Blogs - Security
CVE / NIST CISA News CISA Blog Cybersecurity Advisories ICS Advisories ICS Medical Advisories 
Packet Storm Security 
The Hacker News 
NIST News
- NIST Awards $15 Million to ASTM International to Establish Standardization Center of Excellence 2024-10-15The new center will support U.S. engagement in international standardization for critical and emerging technologies.Sarah Henderson
- NIST Announces 2024 Baldrige Awards for Performance Excellence 2024-10-10The Baldrige Award was redesigned earlier this year to focus on organizational resilience.Sarah Henderson
- Smart New Laser Technology Can Monitor Greenhouse Gases Faster, More Sensitively 2024-10-09New laser technology, known as free-form dual-comb spectroscopy, quickly measures gases of interest by homing in on the most information-rich parts of a sample.Sarah Henderson
- NIST Awards Up to $1.5 Million to Support Development of Regenerative Medicine Standards Curricula 2024-10-08The awardees will create training programs on the standards, protocols and measurements underpinning the field.Sarah Henderson
- Biden-Harris Administration to Invest up to $100 Million to Accelerate R&D and AI Technologies for Sustainable Semiconductor Materials 2024-10-02Today, the U.S. Department of Commerce issued a Notice of Intent (NOI) to announce an open competition demonstrating how AI can assist in developing new sustainable semiconductor materials and processes that meet industry needs and can be designedJoy Antwi
- U.S. National Science Foundation and Department of Commerce Announce a New $30M Funding Opportunity, Funded by the CHIPS & Science Act, to Prepare Talent for Semiconductor Jobs Nationwide 2024-09-27The Network Coordination Hub for the National Network for Microelectronics Education will establish and operate regional nodes to offer consistent, rigorous, engaging curricula, instructional materials, experiential opportunities, teacherJoy Antwi
- Biden-Harris Administration Launches NSTC Workforce Center of Excellence with Expected $250 Million Investment 2024-09-25Today, the Biden-Harris Administration announced the launch of the National Semiconductor Technology Center’s (NSTC) Workforce Center of Excellence (WCoE), making a decisive step toward solving one of the most pressing challenges facing the U.SJoy Antwi
- Biden-Harris Administration Announces First CHIPS Commercial Fabrication Facilities Award with Polar Semiconductor, Establishing Independent American Foundry 2024-09-24Today, as part of the Biden-Harris Administration’s Investing in America agenda, the U.S. Department of Commerce announced its first award under the CHIPS Incentives Program’s Funding Opportunity for Commercial Fabrication Facilities of up to $123Joy Antwi
- NIST Awards $6 Million to Carnegie Mellon University to Establish an AI Cooperative Research Center 2024-09-24The CMU/NIST AI Measurement Science & Engineering Cooperative Research Center will seek to advance AI risk management practices and evaluation approaches through stakeholder partnerships.Sarah Henderson
- NIST Awards $3 Million for Community-Based Cybersecurity Workforce Development 2024-09-23The grants of roughly $200,000 each will go to organizations that are working to address the nation’s shortage of skilled cybersecurity employees.Sarah Henderson
- NIST Funds Climate Measurements Center of Excellence at the University of Vermont 2024-09-20The agreement includes an award of $2.7 million appropriated by Congress for this purpose.Sarah Henderson
- New Smoke Alarms Are Better at Detecting Fires but Still Beep for Bacon 2024-09-18NIST research in a kitchen fire laboratory shows that updated smoke detectors still produce nuisance alarms during cooking.Sarah Henderson
- NIST Provides Update on Champlain Towers South Investigation 2024-09-12Work continues to determine cause of the 2021 tragedy and to develop science-based recommendations to improve building safety.Sarah Henderson
- NIST’s Long Phan and Marc Levitan Receive Service to America Medal 2024-09-10The award recognizes their efforts to develop standards and building codes to make structures resistant to tornadoes.Sarah Henderson
- Now Live: Living Cells Can Be Seen With Infrared Light 2024-09-09NIST researchers use new method to measure biomolecules in live cells.Sarah Henderson
- New Report Highlights Economic Value of Neutron Science to U.S. Industry 2024-09-05Research using neutron beams provides an economic return far larger than the cost of building and operating neutron facilities, according to an economic impact analysis.Sarah Henderson
- Major Leap for Nuclear Clock Paves Way for Ultraprecise Timekeeping 2024-09-04These clocks could lead to improved timekeeping and navigation, faster internet speeds, and advances in fundamental physics research.Sarah Henderson
