Rockwell Controllogix Ethernet Vulnerabilidade expõe sistemas à execução do código remoto

Por
Rockwell ControlLogix Ethernet Vulnerability Exposes Systems to Remote Code Execution

Uma vulnerabilidade crítica nos módulos Ethernet da Rockwell Automation foi descoberta que poderia permitir que atacantes remotos executem código malicioso em sistemas de controle industrial. A vulnerabilidade, identificada como CVE-2025-7353, afeta múltiplos módulos de comunicação do contrologix e carrega uma pontuação grave de CVSS de 9,8 em 10, indicando o nível mais alto de risco … Ler mais

Colt Technology faces multi-day outage after WarLock ransomware attack

Por
Colt Technology faces multi-day outage after WarLock ransomware attack

Colt Technology faces multi-day outage after WarLock ransomware attack WarLock ransomware hit Colt Telecom, causing outages in hosting, porting, Colt Online, and Voice API since August 12. UK-based Colt Technology Services suffered a cyberattack, reportedly caused by WarLock ransomware, resulting in multi-day outages for hosting, porting, Colt Online, and Voice API services. Colt, officially known … Ler mais

Top 10 Melhor software de gerenciamento de patches para TI Security 2025

Por
Top 10 Best Patch Management Software For IT Security 2025

Na batalha implacável contra as ameaças cibernéticas em 2025, o software não atingido continua sendo uma vulnerabilidade escapar explorada pelos atacantes em todo o mundo. Sistemas operacionais desatualizados, aplicativos repletos de falhas conhecidas e atualizações de segurança ausentes criam um convite aberto para violações de malware, ransomware e dados. Gerenciamento de patches eficazes o processo … Ler mais

OpenAI releases warmer GPT-5 personality, but only for non thinking model

Por
GPT

OpenAI has confirmed it has begun rolling out a new warmer personality for GPT-5, but remember that it won’t be as warm as GPT-4o, which is still available for use under legacy models. In a post on X, OpenAI confirmed users can try GPT-5 warmer personality on the web and mobile apps. The company announced … Ler mais

Google is adding "Projects" feature to Gemini to run research tasks

Por
Picus Red Report 2025

Google’s Gemini is now testing a new feature called “Projects.”This will be similar to OpenAI’s Project Feature for ChatGPT. With Projects, you can add files, documents or your code. Then, you can ask Gemini to reference those files in project conversations. Google describes this as a feature where you “start by adding files to the … Ler mais

U.S. seizes $2.8 million in crypto from Zeppelin ransomware operator

Por
Typosquatted PyPI Packages Used by Threat Actors to Steal Cryptocurrency from Bittensor Wallets

The U.S. Department of Justice (DoJ) announced the seizure of more than$2.8 million in cryptocurrency from suspected ransomware operator Ianis Aleksandrovich Antropenko. Antropenko, indicted in Texas for computer fraud and money laundering, was linked to Zeppelin ransomware, a now-defunct extortion operation that ran between 2019 and 2022. Apart from the digital asset seizure, the authorities … Ler mais

Anthropic: Claude can now end conversations to prevent harmful uses

Por
Picus Blue Report 2025

OpenAI rival Anthropic says Claude has been updated with a rare new feature that allows the AI model to end conversations when it feels it poses harm or is being abused. This only applies toClaude Opus 4 and 4.1, the two most powerful models available via paid plans and API. On the other hand, Claude … Ler mais

Elastic EDR Falha de 0 dias permite que os hackers fugitam a detecção, executem malware e gatilho BSOD

Por
Elastic EDR 0-Day Flaw Lets Hackers Evade Detection, Run Malware, and Trigger BSOD

Ashes Cybersecurity divulgou uma vulnerabilidade grave de dia zero no elástico Detecção e Resposta de terminais (EDR) Software que transforma a ferramenta de segurança em uma arma em relação aos sistemas projetados para proteger. A falha, encontrada no driver do kernel assinado pela Microsoft, “Elastic-EndPoint-Driver.sys”, permite que os atacantes ignorem medidas de segurança, executem código … Ler mais

security-affairs-malware-newsletter-round-58

Por
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 57

you might also like leave a comment newsletter Subscribe to my email list and stay up-to-date! recent articles We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit … Ler mais

ERMAC 3.0 source code leak reveals expanding threat

Por
ERMAC 3.0 source code leak reveals expanding threat

ERMAC 3.0 Source Code Leak Reveals Expanding Threat Hunt.io got ERMAC 3.0’s source code, showing its evolution from Cerberus and Hook, now targeting 700+ banking, shopping, and crypto apps. Hunt.io cybersecurity researchers obtained the full source code of the Android banking trojan ERMAC 3.0, revealing its evolution from Cerberus and Hook (ERMAC 2.0), targeting 700+ … Ler mais