Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 4
68 résultats taggé Vulnerabilities  ✕
New Guidance Released for Reducing Memory-Related Vulnerabilities https://www.cisa.gov/news-events/alerts/2025/06/24/new-guidance-released-reducing-memory-related-vulnerabilities
27/06/2025 15:03:33
QRCode
archive.org

This joint guide highlights important considerations for organizations seeking to transition toward more secure software development practices

Today, CISA, in partnership with the National Security Agency (NSA), released a joint guide on reducing memory-related vulnerabilities in modern software development.

Memory safety vulnerabilities pose serious risks to national security and critical infrastructure. Adopting memory safe languages (MSLs) offers the most comprehensive mitigation against this class of vulnerabilities and provides built-in safeguards that enhance security by design.

CISA’s Secure by Design program advocates for integrating proactive security measures throughout the software development lifecycle, with MSLs as a central component. Consistent support for MSLs underscores their benefits for national security and resilience by reducing exploitable flaws before products reach users.

This joint guide outlines key challenges to adopting MSLs, offers practical approaches for overcoming them, and highlights important considerations for organizations seeking to transition toward more secure software development practices. Organizations in academia, U.S. government, and private industry are encouraged to review this guidance and support adoption of MSLs.

In addition to the product published today, CISA and the NSA previously released the joint guide, The Case for Memory Safe Roadmaps. To learn more about memory safety, visit Secure by Design on CISA.gov.

Please share your thoughts with us via our anonymous product survey; we welcome your feedback.

cisa EN 2025 Guidance NSA Memory-Related Vulnerabilities development
OWASP Agentic AI Top 10 Vulnerability Scoring System (AIVSS) & Comprehensive AI Security Framework https://aivss.owasp.org/?_bhlid=1fcd52f30f75311a68b7eb7b5632fcff9cd7c372
26/06/2025 09:16:26
QRCode
archive.org
thumbnail

Developing a rigorous scoring system for Agentic AI Top 10 vulnerabilities, leading to a comprehensive AIVSS framework for all AI systems.

Key Deliverables

  • Agentic AI Top 10 Vulnerability Scoring System:
    • A precise and quantifiable scoring methodology tailored to the unique risks identified in the OWASP Agentic AI Top 10.
    • Clear rubrics and guidelines for assessing the severity and exploitability of these specific vulnerabilities.
  • Comprehensive AIVSS Framework Package:
    • Standardized AIVSS Framework: A scalable framework validated across a diverse range of AI applications, including and extending beyond Agentic AI.
    • AIVSS Framework Guide: Detailed documentation explaining the metrics, scoring methodology, and application of the framework.
    • AIVSS Scoring Calculator: An open-source tool to automate and standardize the vulnerability scoring process.
    • AIVSS Assessment Report Templates: Standardized templates for documenting AI vulnerability assessments.
owasp EN AI proposition scoring AI vulnerabilities framework Agentic
ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Aveva, CISA https://www.securityweek.com/ics-patch-tuesday-vulnerabilities-addressed-by-siemens-schneider-aveva-cisa/
15/06/2025 15:46:49
QRCode
archive.org

Industrial solutions providers Siemens, Schneider Electric and Aveva have released June 2025 Patch Tuesday ICS security advisories.

While most of the vulnerabilities described in the advisories have been patched, only mitigations and workarounds are currently available for some of the flaws.

Siemens published six new advisories this Patch Tuesday. The most important describes CVE-2025-40585, a critical default credentials issue impacting Siemens Energy Services solutions that use the Elspec G5 Digital Fault Recorder (G5DFR).

According to Siemens, this component has default credentials with admin privileges and “a client configuration with remote access could allow an attacker to gain remote control of the G5DFR component and tamper outputs from the device”. Users can mitigate this issue by changing the default credentials from the G5DFR interface.

Critical issues are also described in an advisory for Simatic S7-1500 CPUs. Siemens is working on updates for the product to address dozens of vulnerabilities affecting the GNU/Linux subsystem.

Two advisories cover medium-severity issues in industrial communication devices that use the Sinec OS. The flaws allow an attacker to “perform actions that exceed the permissions of the ‘guest’ role”.

