Security News

Shuffle is an open-source automation platform designed by and for security professionals. While security operations are inherently complex, Shuffle simplifies the process.

Microsoft has resolved a known issue caused by the June 2024 KB5039302 preview update, causing update problems when using Windows Update automation scripts on Windows 11 systems. "After installing the June 2024 Windows preview update, released June 25, 2024 and later updates, you might face issues using Windows Update Agent API from your script while searching for Windows updates," Microsoft explained on Friday.

Microsoft has identified two critical vulnerabilities in Rockwell Automation's PanelView Plus, enabling remote, unauthenticated attackers to execute arbitrary code and cause a denial-of-service (DoS). Researcher Yuval Gordon explained that the remote code execution flaw exploits custom classes to upload malicious DLLs, while the DoS vulnerability sends unmanageable crafted buffers, crashing the system.The vulnerabilities, CVE-2023-2071 and CVE-2023-29464, with CVSS scores of 9.8 and 8.2, respectively, involve improper input validation. CVE-2023-2071 affects FactoryTalk View Machine Edition versions 13.0, 12.0, and earlier, allowing remote code execution. CVE-2023-29464 impacts FactoryTalk Linx versions 6.30, 6.20, and earlier, enabling data reading from memory and DoS through oversized packets.

Considering the increasing importance of cybersecurity, what are the key benefits and challenges of merging network operations with security operations? Network automation can emulate SMEs at scale, making it a better fit for this problem.

In this Help Net Security interview, Michelle Weston, VP of Security & Resiliency at Kyndryl, discusses the key challenges in security operations and how to address them. How can AI and automation enhance the efficiency and accuracy of security operations?

Created by John Tuckner and the team at automation and AI-powered workflow platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security...

Rockwell Automation warned customers to disconnect all industrial control systems not designed for online exposure from the Internet due to increasing malicious activity worldwide.Network defenders should never configure such devices to allow remote connections from systems outside the local network.

WebCopilot is an open-source automation tool that enumerates a target's subdomains and discovers bugs using various free tools. Subdomain enumeration: It leverages tools like Assetfinder, Subfinder, Amass, and httpx to comprehensively discover subdomains.

Digital Certificates are not new. In this Help Net Security video, Andreas Brix, Senior Program Manager at GlobalSign, discusses why they are back in the news and what you should do about it. The...

97% of technology leaders find traditional AIOps models are unable to tackle the data overload, according to Dynatrace. 88% of organizations say the complexity of their technology stack has increased in the past 12 months, and 51% say it will continue to increase.