CISA Releases Eight Industrial Control Systems Advisories

CISA released 8 advisories about Industrial Control Systems (ICS) on January 30, 2024. They give up-to-date information on security issues, vulnerabilities, and exploits related to ICS.

• Alert
• Hot Topic
• International
• Vulnerabilities

16,000+ Fortinet devices compromised with symlink backdoor, Mostly in Asia

By infosecbulletin / Friday , April 18 2025

According to Shadowserver Foundation around 17,000 Fortinet devices worldwide have been compromised using a new technique called "symlink". This number...

Read More

• Alert
• Vulnerabilities

Patch now! Critical Erlang/OTP SSH Vuln Allows UCE

By infosecbulletin / Friday , April 18 2025

A critical security flaw has been found in the Erlang/Open Telecom Platform (OTP) SSH implementation, allowing an attacker to run...

Read More

• Alert
• Vulnerabilities

CISA warns of increasing risk tied to Oracle legacy Cloud leak

By infosecbulletin / Thursday , April 17 2025

On Wednesday, CISA alerted about increased breach risks due to the earlier compromise of legacy Oracle Cloud servers, emphasizing the...

Read More

• Alert
• Vulnerabilities

CVE-2025-20236
Cisco Patches Unauthenticated RCE Flaw in Webex App

By infosecbulletin / Thursday , April 17 2025

Cisco issued a security advisory about a serious vulnerability in its Webex App that allows unauthenticated remote code execution (RCE)...

Read More

• Alert
• Vulnerabilities

Apple released emergency security updates for 2 zero-day vulns

By infosecbulletin / Thursday , April 17 2025

On Wednesday, Apple released urgent operating system updates to address two security vulnerabilities that had already been exploited in highly...

Read More

• Alert
• Vulnerabilities

Oracle Released Patched for 378 flaws for April 2025

By infosecbulletin / Wednesday , April 16 2025

On April 15, 2025, Oracle released a Critical Patch Update for 378 flaws for its products. The patch update covers...

Read More

• Alert
• Vulnerabilities

CVE-2025-24054
Hackers Exploiting NTLM Spoofing Windows Vuln the in Wild

By infosecbulletin / Wednesday , April 16 2025

Check Point Research warns of the active exploitation of a new vulnerability, CVE-2025-24054, which lets hackers leak NTLMv2-SSP hashes using...

Read More

• Cyber Attack
• Ransomware

Bengaluru firm got ransomware attack, Hacker demanded $70,000

By infosecbulletin / Wednesday , April 16 2025

Bengaluru's Whiteboard Technologies Pvt Ltd was hit by a ransomware attack, with hackers demanding a ransom of up to $70,000...

Read More

• Alert
• Hot Topic

MITRE warns: U.S. Govt. Funding for MITRE’s CVE Ends Today

By infosecbulletin / Wednesday , April 16 2025

MITRE Vice President Yosry Barsoum warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness...

Read More

• Hot Topic
• International

PwC exits more than a dozen countries in push to avoid scandals: FT reports

By infosecbulletin / Wednesday , April 16 2025

PwC has ceased operations in more than a dozen countries that its global bosses have deemed too small, risky or...

Read More

ICSA-24-030-01 Emerson Rosemount GC370XA, GC700XA, GC1500XA
ICSA-24-030-02 Mitsubishi Electric FA Engineering Software Products
ICSA-24-030-03 Mitsubishi Electric MELSEC WS Series Ethernet Interface Module
ICSA-24-030-04 Hitron Systems Security Camera DVR
ICSA-24-030-05 Rockwell Automation ControlLogix and GuardLogix
ICSA-24-030-06 Rockwell Automation FactoryTalk Service Platform
ICSA-24-030-07 Rockwell Automation LP30/40/50 and BM40 Operator Interface
ICSA-23-208-03 Mitsubishi Electric CNC Series (Update E)

Review the recently released ICS advisories for technical details and solutions, as recommended by CISA.