The industrial giant has also informed customers about a Tecnomatix Plant Simulation vulnerability that can lead to arbitrary code execution by tricking a user to open malicious files. The issue was reported by researcher Michael Heinzl, who is often credited by vendors for reporting vulnerabilities whose exploitation involves opening specially crafted files.

Siemens also informed customers about an XSS vulnerability in the Palo Alto Networks virtual firewall present in some Ruggedcom devices. Patches are being prepared by Siemens.

Schneider Electric has published three new advisories this Patch Tuesday. One of them describes XSS and DoS vulnerabilities affecting some Modicon controllers.

Four vulnerabilities have been patched in the EVLink WallBox electric vehicle charging station, including ones that can be exploited for reading or writing arbitrary files, launching XSS attacks, and taking remote control over the charging station.

Schneider has also informed customers about vulnerabilities in the third-party real-time operating system powering Insight Home and Insight Facility products. The products have reached end of life and cannot be updated, but users can implement mitigations to reduce the risk of exploitation.

Aveva has published three new advisories. One of them describes two high-severity DoS vulnerabilities in the PI Data Archive product. The other two advisories cover medium-severity XSS flaws in PI Connector for CygNet and PI Web API.

CISA also published three new advisories on Tuesday. One of them describes high-severity SinoTrack GPS receiver vulnerabilities that can allow an attacker to track vehicles and disconnect power to the fuel pump.

The other advisories describe the impact of a 2022 OpenSSL vulnerability on Hitachi Energy Relion products, and a remote code execution flaw discovered by Heinzl in MicroDicom DICOM Viewer.

ABB published advisories a few days before Patch Tuesday. The company informed customers about a critical EIBPORT vulnerability that leads to information disclosure, as well as flaws in third-party components used by its Welcome IP-Gateway product.

Also on Tuesday, Kaspersky published its ICS threat landscape report for Q1 2025, which shows that the security firm’s products blocked threats on nearly 22% of protected ICS devices.

The report looks at threat sources, regional trends, and the prevalence of various types of malware.

securityweek EN 2025 Patch-Tuesday Vulnerabilities ICS CVE-2025-40585 Aveva Siemens Schneider
Apple Patches Major Security Flaws in iOS, macOS Platforms https://www.securityweek.com/apple-patches-major-security-flaws-in-ios-macos-platforms/
13/05/2025 23:23:42
QRCode
archive.org

Apple rolls out iOS and macOS platform updates to fix serious security bugs that could be triggered simply by opening an image or video file.

Apple on Monday pushed out patches for security vulnerabilities across the macOS, iPhone and iPad software stack, warning that code-execution bugs that could be triggered simply by opening a rigged image, video or website.

The new iOS 18.5 update, rolled out alongside patches for iPadOS, covers critical bugs in AppleJPEG and CoreMedia with a major warning from Cupertino that attackers could craft malicious media files to run arbitrary code with the privileges of the targeted app.

The company also documented serious file-parsing vulnerabilities patched in CoreAudio, CoreGraphics, and ImageIO, each capable of crashing apps or leaking data if booby-trapped content is opened.

The iOS 18.5 update also provides cover for at least 9 documented WebKit flaws, some serious enough to lead to exploits that allow a hostile website to execute code or crash the Safari browser engine.

The company also patched a serious ‘mute-button’ flaw in FaceTime that exposes the audio conversation even after muting the microphone.

Beneath the interface, Apple said iOS 18.5 hardens the kernel against two memory-corruption issues and cleans up a libexpat flaw (CVE-2024-8176) that affects a broad range of software projects.

Other notable fixes include an issue in Baseband (CVE-2025-31214) that allows attackers in a privileged network position to intercept traffic on the new iPhone 16e line; a privilege escalation bug in mDNSResponder (CVE-2025-31222); an issue in Notes that expose data from a locked iPhone screen; and security gaps in FrontBoard, iCloud Document Sharing, and Mail Addressing.

securityweek EN 2025 Apple macos ios update file-parsing vulnerabilities
Security Researchers Warn a Widely Used Open Source Tool Poses a 'Persistent' Risk to the US https://www.wired.com/story/easyjson-open-source-vk-ties/
05/05/2025 20:48:26
QRCode
archive.org
thumbnail

The open source software easyjson is used by the US government and American companies. But its ties to Russia’s VK, whose CEO has been sanctioned, have researchers sounding the alarm.
Security researchers warn that a popular open source tool maintained by Russian developers could pose significant risks to US national security.

