Vulnerability allows hackers to extract private encryption keys hardcoded in Siemens industrial devices to execute sophisticated attacks or take over whole product lines.
Staff Correspondent at CPO Magazine
Alicia Hope has been a journalist for more than 5 years, reporting on technology, cyber security and data privacy news.
Fortinet warned customers to immediately patch an authentication bypass critical vulnerability in FortiSwitch Manager, FortiGate, and FortiProxy which are being actively exploited in the wild.
Cybercriminals design and test email phishing attacks to bypass Microsoft email defenses with nearly a fifth (18.8%) of phishing messages reaching their targets.
The FBI, CISA, and NSA issued a joint cybersecurity advisory about multiple APT groups that comprised a defense organization and exfiltrated sensitive data over a significant period.
Russian hackers Killnet, notorious for crippling DDoS attacks, claimed responsibility for cyber attacks that shut down multiple state government websites.
Shadow API is the greatest API security risk, with 31% of malicious requests targeting unknown, unmanaged, or unprotected APIs, according to the Cequence API protection report.
Ukraine warns of Russian plans for massive cyber attacks on Ukraine's critical infrastructure to slow down the counteroffensive and those of Kyiv's allies in retaliation for support.
Microsoft Exchange zero-day vulnerabilities affect an estimated 250,000 on-premise servers. The company is aware of attacks involving a single state-sponsored group that compromised less than ten organizations.
15 year-old flaw in a default python module introduces supply chain vulnerability to over 350,000 open source projects and the applications that use them, including SDKs, AI/ML, security, management, and developer tools.
Optus disclosed a cyber attack that compromised the personal data of up to 10 million Australians with a threat actor initially demanding $1 million and several sources suggesting human error as the cause.
