FBI, CISA, NSA, US and International partners are releasing this joint advisory on the targeting of critical infrastructure by pro-Russia hacktivists. he authoring organizations assess pro-Russia hacktivist groups are conducting less sophisticated, lower impact attacks...
Yesterday, the NJCCIC released an advisory, Increase in Compromised NJ Public Sector Accounts. Common threads observed in these incidents are a lack of or misconfigured Sender Policy Framework, and Domain-based Message Authentication, Reporting, and Conformance records.
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user.
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user.
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated...
Over the last several weeks, the NJCCIC has observed an increase in compromised New Jersey public sector accounts. These accounts are often compromised after a user submits their account credentials to a fraudulent webpage navigated to via a phishing email.
A vulnerability in the React Server Components (RSC) implementation has been discovered that could allow for remote code execution. Specifically, it could allow for unauthenticated remote code execution on affected servers. The issue stems from unsafe...
Since the public release of ChatGPT in November 2022, artificial intelligence (AI) has been integrated into many facets of human society. For critical infrastructure owners and operators, AI can potentially be used to increase efficiency and productivity, enhance decision-making, save costs, etc.
A vulnerability has been discovered SonicOS, which could allow for Denial of Service (DoS). SonicOS is the operating system that runs on SonicWall's network security appliances, such as firewalls. Successful exploitation of this vulnerability could allow a...
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user.