Key Points:

  • The open source tool easyjson is linked to VK Group, a company run by a sanctioned Russian executive.

  • easyjson is widely used in the US across various critical sectors including defense, finance, and healthcare.

  • Concerns are heightened due to the potential for data theft and cyberattacks stemming from this software.

*Recent findings from cybersecurity researchers at Hunted Labs indicate that easyjson, a code serialization tool for the Go programming language, is at the center of a national security alert. This tool, which has been integrated into multiple sectors such as the US Department of Defense, is maintained by a group of Russian developers linked to VK Group, led by Vladimir Kiriyenko. While the complete codebase appears secure, the geopolitical context surrounding its management raises substantial concerns about the potential risks involved.

The significance of easyjson cannot be overstated, as it serves as a foundational element within the cloud-native ecosystem, critical for operations across various platforms. With connections to a sanctioned CEO and the broader backdrop of Russian state-backed cyberattacks, the fear is that easyjson could be manipulated to conduct espionage or potentially compromise critical infrastructures. Such capabilities underscore the pressing need for independent evaluations and potential reevaluations of software supply chains, particularly when foreign entities are involved.

wired EN 2025 russia US easyjson national-security vulnerabilities open-source hacking
macOS Vulnerabilities: A Year of Security Research at Kandji https://www.kandji.io/blog/vulnerabilities-year-review
05/05/2025 09:14:33
QRCode
archive.org
thumbnail

Kandji researchers uncovered and disclosed key macOS vulnerabilities over the past year. Learn how we protect customers through detection and patching.
When we discover weaknesses before attackers do, everyone wins. History has shown that vulnerabilities like Gatekeeper bypass and TCC bypass zero-days don't remain theoretical for long—both of these recent vulnerabilities were exploited in the wild by macOS malware. By investing heavily in new security research, we're helping strengthen macOS for everyone.

Once reported to Apple, the fix for these vulnerabilities is not always obvious. Depending on the complexity, it can take a few months to over a year, especially if it requires major architectural changes to the operating system. Apple’s vulnerability disclosure program has been responsive and effective.

Of course, we don't just report issues and walk away. We ensure our products can detect these vulnerabilities and protect our customers from potential exploitation while waiting for official patches.

kandji EN 2025 macOS Vulnerabilities research
2025 Q1 Trends in Vulnerability Exploitation | Blog | VulnCheck https://vulncheck.com/blog/exploitation-trends-q1-2025
27/04/2025 11:55:01
QRCode
archive.org
thumbnail

In Q1 2025, VulnCheck identified evidence of 159 CVEs publicly disclosed for the first time as exploited in the wild.

In Q1 2025, VulnCheck identified evidence of 159 CVEs publicly disclosed for the first time as exploited in the wild. The disclosure of known exploited vulnerabilities was from 50 different sources. We continue to see vulnerabilities being exploited at a fast pace with 28.3% of vulnerabilities being exploited within 1-day of their CVE disclosure. This trend continues from a similar pace we saw in 2024. This demonstrates the need for defenders to move fast on emerging threats while continuing to burn down their vulnerability debt.

Here are the key take-aways from our analysis and coverage of known exploited vulnerabilities:

  • 159 KEVs were publicly disclosed in Q1-2025
  • 28.3% of KEVs had exploitation evidence disclosed in < 1-day of a CVE being published
  • 25.8% of KEVs are still awaiting or undergoing analysis by NIST NVD
  • 3.1% of KEVs have been assigned the new "Deferred" status by NIST NVD
  • 2 KEVs reported publicly have reserved but unpublished CVEs
  • 1 KEV reported is now rejected
vulncheck EN 2025 rapport vulnerabilities CVE Statistics KEV
Is Ivanti the problem or a symptom of a systemic issue with network devices? https://cyberscoop.com/ivanti-exploited-vulnerabilities-network-edge-devices-kev-list/
20/04/2025 12:41:11
QRCode
archive.org
thumbnail

Exploited vulnerabilities have turned up in Ivanti products 16 times since 2024. That’s more than any other vendor in the network edge device space.

