Enterprise Vulnerabilities From DHS/US-CERT’s National Vulnerability Database CVE-2020-7227PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, … CVE-2019-15625PUBLISHED: 2020-01-18 A memory
Cybercriminals are maximizing their opportunity by targeting older vulnerabilities in OT environments. It’s time to fight back.
Cybercriminals innovate when necessary, but like any successful enterprise, they also harvest low-hanging fruit wherever they can find it. Targeting older, vulnerable systems that have not been properly secured is not just an effective attack strategy, it
The latest changes to the Satan ransomware framework demonstrate attackers are changing their operations while targeting victims more carefully. The operators and developers behind a 2-year-old ransomware framework, dubbed Satan, continue to expand the codebase, adding exploits for the Spring Web application framework, the ElasticSearch search engine, and ThinkPHP Web application framework popular in China,