- U.S. AI Safety Institute Signs Agreements Regarding AI Safety Research, Testing and Evaluation With Anthropic and OpenAI 2024-08-29GAITHERSBURG, Md. — Today, the U.S. Artificial Intelligence Safety Institute at the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) announced agreements that enable formal collaboration on AI safety researchRobin Materese
- Tiny New Lasers Fill a Long-Standing Gap in the Rainbow of Visible-Light Colors, Opening New Applications 2024-08-28Researchers have created orange, yellow and green lasers tiny enough to fit on a chip.Pamela L Corey
- NIST Releases Second Public Draft of Digital Identity Guidelines for Final Review 2024-08-21The guidance aims to ensure security, privacy and accessibility during the identity-proofing process for people accessing government services.Sarah Henderson
NIST Events
- 19th Annual NICE Conference and Expo 2028-06-05The NICE Conference and Expo will take place June 5-7, 2028. Location to be announced. This event is supported by the National Initiative for Cybersecurity Education (NICE), a program of the National Institute of Standards and Technology in the U.SSusana Barraza
- 18th Annual NICE Conference and Expo 2027-06-07The NICE Conference and Expo will take place June 7-9, 2027. Location to be announced. This event is supported by the National Initiative for Cybersecurity Education (NICE), a program of the National Institute of Standards and Technology in the U.SSusana Barraza
- 17th Annual NICE Conference and Expo 2026-06-01The NICE Conference and Expo will take place June 1-3, 2026. Location to be announced. This event is supported by the National Initiative for Cybersecurity Education (NICE), a program of the National Institute of Standards and Technology in the U.SSusana Barraza
- 72 Volume Metrology Seminar 2025-09-22The 5-day OWM Volume Metrology Seminar is designed to enable metrologists to apply fundamental measurement concepts to volume calibrations. A large percentage of time is spent on hands-on measurements, applying procedures and equations discussed inYvonne A. Branden
- 73 Fundamentals of Metrology 2025-09-15Course Description The 5-day Fundamentals of Metrology seminar is an intensive course that introduces participants to the concepts of measurement systems, units, good laboratory practices, data integrity, measurement uncertainty, measurementYvonne A. Branden
- 75 Contract Review 2025-08-14This two-hour webinar will consider internal auditing techniques and best practices used by a metrology laboratory to comply with ISO/IEC 17025:2017 criteria. Learning Objectives At the end of this session, using your notes and ISO/IEC 17025:2017 orYvonne A. Branden
- 2053 Advanced Mass Seminar 2025-07-28The 9-day, hands-on Advanced Mass calibration seminar focuses on the comprehension and application of the advanced mass dissemination procedures, the equations, and associated calculations. It includes the operation of the laboratory equipmentYvonne A. Branden
- 76 State Laboratory Annual Submission Process 2025-07-10The State Laboratory Annual Submission Process webinar provides guidance on how to successfully submit all required materials to develop a complete and timely Recognition Application according to NIST Handbook (HB) 143, State Weights and MeasuresYvonne A. Branden
- 77 Software Verification and Validation Part I & II 2025-06-26Session I (June 26, 2025) and Session II (July 17, 2025) These two 2-hour sessions on Software Verification and Validation will focus on the use of Microsoft Excel in calibration laboratories and examine the ISO/IEC 17025:2017 requirements related toYvonne A. Branden
- 5x5: The Public Safety Innovation Summit 2025-06-03SAVE THE DATE 5x5 ― the confirmation of a strong and clear signal ― and the place to make your voice heard and drive public safety communications forward. In 2025, the FirstNet Authority and the National Institute of Standards and Technology’s PublicCrissy Robinson
- 16th Annual NICE Conference and Expo 2025-06-02The NICE Conference and Expo will take place June 2-4, 2025. Location to be announced. This event is supported by the National Initiative for Cybersecurity Education (NICE), a program of the National Institute of Standards and Technology in the U.SSusana Barraza
- 78 Combined Regional Measurement Assurance Program (C-RMAP) 2025-06-01NIST Handbook 143, Section 5.2, Table 2 notes that annual attendance at the RMAP training session is required for ongoing laboratory Recognition of State weights and measures metrology staff. Handbook 143, Program Handbook details the criteria usedYvonne A. Branden
- 79 Internal Auditing Best Practices 2025-05-15This 2-hour webinar will consider internal auditing techniques and best practices that are used by a metrology laboratory to comply with ISO/IEC 17025:2017 criteria. Learning Objectives During this webinar, using your notes and ISO/IEC 17025:2017 orYvonne A. Branden
