SEARCH
Hardcoded Private Key Leads to Full Control of Some Siemens PLCs
A newly discovered flaw (CVE-2022-38465) in some Siemens S7 PLCs can allow an attacker to extract the hardcoded private key of the controller and gain complete control.
Caffeine: A ‘Readily Accessible’ Phishing-as-a-Service Platform
Researchers said a new phishing-as-a-service platform features an entirely open registration process that makes it easier for cybercriminals to leverage.
Q&A: Juan Andres Guerrero-Saade
Juan Andres Guerrero-Saade, senior director at SentinelLabs, discusses the newly discovered Metador APT group.
Log4j, ProxyLogon Among Top Flaws Exploited by Chinese Threat Groups
The NSA, FBI and CISA revealed the top CVEs exploited since 2020 by Chinese threat actors to gain initial access to sensitive networks.
Researchers Warn of Unpatched, Actively Exploited Zimbra Flaw
Zimbra has published mitigations against the actively exploited flaw (CVE-2022-41352) in Zimbra Collaboration Suite; however, it has yet to issue a fix.