Siemens and ICS-CERT published advisories this week to alert users of improper authentication and privilege escalation vulnerabilities affecting some SIMATIC and XHQ products. The SIMATIC communication processor (CP) of the Redundant Network Access (RNA) series, which is designed for connecting S7-400 CPUs to industrial ethernet, is affected by a critical vulnerability that allows a remote, unauthenticated attacker to perform administrative actions on a device.
WikiLeaks published several documents on Thursday detailing a tool allegedly used by the U.S. Central Intelligence Agency (CIA) to hack air-gapped networks through USB drives. Dubbed “Brutal Kangaroo,” it has been described by its developer as a tool suite designed for targeting closed networks. The infected systems will form a covert network, and the attacker will be able to obtain information and execute arbitrary files.
Drupal security updates released on Wednesday address several vulnerabilities, including one that has been exploited in spam campaigns. The flaw exploited in the wild, patched with the release of Drupal versions 7.56 and 8.3.4, is a moderately critical access bypass vulnerability tracked as CVE-2017-6922. The problem is that files uploaded by anonymous users to a private file system can be accessed by all anonymous users, not just the user who uploaded them, as it should be.
Muck Rack makes it simple to find people, tweets, or articles that mention any name, keyword, company, hashtag etc. We've compiled this guide to help you make the most of your search.
Selecting a term
Start searching tweets, articles from media outlets, articles mentioned in tweets, journalists'
names, titles and bios with some suggested searches:
Companies or Topics (e.g. iPhone, Microsoft)
Phrases (e.g. "cloud computing") — use quotes to keep the terms together
Twitter handles (e.g. @username) — returns those who have mentioned or replied to
Names (e.g. "David Pogue")
Hashtags (e.g. #sxsw, #london2012)
Bio details (e.g. vegan, Olympics, father)
Muck Rack's Advanced Search allows for many boolean operators.
Find results that mention multiple specified terms, use AND or
+. For example, ensure each result contains both Elon Musk and Mark Zuckerberg by
searching Obama AND Romney or Obama + Romney.
Use the operators OR or , to broaden your search when you'd like either of
multiple terms to appear in results. (This is the default behavior of our search when no operators
are used.) For example, search for democrat OR republican to find results that refer to
Democrats and/or Republicans.
Use NOT or - to subtract results from your search. For
example, searching Disney will yield results about the Walt Disney Company as well as Walt Disney
World Resort. To exclude mentions of Disney World, search for Disney -World or Disney
When using one of these operators with a phrase, enclose it in quotation marks. For example, you can
find results about smartphones excluding Apple's iPhone 4S by searching smartphone -"iPhone
Exact case matching or punctuation
If you're searching for a brand name or keyword that relies on specific punctuation marks or capitalization, you can
find results that match your exact query by adding matchcase: before the keyword you're searching for, like matchcase:E*TRADE .
Use parentheses to separate multiple
boolean phrases. For example, to find journalists talking about having fun in Disney World or
Disneyland, search for ("disney world" OR disneyland) AND fun.
An asterisk can be used to search for any variation of a root word truncated by the asterisk. For example, searching for admin* will return results for administrator, administration, administer, administered, etc.
A near operator is an AND operator where you can control the distance between the words. You can vary the distance the near operation uses by adding a forward slash and number (between 0-99) such as strawberries NEAR/10 "whipped cream", which means the strawberries must exist within 10 words of "whipped cream".