cyberscoop EN 2025 vulnerabilities Ivanti problem network
Analysis of Threat Actor Activity https://www.fortinet.com/blog/psirt-blogs/analysis-of-threat-actor-activity
13/04/2025 12:50:41
QRCode
archive.org

Fortinet diligently balances our commitment to the security of our customers and our culture of responsible transparency and commits to sharing information with that goal in mind. While efforts by threat actors to exploit known vulnerabilities are not new, recent Fortinet investigations have discovered a post exploitation technique used by a threat actor. This blog offers analysis of that finding to help our customers make informed decisions.

fortinet EN 2025 EN CVE-2022-42475 exploit vulnerabilities CVE-2023-27997 CVE-2024-21762
IngressNightmare | Critical Unauthenticated RCE Vulnerabilities in Kubernetes Ingress NGINX https://www.sentinelone.com/blog/ingressnightmare-critical-unauthenticated-rce-vulnerabilities-in-kubernetes-ingress-nginx/?mkt_tok=MzI3LU1OTS0wODcAAAGZoSqCgJKW8GZrBlMYPeWfury7MVslnp5B4LAsxkQ_lfeW4FYUibpoiQPkuEZi9F9G7G8U_gruF2jLoiVTDCdKDqL26IdIvfIP74OJCs1lLOF4Hlg
07/04/2025 09:55:41
QRCode
archive.org
thumbnail

We share actionable mitigation and detection strategies against IngressNightmare so you can protect against possible exploitation in runtime.

sentinelone EN 2025 IngressNightmare ritical Unauthenticated RCE Kubernetes Vulnerabilities
Apple belatedly fixes exploited flaws in older OSes https://www.theregister.com/2025/04/02/apple_patch_bundle/
02/04/2025 09:06:29
QRCode
archive.org
thumbnail

Apple has delivered a big batch of OS updates, some of which belatedly patch older versions of its operating systems to address exploited-in-the-wild flaws the iGiant earlier fixed in more recent releases.

theregister EN 2025 belatedly older Apple patch iOS vulnerabilities CVE-2025-24200
Resurgence of In-The-Wild Activity Targeting Critical ServiceNow Vulnerabilities https://www.greynoise.io/blog/in-the-wild-activity-targeting-critical-servicenow-vulnerabilities
24/03/2025 09:22:41
QRCode
archive.org
thumbnail

GreyNoise has identified a notable resurgence of in-the-wild activity targeting three ServiceNow vulnerabilities CVE-2024-4879 (Critical), CVE-2024-5217 (Critical), and CVE-2024-5178 (Medium). These vulnerabilities reportedly may be chained together for full database access.

greynoise EN 2025 CVE-2024-5178 CVE-2024-4879 database access ServiceNow vulnerabilities
New Ransomware Operator Exploits Fortinet Vulnerability Duo https://www.forescout.com/blog/new-ransomware-operator-exploits-fortinet-vulnerability-duo/
14/03/2025 17:19:23
QRCode
archive.org

Between late January and early March, Forescout Research – Vedere Labs identified a series of intrusions based on two Fortinet vulnerabilities. It began with the exploitation of Fortigate firewall appliances — culminating in the deployment of a newly discovered ransomware strain we have dubbed SuperBlack.

forescout EN 2025 Fortinet vulnerabilities SuperBlack ransomware
U.S. Government Disclosed 39 Zero-Day Vulnerabilities in 2023, Per First-Ever Report https://www.zetter-zeroday.com/u-s-government-disclosed-39-zero-day-vulnerabilities-in-2023-per-first-ever-report/
07/02/2025 13:40:31
QRCode
archive.org
thumbnail

In a first-of-its-kind report, the US government has revealed that it disclosed 39 zero-day software vulnerabilities to vendors or the public in 2023 for the purpose of getting the vulnerabilities patched or mitigated, as opposed to retaining them to use in hacking operations.