- 80 Fundamentals of Metrology - SIM Participants Only 2025-04-14Course Description The 5-day Fundamentals of Metrology seminar is an intensive course that introduces participants to the concepts of measurement systems, units, good laboratory practices, data integrity, measurement uncertainty, measurementYvonne A. Branden
- 81 Fundamentals of Metrology 2025-04-07Course Description The 5-day Fundamentals of Metrology seminar is an intensive course that introduces participants to the concepts of measurement systems, units, good laboratory practices, data integrity, measurement uncertainty, measurementYvonne A. Branden
- 82 Calibration Certificate Evaluation 2025-04-03This 2-hour webinar will introduce concepts necessary to successfully implement ISO/IEC 17025:2017 compliant calibration certificates within the laboratory and evaluate service provider certificates for compliance. Learning Objectives At the end ofYvonne A. Branden
- International Face and Fingerprint Performance Conference (IFPC) 2025 2025-04-01NIST is pleased to announce the IFPC 2025, which is focused on all technical factors affecting the deployment and use of high performance face recognition applications, including applications, standards, risk management, quality assessmentMei Lee Ngan
- 83 Measurement System Basics: SI & U.S. Customary Units for Regulatory Officials 2025-03-13This 1.5-hour webinar will introduce the measurement systems commonly used in the United States, including the International System of Units (SI) and U.S. Customary systems (e.g., Avoirdupois, Apothecary, and Troy units). This session is ideal forYvonne A. Branden
- 84 Mass Metrology Seminar 2025-03-03Course Description The Mass Metrology Seminar is a two-week, "hands-on" seminar. It incorporates approximately 30 percent lectures and 70 percent demonstrations and laboratory work in which the participant performs measurements by applying proceduresYvonne A. Branden
- 85 Metric System Estimation 2025-02-27The International System of Units (SI), commonly known as the metric system, is easy to use and learn when taught using metric tools. The ability to interpret measurement scales, magnitude, and approximate a quantity are essential Science, TechnologyYvonne A. Branden
CISA Blog
- A Message to Election Officials from CISA Director Jen Easterly 2024-10-15 CISA
- Region 8 Invites You to Secure Our World 2024-10-02 CISA
- CISA Director Jen Easterly Remarks at the Election Center 39th Annual National Conference in Detroit 2024-09-09 CISA
- Learn with Region 8’s Webinar Program 2024-08-23Join us each month for special events and webinars featuring topics crucial to infrastructure security.CISA
- Shaping the legacy of partnership between government and private sector globally: JCDC 2024-08-21 CISA
- SAFECOM and NCSWIC Develop Global Positioning System (GPS) for Public Safety Location Services: Use Cases and Best Practices 2024-08-19 CISA
- Region 10 Team Provides Vital Election Security Training for Idaho 2024-08-15Working with Region 10 cybersecurity, protective security, and election security advisors, the Idaho Secretary of State Office recently spearheaded a comprehensive initiative aimed at bolstering election security readiness through a virtual webinar training series.CISA
- SAFECOM Membership Spotlight ft. Red Grasso, North Carolina Department of Information Technology 2024-08-12 CISA
- SAFECOM Releases New Resource for Cloud Adoption 2024-07-30 CISA
- With Open Source Artificial Intelligence, Don’t Forget the Lessons of Open Source Software 2024-07-29 CISA
CISA Blog
- A Message to Election Officials from CISA Director Jen Easterly 2024-10-15 CISA
- Region 8 Invites You to Secure Our World 2024-10-02 CISA
- CISA Director Jen Easterly Remarks at the Election Center 39th Annual National Conference in Detroit 2024-09-09 CISA
- Learn with Region 8’s Webinar Program 2024-08-23Join us each month for special events and webinars featuring topics crucial to infrastructure security.CISA
- Shaping the legacy of partnership between government and private sector globally: JCDC 2024-08-21 CISA
- SAFECOM and NCSWIC Develop Global Positioning System (GPS) for Public Safety Location Services: Use Cases and Best Practices 2024-08-19 CISA
- Region 10 Team Provides Vital Election Security Training for Idaho 2024-08-15Working with Region 10 cybersecurity, protective security, and election security advisors, the Idaho Secretary of State Office recently spearheaded a comprehensive initiative aimed at bolstering election security readiness through a virtual webinar training series.CISA
- SAFECOM Membership Spotlight ft. Red Grasso, North Carolina Department of Information Technology 2024-08-12 CISA
- SAFECOM Releases New Resource for Cloud Adoption 2024-07-30 CISA
- With Open Source Artificial Intelligence, Don’t Forget the Lessons of Open Source Software 2024-07-29 CISA
ICS Advisories
