Security News

Learn about 5 powerful cloud security automations with Blink Ops to simplify security operations like S3 bucket monitoring, subdomain takeover detection and failed EC2 login detection. [...]

Find out how to enhance efficiency using Google Security Operations Webinar In an era of ever-evolving cyber threats, staying ahead of potential security risks is essential.…

In this Help Net Security interview, Raymond Brancato, CEO at Tufin, discusses the considerations organizations must weigh when selecting a next-generation firewall to effectively balance security...

Learn about the top 4 security automation use cases that can streamline your cybersecurity efforts. This guide covers reducing enriching indicators of compromise (IoCs), monitoring external attack...

In this Help Net Security interview, Shane Cox, Director, Cyber Fusion Center at MorganFranklin Consulting, discusses the evolving methodologies and strategies in threat hunting and explains how...

To truly harness the most benefit from AI in application security, security professionals should adopt an application-centric approach that automates change management processes, identifies security risks, and ensures compliance. AI's limitations in application security stem from the need for high-quality data to train AI models and the significant possibility of false positives at scale.

A high-severity security bypass vulnerability has been disclosed in Rockwell Automation ControlLogix 1756 devices that could be exploited to execute common industrial protocol programming and configuration commands. "A vulnerability exists in the affected products that allows a threat actor to bypass the Trusted Slot feature in a ControlLogix controller," the U.S. Cybersecurity and Infrastructure Security Agency said in an advisory.

Shuffle is an open-source automation platform designed by and for security professionals. While security operations are inherently complex, Shuffle simplifies the process.

Microsoft has resolved a known issue caused by the June 2024 KB5039302 preview update, causing update problems when using Windows Update automation scripts on Windows 11 systems. "After installing the June 2024 Windows preview update, released June 25, 2024 and later updates, you might face issues using Windows Update Agent API from your script while searching for Windows updates," Microsoft explained on Friday.

Microsoft has identified two critical vulnerabilities in Rockwell Automation's PanelView Plus, enabling remote, unauthenticated attackers to execute arbitrary code and cause a denial-of-service (DoS). Researcher Yuval Gordon explained that the remote code execution flaw exploits custom classes to upload malicious DLLs, while the DoS vulnerability sends unmanageable crafted buffers, crashing the system.The vulnerabilities, CVE-2023-2071 and CVE-2023-29464, with CVSS scores of 9.8 and 8.2, respectively, involve improper input validation. CVE-2023-2071 affects FactoryTalk View Machine Edition versions 13.0, 12.0, and earlier, allowing remote code execution. CVE-2023-29464 impacts FactoryTalk Linx versions 6.30, 6.20, and earlier, enabling data reading from memory and DoS through oversized packets.