MG Strategy+ - KasperskyThreat Landscape for Industrial Automation Systems H1 2018 – Kaspersky Lab ICS CERT

MG Strategy+

Cybersecurity Data Services

Join Now-Sign Up
Log In

Threat Landscape for Industrial Automation Systems H1 2018 – Kaspersky Lab ICS CERT

Editor Paper Extracts
Editor Picks Articles
Editor Picks Maps
Editor Picks Reports
MGS+ EPCM Workgroup
MGS+ ICS Workgroup
MGS+ Operational Efficiencies Workgroup
MGS+ Partners
Uncategorized

001 MGS Alerts Advisories

Múltiples vulnerabilidades en productos de Siemens
Fecha de publicación: 18/05/2021 Importancia: Alta Recursos afectados: JT2Go, todas las versiones anteriores a la 13.1.0.2; Teamcenter Visualization, todas las versiones anteriores a la 13.1.0.2. Descripción: ... read more
Múltiples vulnerabilidades en productos de Siemens
Publication date: 05/18/2021 Importance: Alta Affected resources: JT2Go, todas las versiones anteriores a la 13.1.0.2; Teamcenter Visualization, todas las versiones anteriores a la 13.1.0.2. Description: Se ... read more
86.00257
Modified (5)Adware/SMSreg!AndroidAndroid/Hiddad.FW!trAndroid/Jocker.IR!trAndroid/Jocker.KG!trAndroid/Triada.JH!tr ]]> ... read more
UK government considers strengthening security rules for MSPs to address supply chain risks
The UK government’s Department for Digital, Culture, Media and Sport (DCMS) is considering new measures to enhance the security of digital supply chains and third-party IT services. As a ... read more
Microsoft Internet Explorer 6/7/8/9/10 cross site scripting [CVE-2013-3166]
A vulnerability was found in Microsoft Internet Explorer 6/7/8/9/10 (Web Browser). It has been declared as critical. Affected by this vulnerability is some unknown processing. Applying the patch MS13-JUL is ... read more
The Beginning of the End of WPA-2 — Cracking WPA-2 Just Got a Whole Lot Easier
It has been known for a while that WPA-2 (802.11i) has some fundamental security problems, and that these have thus led to the creation of…Continue reading on ASecuritySite: When Bob ... read more
86.00256
Newly Added (1)Android/Agent.CJC!trModified (1)Adware/Agent!Android ]]> ... read more
5 ways hackers hide their tracks
CISOs have an array of ever-improving tools to help spot and stop malicious activity: network monitoring tools, virus scanners, software composition analysis (SCA) tools, digital forensics and incident response ... read more
DDoS attacks: Stronger than ever and increasingly used for extortion
Ransomware has taken center stage in the cybercrime ecosystem, causing over $1 billion in losses last year around the world and earning criminals hundreds of millions of dollars in profits. ... read more
Microsoft Internet Explorer 8/9/10 code injection [CVE-2013-3163]
A vulnerability has been found in Microsoft Internet Explorer 8/9/10 (Web Browser) and classified as critical. This vulnerability affects an unknown part. Applying the patch MS13-JUL is able to eliminate ... read more
Microsoft Internet Explorer up to 8 code injection [CVE-2013-3164]
A vulnerability was found in Microsoft Internet Explorer up to 8 (Web Browser) and classified as critical. This issue affects an unknown code. Applying the patch MS13-JUL is able to ... read more
Microsoft Internet Explorer 7/8/9/10 memory corruption [CVE-2013-3115]
A vulnerability was found in Microsoft Internet Explorer 7/8/9/10 (Web Browser). It has been classified as critical. Affected is an unknown code block. Applying the patch MS13-JUL is able to ... read more
86.00255
Newly Added (1)Android/FakeCop.W!trModified (5)Adware/LeadBolt!AndroidAdware/MobiDash!AndroidAdware/Reflod!AndroidAndroid/Agent.BQC!tr.spyAndroid/Boogr.GSH!tr ]]> ... read more
FBI receives record level of complaints for online scams, investment fraud
Victims are set to lose the most when they fall for romance scams and business email compromise. ... read more
[webapps] Microsoft Exchange 2019 – Unauthenticated Email Download
Microsoft Exchange 2019 - Unauthenticated Email Download ... read more
Introducing MITRE ATT&CK Defender
Rick Gordon of MITRE Engenuity Details New Training, CertificationA recent study showed that even though 82% of cybersecurity professionals are familiar with the MITRE ATT&CK framework, only 8% said they ... read more
Microsoft Internet Explorer 7/8/9/10 code injection [CVE-2013-3162]
A vulnerability, which was classified as critical, was found in Microsoft Internet Explorer 7/8/9/10 (Web Browser). This affects some unknown functionality. Applying the patch MS13-JUL is able to eliminate this ... read more
Microsoft Internet Explorer 6/7/8/9/10 code injection [CVE-2013-3153]