It’s the first time the government has revealed specific numbers about its controversial Vulnerabilities Equities Process (VEP) — the process it uses to adjudicate decisions about whether zero-day vulnerabilities it discovers should be kept secret so law enforcement, intelligence agencies, and the military can exploit them in hacking operations or be disclosed to vendors to fix them. Zero-day vulnerabilities are security holes in software that are unknown to the software maker and are therefore unpatched at the time of discovery, making systems that use the software at risk of being hacked by anyone who discovers the flaw.

zetter-zeroday EN 2025 US zero-day disclose VEP Vulnerabilities Report
Zyxel Telnet Vulnerabilities https://vulncheck.com/blog/zyxel-telnet-vulns
05/02/2025 14:24:01
QRCode
archive.org
thumbnail

VulnCheck and partner GreyNoise discovered Zyxel-related vulnerabilities being targeted in the wild. In this blog, VulnCheck describes the vulnerabilities CVE-2024-40891 and CVE-2025-0890.

vulncheck EN 2025 Zyxel Telnet Vulnerabilities CVE-2024-40891 CVE-2025-0890
Eradicating trivial vulnerabilities, at scale https://www.ncsc.gov.uk/blog-post/eradicating-trivial-vulnerabilities-at-scale?is=e4f6b16c6de31130985364bb824bcb39ef6b2c4e902e4e553f0ec11bdbefc118
03/02/2025 11:12:16
QRCode
archive.org
thumbnail

A new NCSC research paper aims to reduce the presence of ‘unforgivable’ vulnerabilities.

ncsc.gov.uk EN 2025 research unforgivable vulnerabilities
Qualys TRU Uncovers Five Local Privilege Escalation Vulnerabilities in needrestart | Qualys Security Blog https://blog.qualys.com/vulnerabilities-threat-research/2024/11/19/qualys-tru-uncovers-five-local-privilege-escalation-vulnerabilities-in-needrestart
23/11/2024 10:09:11
QRCode
archive.org
thumbnail

The Qualys Threat Research Unit (TRU) has identified five Local Privilege Escalation (LPE) vulnerabilities within the needrestart component, which is installed by default on Ubuntu Server. These vulnerabilities can be exploited by any unprivileged user to gain full root access without requiring user interaction. The identified flaws have been assigned the CVE identifiers CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003, highlighting the need for immediate remediation to protect system integrity.

Our TRU team has successfully developed functional exploits for these vulnerabilities. While we will not disclose our exploits, please be aware that these vulnerabilities are easily exploitable, and other researchers may release working exploits shortly following this coordinated disclosure.

These vulnerabilities have been present since the introduction of interpreter support in needrestart version 0.8, released in April 2014.

qualys EN 2024 TRU LPE vulnerabilities UbuntuServer CVE-2024-48990 CVE-2024-48991 CVE-2024-48992 CVE-2024-10224
2023 Top Routinely Exploited Vulnerabilities | CISA https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-317a
13/11/2024 09:39:18
QRCode
archive.org

In 2023, malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority targets. In 2023, the majority of the most frequently exploited vulnerabilities were initially exploited as a zero-day, which is an increase from 2022, when less than half of the top exploited vulnerabilities were exploited as a zero-day.

Malicious cyber actors continue to have the most success exploiting vulnerabilities within two years after public disclosure of the vulnerability. The utility of these vulnerabilities declines over time as more systems are patched or replaced. Malicious cyber actors find less utility from zero-day exploits when international cybersecurity efforts reduce the lifespan of zero-day vulnerabilities.

cisa EN 2024 zero-day vulnerabilities 2023 Routinely-Exploited
Uncovering Apple Vulnerabilities: The diskarbitrationd and storagekitd Audit Story Part 1 https://www.kandji.io/blog/macos-audit-story-part1
13/11/2024 09:15:02
QRCode
archive.org
thumbnail

Kandji's Threat Research team performed an audit on the macOS diskarbitrationd & storagekitd system daemons, uncovering several (now fixed) vulnerabilities

kandji EN 2024 research macOS diskarbitrationd audit storagekitd vulnerabilities
Zero-Click Flaw Exposes Potentially Millions of Popular Storage Devices to Attack https://www.wired.com/story/synology-zero-click-vulnerability/
01/11/2024 16:06:26
QRCode
archive.org
thumbnail

A vulnerability categorized as “critical” in a photo app installed by default on Synology network-attached storage devices could give attackers the ability to steal data and worse.

wired EN 2024 Synology photos vulnerabilities RCE Pwn2Own critical vulnerability
page 1 / 4
4481 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio