Security News

Microsoft has identified two critical vulnerabilities in Rockwell Automation's PanelView Plus, enabling remote, unauthenticated attackers to execute arbitrary code and cause a denial-of-service (DoS). Researcher Yuval Gordon explained that the remote code execution flaw exploits custom classes to upload malicious DLLs, while the DoS vulnerability sends unmanageable crafted buffers, crashing the system.The vulnerabilities, CVE-2023-2071 and CVE-2023-29464, with CVSS scores of 9.8 and 8.2, respectively, involve improper input validation. CVE-2023-2071 affects FactoryTalk View Machine Edition versions 13.0, 12.0, and earlier, allowing remote code execution. CVE-2023-29464 impacts FactoryTalk Linx versions 6.30, 6.20, and earlier, enabling data reading from memory and DoS through oversized packets.

Considering the increasing importance of cybersecurity, what are the key benefits and challenges of merging network operations with security operations? Network automation can emulate SMEs at scale, making it a better fit for this problem.

In this Help Net Security interview, Michelle Weston, VP of Security & Resiliency at Kyndryl, discusses the key challenges in security operations and how to address them. How can AI and automation enhance the efficiency and accuracy of security operations?

Created by John Tuckner and the team at automation and AI-powered workflow platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security...

Rockwell Automation warned customers to disconnect all industrial control systems not designed for online exposure from the Internet due to increasing malicious activity worldwide.Network defenders should never configure such devices to allow remote connections from systems outside the local network.

WebCopilot is an open-source automation tool that enumerates a target's subdomains and discovers bugs using various free tools. Subdomain enumeration: It leverages tools like Assetfinder, Subfinder, Amass, and httpx to comprehensively discover subdomains.

Digital Certificates are not new. In this Help Net Security video, Andreas Brix, Senior Program Manager at GlobalSign, discusses why they are back in the news and what you should do about it. The...

97% of technology leaders find traditional AIOps models are unable to tackle the data overload, according to Dynatrace. 88% of organizations say the complexity of their technology stack has increased in the past 12 months, and 51% say it will continue to increase.

What role do AI and automation play in cloud communications cybersecurity, and how can these technologies be leveraged to improve security posture? AI and automation are transforming cloud communications cybersecurity by enhancing threat detection, response times and the overall efficacy and efficiency of security operations.

Webinar The complexity facing businesses as they make the necessary transition to cloud-native applications and multi-cloud architectures keeps cloud teams firmly on the frontline when it comes to implementing security policies. The constant risks of misconfiguration and malicious attack demand that already overstretched cloud security practitioners have to find a more effective way of keeping pace with the challenge.