A study by Censys found that more than 145,000 Industrial Control Systems (ICS) are exposed online in 175 countries, highlighting a significant security risk. The findings are alarming for the United States, which has over one-third of global exposures (48,000 systems). This shows a pressing need for improved cybersecurity in …

Osaka-based showerhead maker Science Co. is developing a new version of human washing machine based on cutting-edge technology. The company plans to hold an expo in Osaka this April, offering a 15-minute “wash and dry” experience for up to eight people daily, but reservations are required. the company plans to …

Over 2,000 Palo Alto Networks firewalls have been compromised in a widespread attack using two recently patched vulnerabilities (CVE-2024-0012 and CVE-2024-9474), according to Shadowserver Foundation’s internet scanning. Palo Alto Networks security researchers reported on Wednesday that they detected a “limited set of exploitation activity” involving two vulnerabilities in PAN-OS, the …

Renowned cybersecurity researcher Jeremiah Fowler uncovered a non-password-protected database having over 1.1 million records linked to Conduitor Limited (Forces Penpals). This platform provides dating services and social networking for US and UK military personnel and their supporters. Jeremiah Fowler revealed that the publicly accessible database lacked password protection and encryption. …

Trend Micro released a security update for Deep Security 20 Agent Manual Scan Command Injection RCE Vulnerability (CVE-2024-51503) that resolves a manual scan command injection remote code execution (RCE) vulnerability. On 18 November, Trend Micro released the update Severity rating level “High”, CVSS 3.0 score: 8.0. Vulnerability Details: CVE-2024-51503: Security …

Apple released critical updates for its various products including for iOS, iPadOS, macOS, visionOS, and Safari to fix two zero-day vulnerabilities actively being exploited in the wild. The flaws are listed below: CVE-2024-44309 : A vulnerability in cookie handling that could allow a cross-site scripting (XSS) attack when processing harmful …

Maxar Space Systems has verified a major data breach that exposed particular information of current and former workers. The breach in mid-October 2024 raised major cybersecurity concern after a hacker used a Hong Kong IP address to attack the company’s systems immorally. Maxar said, they discovered the breach on ‘October …

A security vulnerability (CVE-2024-52308) in the GitHub Command Line Interface (CLI) could allow remote code execution on users’ devices. With a CVSS score of 8.1, this highlights the need for developers to stay vigilant with software updates and security measures. The vulnerability arises from how the gh CLI handles SSH …

“Sarcoma” ransomware group attacked a well known Bangladeshi insurance company named “Popular life insurance company ltd”. The threat actor keeps an option to release the full data if their demand doesn’t meet up within 5 days. According to the threat actor, approximately 36 GB of data, including attachments and SQL …