Security News
Belden and its Tripwire and Hirschmann brands announced an extended partnership with Forescout to advance cybersecurity for industrial organizations and critical infrastructure. "Network segmentation will be imperative to meet availability requirements for these real-time, next generation industrial automation networks. Belden and Forescout allow operators to begin segmenting their networks today with existing infrastructure, while also providing a trajectory for additional controls as next generation networks are deployed over time."
Adobe Audition, got a fix for two critical CVEs, both of which allowed arbitrary code execution via an out-of-bounds write. The company also fixed three arbitrary code execution CVEs in Adobe Premiere Rush, a tool for creating videos and sharing them via social media.
Adobe patched three flaws in Premiere Pro, another version of Adobe's video editing software that is more advanced than Adobe Premiere Rush. Adobe Premiere Pro versions 14.2 and earlier are affected; users are urged to update to version 14.3.
Adobe announced on Tuesday that it has patched 18 critical code execution vulnerabilities in its After Effects, Illustrator, Premiere Pro, Premiere Rush, and Audition products. Adobe fixed five critical out-of-bounds write, out-of-bounds read and heap overflow vulnerabilities that can be exploited for arbitrary code execution in the context of the targeted user.
D-Link is urging customers to replace its now obsolete line of DIR-865L Wireless Routers in reaction to a recently discovered critical command-injection bug that leaves users open to a denial-of-service attack. "The vulnerabilities were found in the DIR-865L model of D-Link routers, which are meant for home network use," researchers wrote.
D-Link is urging customers to replace its now obsolete line of DIR-865L Wireless Routers in reaction to a recently discovered critical command-injection bug that leaves users open to a denial-of-service attack. "The vulnerabilities were found in the DIR-865L model of D-Link routers, which are meant for home network use," researchers wrote.
Siemens' LOGO! programmable logic controllers are affected by critical vulnerabilities that can be exploited remotely to launch denial-of-service attacks and modify the device's configuration. According to Siemens, the vulnerabilities impact all versions of its LOGO!8 BM devices, which are designed for basic control tasks.
Over 5,000 global firms rely on Everbridge to keep their people safe and organizations running in anticipation of or amid critical events, whether natural, digital, or manmade. The Everbridge CEM solution provides an integrated, end-to-end approach for managing all phases of a critical event, accelerating the time to identify and resolve threats, and providing a unified, organizational view to facilitate more coordinated action.
IOTech, the Intelligent Edge Software company, announced the general availability of Edge XRT, a new software platform for time-critical and resource-constrained applications at the IoT Edge. Edge XRT greatly simplifies the development of time-critical IoT systems at the Edge and enables application portability, improved supportability and faster time-to-market for new IoT edge applications.
The critical flaws exist in Intel's Active Management Technology, which is used for remote out-of-band management of personal computers. The two critical flaws exist in the IPv6 subsystem of AMT. The flaws could potentially enable an unauthenticated user to gain elevated privileges via network access.