ICS Patch Tuesday: Security Advisories Released by Siemens, Schneider, CISA, Others

December 2024 ICS Patch Tuesday brings advisories from CISA, as well as several major industrial automation companies. 

The post ICS Patch Tuesday: Security Advisories Released by Siemens, Schneider, CISA, Others appeared first on SecurityWeek.

SecurityWeek – ​Read More

US Charges, Sanctions Chinese Man Accused of Sophos Firewall Hacking

The US government announced charges, sanctions and a reward for Guan Tianfeng, a Chinese national accused of involvement in Sophos firewall hacks.

The post US Charges, Sanctions Chinese Man Accused of Sophos Firewall Hacking appeared first on SecurityWeek.

SecurityWeek – ​Read More

New DCOM Attack Exploits Windows Installer for Backdoor Access

SUMMARY Cybersecurity researchers at Deep Instinct have uncovered a novel and powerful Distributed Component Object Model (DCOM) based…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Romania’s Electrica Group Responds to Cybersecurity Incident

Romania’s largest electricity provider Electrica Group is currently responding to a cybersecurity incident, according to a company statement released Monday. Teams of specialists are working with national cybersecurity authorities to manage the situation, while the company assures that critical systems remain unaffected. Electrica group provides essential services to over 4 million users and…

Source

TechSplicer – ​Read More

Meta’s Role in Romania’s 2024 Election: A Critical Analysis of Platform Oversight

A thorough investigation published on December 9, 2024, by Check First in collaboration with Reset Tech and EU DisinfoLab, and lastly with significant contributions from independent journalists Luiza Vasiliu and Victor Ilie, has revealed real concerns about digital platform influence during Romania’s presidential election. Their research note, “Ads, Influence, and Democracy: Meta’s Role in…

Source

TechSplicer – ​Read More

Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability

Microsoft closed out its Patch Tuesday updates for 2024 with fixes for a total of 72 security flaws spanning its software portfolio, including one that it said has been exploited in the wild.
Of the 72 flaws, 17 are rated Critical, 54 are rated Important, and one is rated Moderate in severity. Thirty-one of the vulnerabilities are remote code execution flaws, and 27 of them allow for the

The Hacker News – ​Read More

U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls

The U.S. government on Tuesday unsealed charges against a Chinese national for allegedly breaking into thousands of Sophos firewall devices globally in 2020.
Guan Tianfeng (aka gbigmao and gxiaomao), who is said to have worked at Sichuan Silence Information Technology Company, Limited, has been charged with conspiracy to commit computer fraud and conspiracy to commit wire fraud. Guan has been

The Hacker News – ​Read More

Governments, Telcos Ward Off China’s Hacking Typhoons

Infiltrating other nations’ telecom networks is a cornerstone of China’s geopolitical strategy, and it’s having the unintended consequence of driving the uptake of encrypted communications.

darkreading – ​Read More

Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities

Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code execution.
The list of vulnerabilities is as follows –

CVE-2024-11639 (CVSS score: 10.0) – An authentication bypass vulnerability in the admin web console of Ivanti CSA before 5.0.3 that allows a remote

The Hacker News – ​Read More

The ‘Ghost Gun’ Linked to Luigi Mangione Shows Just How Far 3D-Printed Weapons Have Come

The design of the gun police say they found on the alleged United Healthcare CEO’s killer—the FMDA or “Free Men Don’t Ask”—was released by a libertarian group.

Security Latest – ​Read More