- Kieback&Peter DDC4000 Series 2024-10-17View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Kieback&Peter Equipment: DDC4000 Series Vulnerabilities: Path Traversal, Insufficiently Protected Credentials, Use of Weak Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated attacker to gain full administrator rights on the system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS […]CISA
- LCDS LAquis SCADA 2024-10-17View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME Equipment: LAquis SCADA Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to steal cookies, inject arbitrary code, or perform unauthorized actions. 3. TECHNICAL DETAILS […]CISA
- HMS Networks EWON FLEXY 202 2024-10-17View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: HMS Networks Equipment: EWON FLEXY 202 Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to sniff and decode credentials that are transmitted using weak encoding techniques. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The […]CISA
- Elvaco M-Bus Metering Gateway CMe3100 2024-10-17View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Elvaco Equipment: M-Bus Metering Gateway CMe3100 Vulnerabilities: Missing Authentication for Critical Function, Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), Insufficiently Protected Credentials. 2. RISK EVALUATION Successful exploitation of these vulnerabilities could […]CISA
- Mitsubishi Electric CNC Series 2024-10-17View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: CNC Series Vulnerability: Improper Validation of Specified Quantity in Input 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to cause a denial-of-service (DoS) condition on the affected device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS […]CISA
- Siemens Siveillance Video Camera 2024-10-15As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION: Exploitable from […]CISA
- Schneider Electric Data Center Expert 2024-10-15View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Data Center Expert Vulnerability: Improper Verification of Cryptographic Signature, Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to access private data. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Schneider Electric […]CISA
- Siemens SINEC Security Monitor 2024-10-10As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.4 ATTENTION: Exploitable remotely/low attack […]CISA
- Siemens Simcenter Nastran 2024-10-10As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION: Low Attack Complexity […]CISA
- Rockwell Automation DataMosaix Private Cloud 2024-10-10View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: DataMosaix Private Cloud Vulnerabilities: Inadequate Encryption Strength, Out-of-bounds Write, Improper Check for Dropped Privileges, Reliance on Insufficiently Trustworthy Component, NULL Pointer Dereference 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause a denial-of-service condition, view user data, […]CISA
- Siemens SIMATIC S7-1500 CPUs 2024-10-10As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack […]CISA
- Siemens SENTRON PAC3200 Devices 2024-10-10As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack […]CISA
- Delta Electronics CNCSoft-G2 2024-10-10View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: low attack complexity Vendor: Delta Electronics Equipment: CNCSoft-G2 Vulnerabilities: Stack-based Buffer Overflow, Out-of-bounds Write, Heap-Based Buffer Overflow, Out-of-bounds Read, Use of Uninitialized Variable 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code remotely. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The […]CISA
- Rockwell Automation DataMosaix Private Cloud 2024-10-10View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: DataMosaix Private Cloud Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization, Incorrect Authorization 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to view user data or create, modify, or delete their […]CISA
- Siemens Questa and ModelSim 2024-10-10As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.4 ATTENTION: Exploitable locally Vendor: […]CISA
- Siemens Sentron Powercenter 1000 2024-10-10As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/low attack […]CISA
- Siemens HiMed Cockpit 2024-10-10As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Low attack complexity […]CISA
- Rockwell Automation Logix Controllers 2024-10-10View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Compact GuardLogix, CompactLogix, ControlLogix, GuardLogix, 1756-EN4TR Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service on the affected products. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following […]CISA
- Siemens RUGGEDCOM APE1808 2024-10-10As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.0 ATTENTION: Exploitable remotely Vendor: […]CISA
- Siemens SIMATIC S7-1500 and S7-1200 CPUs 2024-10-10As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.1 ATTENTION: Exploitable remotely/low attack […]CISA
