Cybersecurity
The latest Cybersecurity coverage — news, analysis, and updates from the WindowsNews.AI desk.
Schneider Electric Modicon XSS Flaw Exposes Industrial Systems to Cyber Attacks
A newly discovered cross-site scripting (XSS) vulnerability in Schneider Electric's Modicon controllers has raised significant concerns in industrial cybersecurity circles. Designated as...
CISA Warns of Critical Vulnerabilities in Hitachi Energy SDM600 Software: What You Need to Know
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding multiple vulnerabilities in Hitachi Energy's SDM600 software, a widely used solution in industrial...
Siemens Critical Flaw CVE-2024-49775: Patch ICS Devices Now to Block Remote Attacks
A newly discovered critical vulnerability in Siemens industrial control systems (ICS) poses significant risks to operational technology (OT) environments worldwide. CVE-2024-49775, rated with a CVSS...
Delta DTM Soft CWE-502 bug allows remote code execution in industrial systems.
A critical vulnerability in Delta Electronics' DTM Soft has been identified, exposing industrial control systems to potential cyberattacks through CWE-502 deserialization flaws. This security flaw...
CISA advisories flag critical PLC, HMI, and SCADA flaws with CVSS 9.8 exploits
The Cybersecurity and Infrastructure Security Agency (CISA) has released new Industrial Control System (ICS) security advisories, highlighting critical vulnerabilities affecting essential...
Critical Alert: Hitachi Energy RTU500 Series Vulnerability Exposes Industrial Systems to Buffer Overflow Attacks
A newly discovered vulnerability in Hitachi Energy's RTU500 series remote terminal units has raised significant concerns in the industrial control systems (ICS) security community. This critical...
Schneider Electric Accutech Manager Critical Flaw Poses Remote ICS Attack Risk
A newly discovered critical vulnerability in Schneider Electric's Accutech Manager could expose industrial control systems (ICS) to remote attacks. Tracked as CVE-2024-6918, this buffer overflow flaw...
20,000 Azure Accounts Hacked: Cloud Security Urgently Needs MFA Now
In a startling revelation, Microsoft has confirmed that approximately 20,000 Azure accounts were compromised in a recent cyberattack, exposing critical vulnerabilities in cloud security...
Azure Key Vault Access Policy Flaw Exposes Privilege Escalation Risk in Microsoft Cloud
Microsoft Azure Key Vault, the cloud service for safeguarding cryptographic keys and secrets, has been found vulnerable to a critical privilege escalation flaw in its access policy configuration....
Phishing Attack on Microsoft Azure Hits 20,000 Users Via Fake DocuSign PDFs
Overview of the Phishing Campaign In a recent sophisticated phishing campaign, cybercriminals targeted Microsoft Azure environments by distributing malicious DocuSign PDF files. This attack primarily...
Phishing attack via compromised HubSpot targets Azure users
A new wave of sophisticated phishing attacks is targeting Microsoft Azure users through compromised HubSpot accounts, marking a significant escalation in cloud security threats. Cybersecurity...
Critical Security Alert: Exploited Vulnerabilities in Adobe ColdFusion and Windows Kernel
Overview The Cybersecurity and Infrastructure Security Agency (CISA) has recently added two critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, highlighting the immediate...