Hitachi Energy Vulnerabilities Plague SCADA Power Systems
Source: Dark Reading
Hitachi Energy is urging customers of its MicroSCADA X SYS600 product for monitoring and controlling utility power systems to immediately upgrade to a newly released version to mitigate multiple critical and high-severity vulnerabilities.
Employee arrested for locking Windows admins out of 254 servers in extortion plot
Source: Bleeping Computer
A former core infrastructure engineer at an industrial company headquartered in Somerset County, New Jersey, was arrested after locking Windows admins out of 254 servers in a failed extortion plot targeting his employer.
Microsoft Copilot Fixes ASCII Smuggling Vulnerability
Source: Data Breach Today
Microsoft said it fixed a security flaw in artificial intelligence chatbot Copilot that enabled attackers to steal multifactor authentication code using a prompt injection attack.
Iranian Hackers Target US in Ransomware and Espionage Attacks
Source: InfoRisk Today
Iranian government threat actors have launched a series of recent ransomware attacks and cyberespionage campaigns targeting the public and private sectors in the United States and United Arab Emirates, according to new research and a federal advisory published Wednesday.
New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials
Source: The Hacker News
Cybersecurity researchers are calling attention to a new QR code phishing (aka quishing) campaign that leverages Microsoft Sway infrastructure to host fake pages, once again highlighting the abuse of legitimate cloud offerings for malicious purposes.
Comments