[HackerNews] 13 New Flaws in Siemens Nucleus TCP/IP Stack Impact Safety-Critical Equipment

As many as 13 security vulnerabilities have been discovered in the Nucleus TCP/IP stack, a software library now maintained by Siemens and used in three billion operational technology and IoT devices that could allow for remote code execution, denial-of-service (DoS), and information leak.
Collectively called “NUCLEUS:13,” successful attacks abusing the flaws can “result in devices going offline

Source: Read More (The Hacker News)

You might be interested in …

[BleepingComputer] Chinese cyberspies are targeting US, EU orgs with new malware

Chinese threat groups continue to deploy new malware strains on the compromised network of dozens of US and EU organizations after exploiting vulnerable Pulse Secure VPN appliances. […] Source: Read More (BleepingComputer)

Read More

[ThreatPost] Zimbra Server Bugs Could Lead to Email Plundering

All posts, ThreatPost

Two bugs, now patched except in older versions, could be chained to allow attackers to hijack Zimbra server by simply sending a malicious email. Source: Read More (Threatpost)

Read More

[SecurityWeek] How to Improve Red Team Effectiveness using Obfuscation

All posts, Security Week

Setting up an obfuscated network in the cloud gives a red team the flexibility to test security against different cloud vendors read more Source: Read More (SecurityWeek RSS Feed)

Read More