Security News

Newly discovered vulnerabilities in distributed control systems could allow attackers access to systems supporting industrial, energy, chemical and other operations. Security company Armis, in collaboration with operational technology company Honeywell, identified new vulnerabilities in Honeywell Experion distributed control system platforms.

Attackers are exploiting two Adobe ColdFusion vulnerabilities to breach servers and install web shells to enable persistent access and allow remote control of the system, according to Rapid7 researchers. CVE-2023-29298, a critical improper access control flaw that could allow attackers to bypass a security feature CVE-2023-29300, a deserialization of untrusted data that could be exploited for arbitrary code execution CVE-2023-29301, another security feature bypass vulnerability.

Microsoft Word documents exploiting known remote code execution flaws are being used as phishing lures to drop malware called LokiBot on compromised systems. The Word file that weaponizes CVE-2021-40444 contains an external GoFile link embedded within an XML file that leads to the download of an HTML file, which exploits Follina to download a next-stage payload, an injector module written in Visual Basic that decrypts and launches LokiBot.

Rockwell Automation has fixed two vulnerabilities in the communication modules of its ControlLogix industrial programmable logic controllers, ahead of expected in-the-wild exploitation. "An unreleased exploit capability leveraging these vulnerabilities is associated with an unnamed APT group," industrial cybersecurity company Dragos has stated on Wednesday.

The numerical score can be represented as a qualitative severity rating to help organizations properly assess and prioritize their vulnerability management processes and prepare defences against cyber-attacks.CVSS version 1 was released in February 2005, developed then by a small group of pioneers with the aim of industry-wide adoption, with FIRST appointed that April to drive the future development of what would become a critical tool in the sector's arsenal.

SonicWall on Wednesday urged customers of Global Management System firewall management and Analytics network reporting engine software to apply the latest fixes to secure against a set of 15 security flaws that could be exploited by a threat actor to circumvent authentication and access sensitive information. "The suite of vulnerabilities allows an attacker to view data that they are not normally able to retrieve," SonicWall said.

Microsoft on Tuesday released updates to address a total of 130 new security flaws spanning its software, including six zero-day flaws that it said have been actively exploited in the wild. The Windows makers said it's aware of targeted attacks against defense and government entities in Europe and North America that attempt to exploit CVE-2023-36884 by using specially-crafted Microsoft Office document lures related to the Ukrainian World Congress, echoing the latest findings from BlackBerry.

Oxeye has uncovered two critical security vulnerabilities and recommends immediate action to mitigate risk. The vulnerabilities were discovered in Owncast and EaseProbe, two open-source platforms written in Go. Owncast vulnerability.

Google has released its monthly security updates for the Android operating system, addressing 46 new software vulnerabilities.Among these, three vulnerabilities have been identified as actively exploited in targeted attacks.

The U.S. Cybersecurity and Infrastructure Security Agency has added a batch of six flaws to its Known Exploited Vulnerabilities catalog, citing evidence of active exploitation. This comprises three vulnerabilities that Apple patched this week, two flaws in VMware, and one shortcoming impacting Zyxel devices.