ICS Medical Advisories
- BPL Medical Technologies PWS-01-BT and BPL Be Well Android Application 2024-09-10View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.1 ATTENTION: Low attack complexity/public exploits are available Vendor: BPL Medical Technologies Equipment: PWS-01-BT, Be Well Android App Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to intercept and modify information as it being processed 3. TECHNICAL DETAILS […]CISA
- Baxter Connex Health Portal 2024-09-05View CSAF 1. EXECUTIVE SUMMARY CVSS v3.1 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Baxter Equipment: Connex Health Portal Vulnerabilities: SQL Injection, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to malicious code injection, shutdown of database service, or the ability to access, modify, or delete sensitive data from the […]CISA
- Philips Vue PACS 2024-07-18View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Philips Equipment: Vue PACS Vulnerabilities: Out-of-bounds Write, Deserialization of Untrusted Data, Uncontrolled Resource Consumption, Improper Privilege Management, Use of Default Credentials, Weak Password Requirements, Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of these vulnerabilities could […]CISA
- MicroDicom DICOM Viewer 2024-06-11View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: MicroDicom Equipment: DICOM Viewer Vulnerabilities: Improper Authorization in Handler for Custom URL Scheme, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to both retrieve and plant medical image files on a victim's system and […]CISA
- Baxter Welch Allyn Connex Spot Monitor 2024-05-30View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.1 ATTENTION: Exploitable remotely Vendor: Baxter Equipment: Welch Allyn Connex Spot Monitor (CSM) Vulnerability: Use of Default Cryptographic Key 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to modify device configuration and firmware data. Tampering with this data could lead to device compromise, resulting […]CISA
- Baxter Welch Allyn Configuration Tool 2024-05-30View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.4 ATTENTION: Exploitable remotely Vendor: Baxter Equipment: Welch Allyn Configuration Tool Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to the unintended exposure of credentials to unauthorized users. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Baxter (formerly Hillrom and Welch Allyn) […]CISA
- Santesoft Sante FFT Imaging 2024-03-05View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Santesoft Equipment: Sante FFT Imaging Vulnerability: Out-of-Bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to execute arbitrary code once a user opens a malicious DCM file on affected FFT Imaging installations. 3. TECHNICAL DETAILS 3.1 […]CISA
- MicroDicom DICOM Viewer 2024-02-29View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: MicroDicom Equipment: DICOM Viewer Vulnerabilities: Heap-based Buffer Overflow, Out-of-Bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause memory corruption issues leading to execution of arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions […]CISA
- Santesoft Sante DICOM Viewer Pro 2024-02-27View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Santesoft Equipment: Sante DICOM Viewer Pro Vulnerability: Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code on affected installations of the product. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following […]CISA
- Orthanc Osimis DICOM Web Viewer 2024-01-23View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Orthanc Equipment: Osimis Web Viewer Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code inside the victim's browser. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Osimis Web […]CISA
- BD FACSChorus 2023-11-28View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Low attack complexity Vendor: Becton, Dickinson and Company (BD) Equipment: FACSChorus Vulnerabilities: Missing Protection Mechanism for Alternate Hardware Interface, Missing Authentication for Critical Function, Improper Authentication, Use of Hard-coded Credentials, Insecure Inherited Permissions, 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker with […]CISA
- Santesoft Sante FFT Imaging 2023-10-11View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Santesoft Equipment: Sante FFT Imaging Vulnerability: Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Santesof products are affected: Sante FFT Imaging: […]CISA
- Santesoft Sante DICOM Viewer Pro 2023-10-11View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Santesoft Equipment: Sante DICOM Viewer Pro Vulnerabilities: Out-of-bounds Write, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose information and execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Santesoft products are […]CISA
