Unpatched Rapid SCADA Vulnerabilities Expose Industrial Organizations to Attacks

Seven vulnerabilities found in Rapid SCADA could be exploited to gain access to sensitive industrial systems, but they remain unpatched.
The post Unpatched Rapid SCADA Vulnerabilities Expose Industrial Organizations to Attacks appeared first on Securit… Continue reading Unpatched Rapid SCADA Vulnerabilities Expose Industrial Organizations to Attacks

Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns

Russian threat group ColdRiver has developed Spica, a malware that enables it to compromise systems and steal information. 
The post Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns appeared first on SecurityWeek.
Continue reading Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns

AI Data Exposed to ‘LeftoverLocals’ Attack via Vulnerable AMD, Apple, Qualcomm GPUs

Researchers show how a new attack named LeftoverLocals, which impacts GPUs from AMD, Apple and Qualcomm, can be used to obtain AI data.
The post AI Data Exposed to ‘LeftoverLocals’ Attack via Vulnerable AMD, Apple, Qualcomm GPUs appeared fi… Continue reading AI Data Exposed to ‘LeftoverLocals’ Attack via Vulnerable AMD, Apple, Qualcomm GPUs

VMware Urges Customers to Patch Critical Aria Automation Vulnerability 

Aria Automation is affected by a critical vulnerability that could be exploited to gain access to remote organizations and workflows.
The post VMware Urges Customers to Patch Critical Aria Automation Vulnerability  appeared first on SecurityWeek.
Continue reading VMware Urges Customers to Patch Critical Aria Automation Vulnerability 

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins

The recently disclosed Ivanti VPN zero-days have been exploited to hack at least 1,700 devices, including government, telecoms, defense, and tech.
The post Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins appeared fir… Continue reading Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins

Juniper Networks Patches Critical Remote Code Execution Flaw in Firewalls, Switches

Juniper Networks patches over 100 vulnerabilities, including a critical flaw that can be exploited for remote code execution against firewalls and switches.
The post Juniper Networks Patches Critical Remote Code Execution Flaw in Firewalls, Switches ap… Continue reading Juniper Networks Patches Critical Remote Code Execution Flaw in Firewalls, Switches