Similarities between newly patched GE Cimplicity flaws, Sandworm attacks observed | allinfosecnews.com

July 20, 2023, 7:48 p.m. | SC Staff

SC Magazine feed for Strategy www.scmagazine.com

SecurityWeek reports that several recently addressed memory corruption vulnerabilities in the GE Cimplicity human-machine interface and supervisory control and data acquisition system, tracked as CVE-2023-3463, were noted by cybersecurity researcher Michael Heinzl, who discovered the bugs, to be similar to those exploited in attacks by the Russian state-sponsored threat operation Sandworm nearly a decade ago.

acquisition attacks bugs control corruption cve cybersecurity data device security emerging-technology exploited flaws human interface machine memory memory corruption michael reports researcher russian sandworm sponsored state system threat vulnerabilities vulnerability management

More from www.scmagazine.com / SC Magazine feed for Strategy

Smoke and (screen) mirrors: A strange signed backdoor 15 hours ago | www.scmagazine.com

backdoor masquerading network security ops +6

Attackers evade detection by leveraging Microsoft Graph API 16 hours ago | www.scmagazine.com

api api security application security attackers +14

Stronger cybersecurity aimed by Menlo Security, Google Cloud collaboration 21 hours ago | www.scmagazine.com

cloud cloud security collaboration customers +10

US arrests ex-cyber consultant accused of IT firm extortion 21 hours ago | www.scmagazine.com

address arrest arrests bleepingcomputer +21

Accelerated patching found with CISA KEV catalog-listed flaws 21 hours ago | www.scmagazine.com

agency catalog cisa cisa kev +24

Path traversal vulnerability elimination in software sought by feds 21 hours ago | www.scmagazine.com

agency bleepingcomputer cybersecurity devsecops +17

New AI security bill unveiled in Senate 21 hours ago | www.scmagazine.com

act ai act aiml ai security +14

Data breach impacts Airsoft community site 21 hours ago | www.scmagazine.com

breach cloud cloud storage community +19

Details on 2021 Chemonics hack remain scant 21 hours ago | www.scmagazine.com

agency compromised critical-infrastructure-security cyberattack +11

Network Security Administrator

@ Peraton | United States

View on infosec-jobs.com

IT Security Engineer 2

@ Oracle | BENGALURU, KARNATAKA, India

View on infosec-jobs.com

Sr Cybersecurity Forensics Specialist

@ Health Care Service Corporation | Chicago (200 E. Randolph Street)

View on infosec-jobs.com

Security Engineer

@ Apple | Hyderabad, Telangana, India

View on infosec-jobs.com

Cyber GRC & Awareness Lead

@ Origin Energy | Adelaide, SA, AU, 5000

View on infosec-jobs.com

Senior Security Analyst

@ Prenuvo | Vancouver, British Columbia, Canada

View on infosec-jobs.com