Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

Siemens SINEC OS

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v3.1 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM, SCALANCE Vulnerabilities: NULL Pointer Dereference, Use After Free, Unchecked Input for Loop Condition, Out-of-bounds Write, Out-of-bounds Read, Uncontrolled Resource Consumption, Missing Encryption of Sensitive Data, Improper Restriction of Operations within the Bounds of a Memory Buffer, Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'), Deadlock, Improper Resource Locking, Improper Input Validation, Stack-based Buffer Overflow, Use of NullPointerException Catch to Detect NULL Pointer Dereference, I...

us-cert
Open in Source
#vulnerability#web#mac#apple#linux#dos#git#rce#perl#samba#buffer_overflow#auth#rpm#wifi#ssl
Will Secure AI Be the Hottest Career Path in Cybersecurity?

Securing AI systems represents cybersecurity's next frontier, creating specialized career paths as organizations grapple with novel vulnerabilities, regulatory requirements, and cross-functional demands.

Online portal exposed car and personal data, allowed anyone to remotely unlock cars

A carmaker has been found to be open to leaking vehicle data and customer information through their dealership portal.

What Does Palantir Actually Do?

Palantir is often called a data broker, a data miner, or a giant database of personal information. In reality, it’s none of these—but even former employees struggle to explain it.

Chinese Groups Stole 115 Million US Cards in 16-Month Smishing Campaign

A SecAlliance report reveals Chinese smishing syndicates compromised 115M US payment cards by bypassing MFA to exploit Apple Pay and Google Wallet.

Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams

The malicious ad tech purveyor known as VexTrio Viper has been observed developing several malicious apps that have been published on Apple and Google's official app storefronts under the guise of seemingly useful applications. These apps masquerade as VPNs, device "monitoring" apps, RAM cleaners, dating services, and spam blockers, DNS threat intelligence firm Infoblox said in an exhaustive

Weight loss scams, or why ‘Jodie Foster’ wants me to lose weight

Weight loss scams prey on insecurities, and scammers are abusing celebrities and fake news sites to deceive people.

What to Know About Traveling to China for Business

Recent developments and an escalating trade war have made travel to cities like Beijing challenging but by no means impossible.

A week in security (July 28 – August 3)

A list of topics we covered in the week of July 28 to August 3 of 2025

Apple ID scam leads to $27,000 in-person theft of Ohio man

An Ohio man lost $27,000 after an Apple ID scam text hit his phone. The strangest part? It happened at his doorstep.