Industrial Gas Analysis Equipment

Researchers Warn of Flaws in Widely Used Industrial Gas Analysis Equipment

Researchers Warn of Flaws in Widely Used Industrial Gas Analysis Equipment î ‚Jun 28, 2024î „NewsroomIndustrial Security / Critical Infrastructure Multiple security flaws have been disclosed in Emerson Rosemount gas chromatographs that could be exploited by malicious actors to obtain sensitive information, induce a denial-of-service (DoS) condition, and even execute arbitrary commands. Read more…

Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities

Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities

Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities Cybersecurity researchers have warned that multiple high-severity security vulnerabilities in WordPress plugins are being actively exploited by threat actors to create rogue administrator accounts for follow-on exploitation. “These vulnerabilities are found in various WordPress plugins and are prone to unauthenticated stored cross-site Read more…

Researchers Warn of Chinese-Aligned Hackers Targeting South China Sea Countries

Researchers Warn of Chinese-Aligned Hackers Targeting South China Sea Countries

Researchers Warn of Chinese-Aligned Hackers Targeting South China Sea Countries Cybersecurity researchers have disclosed details of a previously undocumented threat group called Unfading Sea Haze that’s believed to have been active since 2018. The intrusion singled out high-level organizations in South China Sea countries, particularly military and government targets, Bitdefender said in Read more…

Researchers Uncover Flaws in Python Package for AI Models and PDF.js Used by Firefox

Researchers Uncover Flaws in Python Package for AI Models and PDF.js Used by Firefox

Researchers Uncover Flaws in Python Package for AI Models and PDF.js Used by Firefox A critical security flaw has been disclosed in the llama_cpp_python Python package that could be exploited by threat actors to achieve arbitrary code execution. Tracked as CVE-2024-34359 (CVSS score: 9.7), the flaw has been codenamed Llama Drama by software supply Read more…

Researchers Uncover 'LLMjacking' Scheme Targeting Cloud-Hosted AI Models

Researchers Uncover 'LLMjacking' Scheme Targeting Cloud-Hosted AI Models

Researchers Uncover 'LLMjacking' Scheme Targeting Cloud-Hosted AI Models Cybersecurity researchers have discovered a novel attack that employs stolen cloud credentials to target cloud-hosted large language model (LLM) services with the goal of selling access to other threat actors. The attack technique has been codenamed LLMjacking by the Sysdig Threat Research Team. “Once initial access Read more…

Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike

Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike

Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike Cybersecurity researchers have discovered an ongoing attack campaign that’s leveraging phishing emails to deliver malware called SSLoad. The campaign, codenamed FROZEN#SHADOW by Securonix, also involves the deployment of Cobalt Strike and the ConnectWise ScreenConnect remote desktop software. “SSLoad is designed to stealthily infiltrate systems, gather sensitive Read more…