A vulnerability classified as critical was found in Microsoft Internet Explorer 6/7/8/9/10 (Web Browser). Affected by this vulnerability is an unknown function. Applying the patch MS13-JUL is able to eliminate ... read more
Microsoft Internet Explorer 8/9/10 code injection [CVE-2013-3151]
A vulnerability was found in Microsoft Internet Explorer 8/9/10 (Web Browser). It has been rated as critical. This issue affects an unknown code block. Applying the patch MS13-JUL is able ... read more
Microsoft Internet Explorer 9 code injection [CVE-2013-3150]
A vulnerability was found in Microsoft Internet Explorer 9 (Web Browser). It has been declared as critical. This vulnerability affects an unknown code. Applying the patch MS13-JUL is able to ... read more
From RunDLL32 to JavaScript then PowerShell, (Tue, May 18th)
I spotted an interesting script on VT a few days ago and it deserves a quick diary because it uses a nice way to execute JavaScript on the targeted system. ... read more
[webapps] EgavilanMedia PHPCRUD 1.0 – 'First Name' SQL Injection
EgavilanMedia PHPCRUD 1.0 - 'First Name' SQL Injection ... read more
86.00254
Modified (3)Adware/MobiDash!AndroidRiskware/Agent!AndroidRiskware/Application!Android ]]> ... read more
Android stalkerware detection rates surged over 2020
Not only are the apps potentially unethical, but vendors also aren’t interested in fixing core security issues found within them. ... read more
Liferay Portal/DXP Layout Module cross site scripting [CVE-2021-29048]
A vulnerability was found in Liferay Portal and DXP (affected version unknown). It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Layout ... read more
CmsWing 1.3.7 cross site scripting [CVE-2020-24992]
A vulnerability, which was classified as problematic, was found in CmsWing 1.3.7. This affects an unknown functionality. There is no information about possible countermeasures known. It may be suggested to ... read more
Intelbras RF 301K 1.1.2 cross-site request forgery [CVE-2021-32403]
A vulnerability, which was classified as problematic, has been found in Intelbras RF 301K 1.1.2. Affected by this issue is an unknown function. There is no information about possible countermeasures ... read more
Intelbras RF 301K 1.1.2 cross-site request forgery [CVE-2021-32402]
A vulnerability classified as problematic was found in Intelbras RF 301K 1.1.2. Affected by this vulnerability is some unknown processing. There is no information about possible countermeasures known. It may ... read more
SITEL CAP/PRX 5.2.01 Configuration Database information disclosure
A vulnerability was found in SITEL CAP and PRX 5.2.01. It has been rated as problematic. This issue affects an unknown code of the component Configuration Database Handler. There is ... read more
MalwareFox AntiMalware 2.74.0.150 zam64.sys access control
A vulnerability was found in MalwareFox AntiMalware 2.74.0.150 (Anti-Malware Software). It has been rated as critical. Affected by this issue is some unknown functionality in the library zam64.sys. There is ... read more
Liferay Portal/DXP Asset Module cross site scripting [CVE-2021-29051]
A vulnerability was found in Liferay Portal and DXP (the affected version is unknown). It has been declared as problematic. This vulnerability affects an unknown part of the component Asset ... read more
Sophos Intercept X Endpoint/Home on macOS Local Privilege Escalation
A vulnerability was found in Sophos Intercept X Endpoint and Home on macOS (the affected version unknown). It has been classified as problematic. There is no information about possible countermeasures ... read more
Moodle up to 3.5.7/3.6.5/3.7.1 Mustache Template code injection
A vulnerability was found in Moodle up to 3.5.7/3.6.5/3.7.1 (Learning Management Software) and classified as critical. This issue affects some unknown processing of the component Mustache Template Handler. Applying a ... read more
CmsWing 1.3.7 Article Module cross site scripting
A vulnerability has been found in CmsWing 1.3.7 and classified as problematic. This vulnerability affects some unknown functionality of the component Article Module. There is no information about possible countermeasures ... read more
koa-remove-trailing-slashes up to 2.0.1 removeTrailingSlashes redirect
A vulnerability, which was classified as critical, was found in koa-remove-trailing-slashes up to 2.0.1. Affected is the function index.js::removeTrailingSlashes. Upgrading to version 2.0.2 eliminates this vulnerability. ... read more
Ubiquiti UniFi 3.10.13 unquoted search path [CVE-2020-24755]
