Tag: exploits

  • Alerts: CISA Releases Eight Industrial Control Systems Advisories

    Source URL: https://www.cisa.gov/news-events/alerts/2025/01/30/cisa-releases-eight-industrial-control-systems-advisories Source: Alerts Title: CISA Releases Eight Industrial Control Systems Advisories Feedly Summary: CISA released eight Industrial Control Systems (ICS) advisories on January 30, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-030-01 Hitachi Energy UNEM ICSA-25-030-02 New Rock Technologies Cloud Connected Devices ICSA-25-030-03 Schneider Electric…

  • The Register: Wacom says crooks probably swiped customer credit cards from its online checkout

    Source URL: https://www.theregister.com/2025/01/30/wacom_data_loss/ Source: The Register Title: Wacom says crooks probably swiped customer credit cards from its online checkout Feedly Summary: Digital canvas slinger indicates dot-com was skimmed for over a month Graphics tablet maker Wacom has warned customers their credit card details may well have been stolen by miscreants while they were buying stuff…

  • Cisco Talos Blog: Whatsup Gold, Observium and Offis vulnerabilities

    Source URL: https://blog.talosintelligence.com/whatsup-gold-observium-offis-vulnerabilities/ Source: Cisco Talos Blog Title: Whatsup Gold, Observium and Offis vulnerabilities Feedly Summary: Cisco Talos’ Vulnerability Research team recently disclosed three vulnerabilities in Observium, three vulnerabilities in Offis, and four vulnerabilities in Whatsup Gold.   These vulnerabilities exist in Observium, a network observation and monitoring system; Offis DCMTK, a collection of libraries and applications…

  • Alerts: CISA Adds One Known Exploited Vulnerability to Catalog

    Source URL: https://www.cisa.gov/news-events/alerts/2025/01/29/cisa-adds-one-known-exploited-vulnerability-catalog Source: Alerts Title: CISA Adds One Known Exploited Vulnerability to Catalog Feedly Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation, as confirmed by Fortinet. CVE-2025-24085 Apple Multiple Products Use-After-Free Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors…

  • The Register: Why is my Mitel phone DDoSing strangers? Oh, it was roped into a new Mirai botnet

    Source URL: https://www.theregister.com/2025/01/29/ddos_attacks_aquabot_mitel/ Source: The Register Title: Why is my Mitel phone DDoSing strangers? Oh, it was roped into a new Mirai botnet Feedly Summary: And now you won’t stop calling me, I’m kinda busy A new variant of the Mirai-based malware Aquabot is actively exploiting a vulnerability in Mitel phones to build a remote-controlled…

  • The Register: SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac Silicon

    Source URL: https://www.theregister.com/2025/01/29/flop_and_slap_attacks_apple_silicon/ Source: The Register Title: SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac Silicon Feedly Summary: It’s another cousin of Spectre, here to read your email, browsing history, and more Many recent Apple laptops, desktops, tablets, and phones powered by Cupertino’s homegrown Silicon processors can be exploited…

  • Hacker News: New Speculative Attacks on Apple CPUs

    Source URL: https://predictors.fail/ Source: Hacker News Title: New Speculative Attacks on Apple CPUs Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses side-channel attacks, which exploit hardware-level vulnerabilities to extract sensitive information, highlighting the risks associated with shared CPU resources. This is particularly relevant for security professionals focused on hardware security and…

  • Hacker News: New Apple CPU side-channel attacks steals data from browsers

    Source URL: https://www.bleepingcomputer.com/news/security/new-apple-cpu-side-channel-attack-steals-data-from-browsers/ Source: Hacker News Title: New Apple CPU side-channel attacks steals data from browsers Feedly Summary: Comments AI Summary and Description: Yes Summary: A recent disclosure by security researchers reveals critical side-channel vulnerabilities in modern Apple processors, specifically regarding the FLOP and SLAP attacks. These flaws exploit speculative execution mechanisms to leak sensitive…