- Softneta MedDream PACS 2023-09-051. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Softneta Equipment: MedDream PACS Vulnerabilities: Exposed Dangerous Method or Function, Plaintext Storage of a Password 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to obtain and leak plaintext credentials or remotely execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED […]CISA
- BD Alaris System with Guardrails Suite MX (Update A) 2023-07-13View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Low attack complexity Vendor: Becton, Dickinson and Company (BD) Equipment: Alaris PCU, Guardrails Editor, Systems Manager, Calculation Services, CQI Reporter Vulnerabilities: Insufficient Verification of Data Authenticity, Missing Authentication for Critical Function, Improper Verification of Cryptographic Signature, Missing Support for Integrity Check, Cross-site Scripting, Cleartext Transmission of […]CISA
- Medtronic Paceart Optima System 2023-06-291. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Medtronic Equipment: Paceart Optima System Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could result in remote code execution or a denial-of-service condition impacting a healthcare delivery organization’s Paceart Optima system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The […]CISA
- Illumina Universal Copy Service 2023-04-271. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Illumina Equipment: Universal Copy Service (UCS) Vulnerabilities: Binding to an Unrestricted IP Address, Execution with Unnecessary Privileges 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to take any action at the operating system level. A threat actor could impact settings, configurations, software, or […]CISA
- B. Braun Battery Pack SP with Wi-Fi 2023-04-121. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: B. Braun Melsungen AG Equipment: Battery Pack SP with Wi-Fi Vulnerability: Improper neutralization of directives in dynamically evaluated code ('Eval Injection') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a sophisticated and authenticated attacker to compromise the security of the Space communication device Battery Pack […]CISA
- Medtronic Micro Clinician and InterStim Apps 2023-03-021. EXECUTIVE SUMMARY CVSS v3 6.4 ATTENTION: Low attack complexity Vendor: Medtronic Equipment: Micros Clinician (A51200) app and InterStim X Clinician (A51300) app Vulnerabilities: Unverified Password Change 2. RISK EVALUATION Successful exploitation of this vulnerability could cause the clinician application’s custom password to be reset to default, resulting in unauthorized control of the clinician therapy […]CISA
- BD Alaris Infusion Central (Update A) 2023-02-161. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low attack complexity Vendor: Becton, Dickinson and Company (BD) Equipment: Alaris Infusion Central --------- Begin Update A part 1 of 2 --------- Vulnerability: Storing Passwords in a Recoverable Format --------- End Update A part 1 of 2 --------- 2. UPDATE INFORMATION This updated advisory is a follow-up to […]CISA
Packet Storm
- ABB Cylon Aspect 3.08.01 networkDiagAjax.php Remote Network Utility Execution 2024-10-17ABB Cylon Aspect version 3.08.01 allows an unauthenticated attacker to perform network operations such as ping, traceroute, or nslookup on arbitrary hosts or IPs by sending a crafted GET request to networkDiagAjax.php. This could be exploited to interact with or probe internal or external systems, leading to internal information disclosure and misuse of network resources.
- SofaWiki 3.9.2 Cross Site Scripting 2024-10-17SofaWiki version 3.9.2 suffers from a reflective cross site scripting vulnerability.
- Ubuntu Security Notice USN-7073-1 2024-10-17Ubuntu Security Notice 7073-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
- Red Hat Security Advisory 2024-8180-03 2024-10-17Red Hat Security Advisory 2024-8180-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addressed include code execution, out of bounds read, spoofing, and use-after-free vulnerabilities.
- Red Hat Security Advisory 2024-8179-03 2024-10-17Red Hat Security Advisory 2024-8179-03 - An update for resource-agents is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a code execution vulnerability.
- Red Hat Security Advisory 2024-8129-03 2024-10-17Red Hat Security Advisory 2024-8129-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
- Red Hat Security Advisory 2024-8128-03 2024-10-17Red Hat Security Advisory 2024-8128-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
- SofaWiki 3.9.2 Cross Site Scripting 2024-10-17SofaWiki version 3.9.2 suffers from a persistent cross site scripting vulnerability.
- Red Hat Security Advisory 2024-8127-03 2024-10-17Red Hat Security Advisory 2024-8127-03 - An update for java-21-openjdk is now available for Red Hat Enterprise Linux 8 and Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and integer overflow vulnerabilities.
