Security News > 2024
Researchers have discovered over two dozen vulnerabilities in "Smart" cordless nutrunners manufactured by Bosch Rexroth that could be exploited to make the devices inoperable or their output unreliable. The device supports a number of communication protocols that are used to integrate it with SCADA systems, PLCs, or other production devices.
The key feature of this technical alliance lies in streamlining the essential data and information of IP addresses provided by the Criminal IP search engine to Tenable Vulnerability Management. Integrating Criminal IP with Tenable Vulnerability Management will equip users with the comprehensive feature of Criminal IP for detecting IP assets.
Users of the Firefox browser for Android have been reporting that they are seeing a blank page when trying to load the main Google Search site. A report of the issue on GitHub confirms that the problem is reproducible on Firefox Mobile 121.0 for Android 13 and additional tests indicate the same behavior on Firfox Nightly 123 and all versions starting v65.
Poorly secured Microsoft SQL (MS SQL) servers are being targeted in the U.S., European Union, and Latin American (LATAM) regions as part of an ongoing financially motivated campaign to gain...
Security researchers have put out an updated decryptor for the Babuk ransomware family, providing a free solution for victims of the Tortilla variant. Cisco Talos said it obtained the Babuk Tortilla decryptor and shared it with Avast, which already hosts the industry's go-to generic Babuk decryptor, now updated to support Tortilla victims.
TL;DR: Protect your computer from common viruses and other forms of malware, including ransomware and rootkits, with the ESET NOD32 Antivirus 2024 Edition, on sale for just $24.99 through January 14. Are your company's computers adequately protected for the new year? If not, then consider upgrading to the ESET NOD32 Antivirus 2024 Edition - offered at a discounted price through January 14.
About Bruce Schneier I am a public-interest technologist, working at the intersection of security, technology, and people. I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.
A blind SQL injection vulnerability in Cacti, a widely-used network monitoring, performance and fault management framework, could lead to information disclosure and potentially remote code execution.Cacti is often used in network operation centers of telecoms and web hosting providers, to collect network performance data and store it in RRDtool, a logging and graphing database and system that, through a web interface, creates graphical representations of the collected data.
Collaboration is a powerful selling point for SaaS applications. Microsoft, Github, Miro, and others promote the collaborative nature of their software applications that allows users to do more....
When organizations get hit by ransomware and pay the crooks to decrypt the encrypted data and delete the stolen data, they can never be entirely sure the criminals will do as they promised. Even if an organization gets its data decrypted, they cannot be sure the stolen data has indeed been wiped and won't subsequently be used or sold.