A vulnerability, which was classified as critical, has been found in Ubiquiti UniFi 3.10.13. This issue affects an unknown code block. There is no information about possible countermeasures known. It ... read more
SITEL CAP/PRX 5.2.01 cleartext transmission [CVE-2021-32456]
A vulnerability classified as problematic has been found in SITEL CAP and PRX 5.2.01. Affected is an unknown code block. There is no information about possible countermeasures known. It may ... read more
emlog 6.0.0 Link cross site scripting
A vulnerability classified as problematic was found in emlog 6.0.0. This vulnerability affects an unknown code of the component Link Handler. There is no information about possible countermeasures known. It ... read more
Exiv2 up to 0.27.3 Metadata line resource consumption
A vulnerability has been found in Exiv2 up to 0.27.3 (Image Processing Software) and classified as problematic. This vulnerability affects an unknown code block of the component Metadata Handler. Upgrading ... read more
SITEL CAP/PRX 5.2.01 HTTP Request resource consumption
A vulnerability classified as problematic has been found in SITEL CAP and PRX 5.2.01. This affects an unknown part of the component HTTP Request Handler. There is no information about ... read more
Woocommerce up to 5.1.x Additional tax classes cross site scripting
A vulnerability was found in Woocommerce up to 5.1.x (E-Commerce Management Software) and classified as problematic. Affected by this issue is an unknown functionality. Upgrading to version 5.2.0 eliminates this ... read more
SITEL CAP/PRX 5.2.01 hard-coded credentials [CVE-2021-32454]
A vulnerability has been found in SITEL CAP and PRX 5.2.01 and classified as critical. Affected by this vulnerability is an unknown function. There is no information about possible countermeasures ... read more
Acyba AcyMailing Parameter redirect
A vulnerability was found in Acyba AcyMailing (version unknown). It has been classified as problematic. Affected is an unknown function of the component Parameter Handler. There is no information about ... read more
Microsoft Windows XP up to XP win32k.sys access control
A vulnerability was found in Microsoft Windows XP up to XP (Operating System). It has been rated as critical. Affected by this issue is an unknown part of the file ... read more
Microsoft Internet Explorer 6/7/8/9/10 code injection [CVE-2013-3148]
A vulnerability has been found in Microsoft Internet Explorer 6/7/8/9/10 (Web Browser) and classified as critical. Affected by this vulnerability is an unknown functionality. Applying the patch MS13-JUL is able ... read more
Microsoft Internet Explorer 7/8 code injection [CVE-2013-3149]
A vulnerability was found in Microsoft Internet Explorer 7/8 (Web Browser) and classified as critical. Affected by this issue is some unknown functionality. Applying the patch MS13-JUL is able to ... read more
Microsoft Internet Explorer 6/7/8/9 code injection [CVE-2013-3147]
A vulnerability, which was classified as critical, was found in Microsoft Internet Explorer 6/7/8/9 (Web Browser). Affected is an unknown function. Applying the patch MS13-JUL is able to eliminate this ... read more
Microsoft Internet Explorer 9 code injection [CVE-2013-3145]
A vulnerability, which was classified as critical, has been found in Microsoft Internet Explorer 9 (Web Browser). This issue affects some unknown processing. Applying the patch MS13-JUL is able to ... read more
Microsoft Internet Explorer 8/9/10 code injection [CVE-2013-3144]
A vulnerability classified as critical was found in Microsoft Internet Explorer 8/9/10 (Web Browser). This vulnerability affects an unknown code block. Applying the patch MS13-JUL is able to eliminate this ... read more
404 SEO Redirection Plugin bis 1.3 auf WordPress Parameter tab Cross Site Scripting
Eine Schwachstelle wurde in 404 SEO Redirection Plugin bis 1.3 auf WordPress (WordPress Plugin) entdeckt. Sie wurde als problematisch eingestuft. Davon betroffen ist unbekannter Code der Komponente Parameter Handler. Es ... read more

MG Strategy+ Industrial Control Systems Group @2019

KAVI MGS iSTRACIN Platform v 02.25 Tuesday, May 18, 2021

Disclaimer |
Terms |
Privacy
About-Services |
Blog-Reports
YouTube
Pinterest
LinkedIn
Twitter
LinkedIn
Twitter
Connect-Contact

Login

Login to integratus systems Exchange Platform Services

Forgot password?

Hello

Your Account Type is
Your Mail Id is
Your Username is

PDF Library Search

Security Briefing Search

Kaspersky Search

Reset Password

Reset Password

You have no permission to access this content