- SofaWiki 3.9.2 Shell Upload 2024-10-17SofaWiki version 3.9.2 suffers from a remote shell upload vulnerability.
- Red Hat Security Advisory 2024-8126-03 2024-10-17Red Hat Security Advisory 2024-8126-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
- Ubuntu Security Notice USN-7072-1 2024-10-17Ubuntu Security Notice 7072-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
- Red Hat Security Advisory 2024-8125-03 2024-10-17Red Hat Security Advisory 2024-8125-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
- Red Hat Security Advisory 2024-8124-03 2024-10-17Red Hat Security Advisory 2024-8124-03 - An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, Red Hat Enterprise […]
- Ubuntu Security Notice USN-7071-1 2024-10-17Ubuntu Security Notice 7071-1 - A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system.
- Red Hat Security Advisory 2024-8123-03 2024-10-17Red Hat Security Advisory 2024-8123-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
- Red Hat Security Advisory 2024-8122-03 2024-10-17Red Hat Security Advisory 2024-8122-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
- Red Hat Security Advisory 2024-8121-03 2024-10-17Red Hat Security Advisory 2024-8121-03 - An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, […]
- Red Hat Security Advisory 2024-8119-03 2024-10-17Red Hat Security Advisory 2024-8119-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
- Red Hat Security Advisory 2024-8118-03 2024-10-17Red Hat Security Advisory 2024-8118-03 - An update is now available for OpenJDK. Issues addressed include buffer overflow and integer overflow vulnerabilities.
The Hacker News
- Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant 2024-10-17The Russian threat actor known as RomCom has been linked to a new wave of cyber attacks aimed at Ukrainian government agencies and unknown Polish entities since at least late 2023. The intrusions are characterized by the use of a variant of the RomCom RAT dubbed SingleCamper (aka SnipBot or RomCom 5.0), said Cisco Talos, […]
- Researchers Uncover Cicada3301 Ransomware Operations and Its Affiliate Program 2024-10-17Cybersecurity researchers have gleaned additional insights into a nascent ransomware-as-a-service (RaaS) called Cicada3301 after successfully gaining access to the group's affiliate panel on the dark web. Singapore-headquartered Group-IB said it contacted the threat actor behind the Cicada3301 persona on the RAMP cybercrime forum via the Tox messaging service after the latter put out an
- 5 Ways to Reduce SaaS Security Risks 2024-10-17As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams have found themselves contending with an ever-sprawling SaaS attack surface, much of which is often unknown or unmanaged. This greatly increases the risk of identity-based threats, and according to a recent report from CrowdStrike, […]
- SideWinder APT Strikes Middle East and Africa With Stealthy Multi-Stage Attack 2024-10-17An advanced persistent threat (APT) actor with suspected ties to India has sprung forth with a flurry of attacks against high-profile entities and strategic infrastructures in the Middle East and Africa. The activity has been attributed to a group tracked as SideWinder, which is also known as APT-C-17, Baby Elephant, Hardcore Nationalist, Leafperforator, Rattlesnake, Razor […]
- U.S. Charges Two Sudanese Brothers for Record 35,000 DDoS Attacks 2024-10-17Federal prosecutors in the U.S. have charged two Sudanese brothers with running a distributed denial-of-service (DDoS) botnet for hire that conducted a record 35,000 DDoS attacks in a single year, including those that targeted Microsoft's services in June 2023. The attacks, which were facilitated by Anonymous Sudan's "powerful DDoS tool," singled out critical infrastructure, corporate […]
- Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk 2024-10-17A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances. The vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), has been addressed in version 0.1.38. The project maintainers acknowledged Nicolai Rybnikar for discovering and reporting the vulnerability. "A security issue
- Hackers Abuse EDRSilencer Tool to Bypass Security and Hide Malicious Activity 2024-10-16Threat actors are attempting to abuse the open-source EDRSilencer tool as part of efforts to tamper endpoint detection and response (EDR) solutions and hide malicious activity. Trend Micro said it detected "threat actors attempting to integrate EDRSilencer in their attacks, repurposing it as a means of evading detection." EDRSilencer, inspired by the NightHawk FireBlock tool […]
- FIDO Alliance Drafts New Protocol to Simplify Passkey Transfers Across Different Platforms 2024-10-16The FIDO Alliance said it's working to make passkeys and other credentials more easier to export across different providers and improve credential provider interoperability, as more than 12 billion online accounts become accessible with the passwordless sign-in method. To that end, the alliance said it has published a draft for a new set of specifications […]
