CISA Releases Eight Industrial Control Systems Advisories

infosecbulletin Thursday , April 25 2024 International

CISA issued eight advisories about Industrial Control Systems (ICS) on April 25, 2024. The advisories share important information about security issues, vulnerabilities, and exploits related to ICS.

ICSA-24-116-01 Multiple Vulnerabilities in Hitachi Energy RTU500 Series
ICSA-24-116-02 Hitachi Energy MACH SCM
ICSA-24-116-03 Siemens RUGGEDCOM APE1808 Devices Configured with Palo Alto Networks Virtual NGFW
ICSA-24-116-04 Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC
ICSA-23-143-03 Mitsubishi Electric MELSEC Series CPU Module (Update D)
ICSA-23-157-02 Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series (Update A)
ICSA-24-102-09 Rockwell Automation 5015-AENFTXT (Update A)
ICSA-24-067-01 Chirp Systems Chirp Access (Update B)

India releases draft Digital Personal Data Protection Rules

By infosecbulletin / Monday , January 6 2025

On Friday, the Indian government released the draft Digital Personal Data Protection Rules, requiring social media and online platforms to...

India releases draft Digital Personal Data Protection Rules

Microsoft to invest $80 Billion in AI Data Center

By infosecbulletin / Monday , January 6 2025

Microsoft recently shared a vision for the future of American technology and economic competitiveness, highlighting Artificial Intelligence (AI) as central...

Microsoft to invest $80 Billion in AI Data Center

3.3 Million Email Server Expose User Passwords and Messages in Plain Text

By infosecbulletin / Saturday , January 4 2025

Around 3.3 million servers are running POP3/IMAP email services without encryption (TLS) enabled, the Shadowserver Foundation, a nonprofit security organization,...

3.3 Million Email Server Expose User Passwords and Messages in Plain Text

Memory-Dump-UEFI
Researcher dumping memory to bypass BitLocker on Windows 11

By infosecbulletin / Thursday , January 2 2025

Researchers have demonstrated a method to bypass Windows 11’s BitLocker encryption, enabling the extraction of Full Volume Encryption Keys (FVEKs)...

Memory-Dump-UEFI Researcher dumping memory to bypass BitLocker on Windows 11

CVE-2024-49112
PoC Exploit Released for Zero-Click vulnerability in Windows

By infosecbulletin / Thursday , January 2 2025

SafeBreach Labs revealed a zero-click vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) service, dubbed “LDAP Nightmare”. This critical...

CVE-2024-49112 PoC Exploit Released for Zero-Click vulnerability in Windows

Financial Threat Assessment 2024
BCSI marks Bangladeshi 28 banks high, 10 medium for cyber attack

By infosecbulletin / Tuesday , December 31 2024

Bangladesh Cyber Security Intelligence (BCSI) has published Financial Threat Assessment report for 2024. In an era where financial institutions and...

Financial Threat Assessment 2024 BCSI marks Bangladeshi 28 banks high, 10 medium for cyber attack

Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster

By infosecbulletin / Tuesday , December 31 2024

Cybersecurity researchers have uncovered three security weaknesses in Microsoft's Azure Data Factory Apache Airflow integration that, if successfully exploited, could...

Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster

US Treasury says it was hacked by China via third party: Beijing denies

By infosecbulletin / Tuesday , December 31 2024

The US Treasury Department said on Monday that Chinese-linked hackers were able to gain access to ‘unclassified documents’ after compromising...

US Treasury says it was hacked by China via third party: Beijing denies

PoC Exploited Released for Oracle Weblogic Server Vul

By infosecbulletin / Monday , December 30 2024

Security researchers have warned that a Proof-of-Concept (PoC) exploit has been publicly released for a critical vulnerability affecting Oracle WebLogic...