Gama DUO A.I CyberSecurity Scoring
17/12/2025
Access Monitoring Plan
Access Monitoring Plan
No incidents recorded for Gama DUO in 2026.
No incidents recorded for Gama DUO in 2026.
No incidents recorded for Gama DUO in 2026.
At STRABAG around 86,000 people working on progress at more than 2,400 locations worldwide. Uniqueness and individual strengths characterise both our projects and each of us as individuals. Whether its building construction, civil engineering, road construction, underground engineering, bridge building, tunnelling, construction material production, project development or building management – we are always one step ahead so that we can become the most innovative and sustainable construction technology company in Europe. Diversity, inclusion and equal opportunities are integral to this, who we are as a company and how we work. Together we work as partners to complete projects successfully and grow with new challenges. Together we achieve great things. Let’s progress!
Founded in 1952 by Francis Bouygues, Bouygues is a diversified services group operating in over 80 countries with 200,000 employees all working to make life better every day. Its business activities in construction (Bouygues Construction, Bouygues Immobilier, Colas); energies & services (Equans); media (TF1) and telecoms (Bouygues Telecom) are able to drive growth since they all satisfy constantly changing and essential needs.
Fluor Corporation is a global engineering, procurement and construction company. We work with leaders in the energy, infrastructure, life sciences, advanced technologies, mining and metals industries, as well as government agencies, to build a better world. Since our founding in 1912, we have been building a legacy of innovation. Our nearly 27,000 employees provide professional and technical solutions to deliver safe, well-executed, capital-efficient projects for our global clients. At Fluor, we believe in open communication and value the conversations that are fostered through our social media communities. To learn more about our community standards, please visit: https://www.fluor.com/community-standards Fluor has been notified of fraudulent employment offers being made via email, WhatsApp and other channels to prospective candidates. Learn more: https://www.fluor.com/careers/recruitment-fraud-warning
PCL is a group of independent construction companies that carries out work across Canada, the United States, the Caribbean, and in Australia. These diverse operations in the civil infrastructure, heavy industrial, and buildings markets are supported by a strategic presence in 31 major centers. PCL is 100% employee-owned. Watch us build at www.pcl.com
ALEC Holdings, part of the Investment Corporate of Dubai (ICD), is a leading construction and related businesses group operating in the UAE and KSA. The company builds and provides construction solutions that set industry benchmarks for quality, safety, functionality, and aesthetics. ALEC Holdings offers its clients complete turnkey solutions in construction, MEP, fit-out, marine, oil & gas, modular construction, energy efficiency and solar projects, heavy equipment rental, technology systems, data centers and asset maintenance. With these capabilities, the company successfully serves a diverse range of sectors including airports, retail, hotels & resorts, high-rise buildings, and themed projects.
Hassan Allam Holding is a leading group with a focus on engineering and construction, and investment and development. The Group operates in diverse sectors including infrastructure, energy, water, industrial, logistics, petrochemical, and complex large-scale projects in Egypt and the MENA region. The founders of Hassan Allam Holding commenced operations in 1936, making the oldest construction franchise in the MENA region with a solid reputation, superior technical capabilities, and a diversified portfolio. With a legacy of identifying and investing in attractive infrastructure projects, in the past five years, it has delivered over 70 projects and has a current backlog exceeding USD 5 billion. The Group is named among the Engineering News-Record (ENR) list of the top 250 global contractors. Today, we continue to lead our industry with a large dynamic business, employing more than 50,000 employees in Egypt and the MENA Region.
Bouygues Construction employs 35,600 people around the world, all driven by the greatest and most exciting responsibility of all – building for life. For our customers in more than 50 countries, we deliver much more than projects. We build to create spaces, connections and opportunities. We improve daily life for millions of people by creating structures and buildings that welcome life in all its diversity, serving all our needs: housing, healthcare, education, work, tourism, leisure activities, public services, etc. We are aware that everything we build is here to stay, and our legacy as builders will be with us for generations to come. This is why every day, we look for new solutions in order to design, renovate, and build differently. Our aim is to address the critical imperatives of the environmental transition: we are committed to making construction sustainable and less resource-intensive. We support the development of low-carbon energy production and public transport infrastructures, and we construct and renovate buildings and neighbourhoods using low-carbon materials, optimising the design of our structures and taking account of their lifecycle. Because the men and women of Bouygues Construction are our most precious asset, we ensure that everyone is safe at all times, and that human rights and ethical standards are respected. Finally, we are committed to ensuring that everyone can achieve their full potential in their work by building a career path that reflects the values we hold dear: respect, commitment, pioneering and sharing.
