to global network infrastructure due to widespread misconfigurations and exploitation by state-sponsored threat actors. The flaw allows unauthenticated attackers to execute arbitrary code on Cisco switches…