ICYMI: Gerd Pflüger looks at the Purdue Model for industrial networking, investigates an implementation tool, and explains the role of zero trust
https://www.admin-magazine.com/Archive/2025/85/Purdue-Model-for-industrial-networking?utm_source=mam
#PurdueModel #networking #vulnerabilities #tools #ZeroTrust #security #DigitalCeiling

Critical CitrixBleed 2 vulnerability has been under active exploit for weeks - A critical vulnerability allowing hackers to bypass multifac... - https://arstechnica.com/security/2025/07/critical-citrixbleed-2-vulnerability-has-been-under-active-exploit-for-weeks/ #vulnerabilities #citrixbleed #security #hacking #biz⁢ #citrix

ESIM Security

https://security-explorations.com/esim-security.html

From the ADMIN Update newsletter: Learn how the tools used in attack surface management help identify attack surfaces more precisely and respond to changes in risk situations
https://www.admin-magazine.com/Archive/2025/85/ASM-tools-and-strategies-for-threat-management?utm_source=mam
#ASM #tools #vulnerabilities #security #AttackSurface #SaaS

Multiple PHP Vulnerabilities Allow SQL Injection & DoS Attacks – Update Now https://cybersecuritynews.com/multiple-php-vulnerabilities/ #CyberSecurityNews #cybersecuritynews #Vulnerabilities #CyberSecurity #cybersecurity #vulnerability #Dosattack #Php #SQL

DATE: July 03, 2025 at 04:50PM
SOURCE: HEALTHCARE INFO SECURITY

Direct article link at end of text block below.

The #FDA says that #cyber #vulnerabilities - including a hidden #backdoor - involving certain patient monitoring devices made by #China-based #Contec have a patch to fix the issues.
But for some users, applying the patch won't be easy, the FDA warns.
https://t.co/4Xphw2IvXt

Here are any URLs found in the article text:

https://t.co/4Xphw2IvXt

Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"

-------------------------------------------------

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org

Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

-------------------------------------------------

#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

Bluetooth vulnerability in audio devices can be exploited to spy on users https://www.malwarebytes.com/blog/news/2025/07/bluetooth-vulnerability-in-audio-devices-can-be-exploited-to-spy-on-users #Exploitsandvulnerabilities #vulnerabilities #headphones #Bluettoth #earbuds #News

CISA Catalog of Known Exploited Vulnerabilities
Choose your products that to compare to current CVEs. The list is generated from current CVEs. Download them or create a custom GRC plan.
https://blackcatwhitehatsecurity.com/cveProducts.cfm
#CISA #Catalog #Known #Exploited #Vulnerabilities #technology

This AI Is Outranking Humans as a Top Software Bug Hunter
https://www.pcmag.com/news/this-ai-is-outranking-humans-as-a-top-software-bug-hunter
#cybersecurity #AI #software #bughunter #vulnerabilities

Banks in S. Korea, Taiwan, Thailand

The banking sectors across South Korea, Taiwan, Thailand, Hong Kong, and China are bracing for challenging times ahead,…
#Europe #SouthKorea #Economy #outlook #retailnews #retailproblems #retailers #sector #southkorea #vulnerabilities
https://www.europesays.com/2183857/

CISA Catalog of Known Exploited Vulnerabilities
Choose your products that you use to compare to current CVEs. Product list is generated from current CVEs. Download the vulnerabilities or create a custom GRC plan.
https://blackcatwhitehatsecurity.com/cveProducts.cfm
#CISA #Catalog #Known #Exploited #Vulnerabilities #technology

GreyNoise has observed exploit attempts targeting CVE-2023-28771 — an RCE vuln affecting Zyxel devices. Full analysis + malicious IPs

https://www.greynoise.io/blog/exploit-attempts-targeting-zyxel-cve-2023-28771

Call for support issued by @thecvefoundation to secure funding to ensure the sustainability and independence of the CVE Program.
https://www.admin-magazine.com/News/CVE-Foundation-Issues-Call-for-Support?utm_source=mam
#CVE #vulnerabilities #exposure #CNA #Roots #CISA #MITRE #foundation

Slowing the flow of core-dump-related CVEs

https://lwn.net/SubscriberLink/1024160/f18b880c8cd1eef1/

#HackerNews #Slowing #the #flow #of #core-dump-related #CVEs #cybersecurity #CVEs #core-dump #security #vulnerabilities #HackerNews

From the ADMIN Update newsletter: Learn how the tools used in attack surface management help identify attack surfaces more precisely and respond to changes in risk situations.
https://www.admin-magazine.com/Archive/2025/85/ASM-tools-and-strategies-for-threat-management?utm_source=mam
#security #ASM #attack #vulnerabilities #tools #SaaS

Exploiting Vulnerabilities in Cellebrite UFED

https://signal.org/blog/cellebrite-vulnerabilities/

Bypassing GitHub Actions policies in the dumbest way possible

https://blog.yossarian.net/2025/06/11/github-actions-policies-dumb-bypass

(Maybe intentional, maybe unintentional) deceptive advisories 101: https://certvde.com/en/advisories/VDE-2025-052/ .

The actual vulns here are OS command injection issues (CWE-78). The webapp just so happens to be vulnerable to CSRF too, so they use CWE-352, but honestly nobody in their right mind gives a crap about CSRF as a top priority item.

There are multiple ways to exploit the bugs. The score/vector in the advisory is technically correct, but you could also exploit the bug (or series of bugs) as 9.1 (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H) or 9.9 (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H) depending on the privilege required to do the OS command injection. But honestly the 'what privilege required' becomes moot when you search the user manual for default credentials....

Whether the deception is intentional or not, who knows, it is what it is. Attackers are never* gonna use CSRF, but they are absolutely positively going to abuse command injection (even authenticated command injection), especially against devices which has 1) a cellular modem and 2) published default credentials that are incredibly easy to learn.

This is all an example of the fact that CVSS does not score a vulnerability, but rather scores one exploitation method of a vulnerability. There are often multiple ways to interpret 'a vuln'. In this case the advisory probably should have reserved more CVEs anyway: some to cover the CSRF, and others to cover the command injection bugs (the fixes for each are most likely distinct code changes, so worthy of independent CVEs, but I digress).

And sorry for the sales pitch: this is the kind of thing that we manually review all week, every week, and publish details about in our Worldview reports: https://www.dragos.com/dragos-worldview/

Secure Boot just got a wake-up call—hackers are now exploiting a new flaw to slip bootkit malware past our digital bouncer. Ever wonder how secure your system really is?

https://thedefendopsdiaries.com/navigating-the-challenges-of-secure-boot-vulnerabilities/

#secureboot
#cybersecurity
#vulnerabilities
#bootkit
#infosec

Peep show: 40K IoT cameras worldwide stream secrets to anyone with a browser

“Security researchers managed to access the live feeds of 40,000 internet-connected cameras worldwide and they may have only scratched the surface of what’s possible. The US was the most affected region, with around 14,000 of the total feeds streami ...continues

See https://gadgeteer.co.za/peep-show-40k-iot-cameras-worldwide-stream-secrets-to-anyone-with-a-browser/