Our news
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-24955 Microsoft SharePoint Server Code Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited…
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems (ICS) advisories on March 26, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-086-01 Automation-Direct C-MORE EA9 HMI ICSA-24-086-02 Rockwell Automation PowerFlex 527 ICSA-24-086-03 Rockwell Automation Arena Simulation ICSA-24-086-04 Rockwell Automation FactoryTalk View ME CISA encourages users and administrators to review the…
Rockwell Automation PowerFlex 527
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: PowerFlex 527 Vulnerabilities: Improper Input Validation, Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this these vulnerabilities could crash the device and require a manual restart to recover. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Rockwell Automation reports…
Rockwell Automation FactoryTalk View ME
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk View ME Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to the loss of view or control of the PanelView product. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of FactoryTalk…
Apple Released Security Updates for Safari and macOS
Apple released security updates to address a vulnerability (CVE-2024-1580) in Safari and macOS. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary updates: Safari 17.4.1 macOS Sonoma 14.4.1 macOS Ventura 13.6.6
Navigating the Threat Landscape through Breach & Attack Simulation
A Comparative analysis of two of the leading BAS platforms Abstract In an era where cyber threats evolve with alarming speed and complexity, organizations are increasingly reliant on proactive cybersecurity measures. Breach and Attack Simulation (BAS) platforms, such as Cymulate and Picus Security, have emerged as pivotal tools in enabling organizations to validate their security…
Analyzing Incident Artifacts in Support of Forensic Identification
“Time isn’t the main thing, it’s the only thing” Miles Davis Author: Pablo Canseco Abstract The practice of investigating artifacts of interest during a cyber incident can seem overwhelming. A starting point to an incident can be an alert, a suspicious log, a misplaced or misspelled process, anomalous network activity, or what is commonly referred…
The Potential of Deception Technologies
All warfare is based on deception Sun Tzu Author: Pablo Canseco Abstract Sun Tzu wrote; “All warfare is based on deception.” This adage is finding maturity in a digital age where family of security controls must be reinforced with a diversity of other cyber defenses such as deception technologies. In 2018, the need to “defend…
The 2024 U.S. Election Interference
Through the lens of the 2016 U.S. election Russian meddling Author: Pablo Canseco Foreword Looking forward to the elections around the World in 2024, and more specific and urgent is the outlook of another attempt from foreign actors to interfere in the U.S. elections. This time, however, and unlike in 2016, those foreign actors are…