- From Misuse to Abuse: AI Risks and Attacks 2024-10-16AI from the attacker’s perspective: See how cybercriminals are leveraging AI and exploiting its vulnerabilities to compromise systems, users, and even other AI applications Cybercriminals and AI: The Reality vs. Hype “AI will not replace humans in the near future. But humans who know how to use AI are going to replace those humans who […]
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware 2024-10-16The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT. The vulnerability in question is CVE-2024-38178 (CVSS score: 7.5), a memory corruption bug in the Scripting Engine that could result in remote code execution when […]
- 5 Techniques for Collecting Cyber Threat Intelligence 2024-10-16To defend your organization against cyber threats, you need a clear picture of the current threat landscape. This means constantly expanding your knowledge about new and ongoing threats. There are many techniques analysts can use to collect crucial cyber threat intelligence. Let’s consider five that can greatly improve your threat investigations. Pivoting on С2 IP […]
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack 2024-10-16A new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth (aka Guildma) by making use of obfuscated JavaScript to slip past security guardrails. "The spear-phishing campaign's impact has targeted various industries, with manufacturing companies, retail firms, and government agencies being the most affected," Trend Micro said in a new analysis. […]
- GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access 2024-10-16GitHub has released security updates for Enterprise Server (GHES) to address multiple issues, including a critical bug that could allow unauthorized access to an instance. The vulnerability, tracked as CVE-2024-9487, carries a CVS score of 9.5 out of a maximum of 10.0 "An attacker could bypass SAML single sign-on (SSO) authentication with the optional encrypted […]
- CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability 2024-10-16The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2024-28987 (CVSS score: 9.1), the vulnerability relates to a case of hard-coded credentials that could be abused to gain
- TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns 2024-10-15New variants of an Android banking trojan called TrickMo have been found to harbor previously undocumented features to steal a device's unlock pattern or PIN. "This new addition enables the threat actor to operate on the device even while it is locked," Zimperium security researcher Aazim Yaswant said in an analysis published last week. First […]
- New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT 2024-10-15Cybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver a commodity remote access trojan (RAT) called DarkVision RAT. The activity, observed by Zscaler ThreatLabz in July 2024, involves a multi-stage process to deliver the RAT payload. "DarkVision RAT communicates with its command-and-control (C2) server using a custom […]
- New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists 2024-10-15North Korean threat actors have been observed using a Linux variant of a known malware family called FASTCash to steal funds as part of a financially-motivated campaign. The malware is "installed on payment switches within compromised networks that handle card transactions for the means of facilitating the unauthorized withdrawal of cash from ATMs," a security […]
- The Rise of Zero-Day Vulnerabilities: Why Traditional Security Solutions Fall Short 2024-10-15In recent years, the number and sophistication of zero-day vulnerabilities have surged, posing a critical threat to organizations of all sizes. A zero-day vulnerability is a security flaw in software that is unknown to the vendor and remains unpatched at the time of discovery. Attackers exploit these flaws before any defensive measures can be implemented, […]
- China Accuses U.S. of Fabricating Volt Typhoon to Hide Its Own Hacking Campaigns 2024-10-15China's National Computer Virus Emergency Response Center (CVERC) has doubled down on claims that the threat actor known as Volt Typhoon is a fabrication of the U.S. and its allies. The agency, in collaboration with the National Engineering Laboratory for Computer Virus Prevention Technology, went on to accuse the U.S. federal government, intelligence agencies, and Five […]
- Researchers Uncover Hijack Loader Malware Using Stolen Code-Signing Certificates 2024-10-15Cybersecurity researchers have disclosed a new malware campaign that delivers Hijack Loader artifacts that are signed with legitimate code-signing certificates. French cybersecurity company HarfangLab, which detected the activity at the start of the month, said the attack chains aim to deploy an information stealer known as Lumma. Hijack Loader, also known as DOILoader, IDAT Loader, […]