Natalia Tlyapova and Ivan Kurnakov, specialists from Positive Technologies' ICS Security Division, have identified vulnerabilities in a component of the distributed control system (DCS) by the Japanese firm Yokogawa. This DCS is used by over 10 thousand enterprises in the oil and gas, chemical, and energy sectors, as well as by water services and firms across other industries.
Positive Technologies researchers Georgy Kiguradze and Mark Ermolov have discovered a dangerous web vulnerability in the Dell EMC iDRAC remote access controller. An attacker can exploit this vulnerability to obtain full control of server operation by turning it on or off, as well as changing settings such as for cooling and power. Dell EMC has released updated firmware and urges users to install it as soon as possible.
Positive Technologies expert Mikhail Klyuchnikov has uncovered a dangerous vulnerability in the Cisco ASA firewall. With it, an unauthenticated remote attacker could access files relating to the device's web interface, potentially causing disclosure of sensitive information. Cisco has published a software update and recommends installing it as soon as possible.
Positive Technologies experts have analyzed cyberattacks in Q1 2020 and found that the number of attacks increased by nearly a quarter compared to Q4 2019. Of these, about 13 percent of all phishing attacks were related to COVID-19. The experts also found more ransomware operators demanding ransom in exchange for not disclosing stolen data.
Positive Technologies expert Mikhail Klyuchnikov has discovered a vulnerability in the configuration interface of the BIG-IP application delivery controller (ADC) used by some of the world's biggest companies. Attackers can run commands as an unauthorized user and completely compromise a system, including interception of controller application traffic. The vulnerability can be exploited remotely.
A vulnerability in IBM Maximo Asset Management software discovered by Positive Technologies experts Arseny Sharoglazov and Andrey Medov enables attackers to breach internal enterprise networks more easily. Large companies use IBM's computerized maintenance management system (CMMS) to run maintenance and repairs in asset-intensive industries including pharmaceuticals, oil and gas, auto manufacturing, aerospace, railways, airports, utilities, and nuclear power plants.
Positive Technologies has released its latest report, Vulnerabilities and Threats in Mobile Banking. Experts analyzed mobile banking applications and found half of mobile banks are vulnerable to fraud and theft of funds, with the server side accounting for more than half of all detected vulnerabilities.
Positive Technologies experts have analysed illegal marketplaces on the dark web and found a flood of interest in accessing corporate networks. In Q1 2020, the number of postings advertising access to these networks increased by 69 percent compared to the previous quarter. This may pose a significant risk to corporate infrastructure, especially now that many employees are working remotely.
Currently, over 220,000 Internet-accessible devices are vulnerable to attacks within seconds; Hackers can disable VPN connections or intercept user identifiers to access a company's internal network
Positive Technologies experts have analysed the 2019 cybersecurity threat landscape. The analysis shows that the percentage of targeted attacks is much greater than that of mass attacks, and that the top target sectors were government, industry, healthcare, science and education, and finance.
Fill in the form and our specialists will contact you shortly.