KEC International Limited, the flagship company of RPG Enterprises is a diversified global infrastructure Engineering, Procurement & Construction (EPC) major, with a presence in the verticals of Power Transmission & Distribution, Railways, Civil, Urban Infrastructure, Oil & Gas Pipelines, Solar, Smart Infra and Cables. KEC is a USD 2.4 billion diversified infrastructure EPC major building infrastructure globally. With over seven decades of experience, footprint in 110+ countries and presently executing projects in 30+ countries, KEC has made an indelible mark on the world map. Through constant and consistent re-engineering KEC reinvents itself to retain its leadership position in the areas of quality, technology, capacity and capability. KEC's strengths lie in the areas of Design, Manufacturing, Supply and Construction of Turnkey Projects of Power Transmission lines of voltages up to 1,200 kV, in setting up Sub-stations and power Distribution Networks, Optical Fibre Cable (OPGW) installations, turnkey railway infrastructure, civil infrastructure projects & renewable energy projects. KEC has one of the largest global annual production capacities of 4,22,000 MTs, which includes the production of towers, poles, hardware, structures for railways & solar. The company has 8 factories in India, UAE and the Americas. The Company has over 9,000 employees from 35+ nationalities.
At Kiewit, the projects we deliver make a difference, and we offer opportunities for you to make one, too. Our construction and engineering professionals work on some of the industry’s most complex, challenging and rewarding projects – whether it’s boring tunnels through mountains, turning rivers into energy, or building bridges that connect communities. Kiewit people tackle important projects of every size, in any market. Start your Kiewit adventure today at kiewitjobs.com. Kiewit is one of North America’s largest and most respected construction and engineering organizations. With its roots dating back to 1884, the employee-owned organization operates through a network of subsidiaries in the United States, Canada, and Mexico. Kiewit offers construction and engineering services in a variety of markets including transportation; oil, gas and chemical; power; building; marine; water/wastewater; industrial; and mining. We are an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
Latest updates, reports, and threat intel affecting the global network.
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.22 and 4.0.0-RC1 through 4.17.15, an attacker with only a GitHub account can plant a JavaScript payload in a craftcms/cms issue title. When a Craft admin uses the CraftSupport widget’s "Give feedback" screen and types a search term that returns the poisoned issue, the payload executes in the admin’s control panel session. No control panel account or elevated privileges are required on the attacker’s side. This issue has been fixed in versions 4.17.16 and 5.9.23.
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.21 and 4.0.0-RC1 through 4.17.14, theAssetsController::actionDeleteFolder() only requires the deleteAssets:<volume-uid> permission for the target folder. It never enforces deletePeerAssets:<volume-uid>, even though Assets::deleteFoldersByIds() cascades deletion to every descendant folder and every asset inside, regardless of the uploader's assigned privileges. A low-privilege user who has been granted folder-management rights on a shared volume can therefore destroy assets uploaded by other users (peer assets), bypassing the per-asset peer-permission check that the sibling actionDeleteAsset endpoint correctly applies. This issue has been fixed in versions 4.17.15 and 5.9.22.
Craft CMS is a content management system (CMS). Versions 5.0.0-RC1 through 5.9.20, and 4.0.0-RC1 through 4.17.13 contain an authorization issue in the AssetsController::actionReplaceFile that can delete a source asset without source delete permission by supplying both assetId and sourceAssetId. AssetsController::actionReplaceFile() supports replacing a target asset file using another existing asset as the source. The action loads: assetId -> $assetToReplace and sourceAssetId -> $sourceAsset, then enforces replace permissions using ($assetToReplace ?: $sourceAsset). When both IDs are provided, this expression resolves to the target asset so no permission check is performed against the source asset volume. When both assets are present, Craft copies the source file into the target and then deletes the source asset. There is no deletion check for for the source asset. An authenticated user who can replace files in one volume can delete assets in another volume where they do not have delete permission, as long as they can obtain a sourceAssetId, leading to broken content references and data loss. This issue has been fixed in versions 4.17.14 and 5.9.21.
Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design (e.g. 'issue "letsencrypt.org"' without parameters). On Universal SSL zones, Cloudflare's authoritative DNS serves this auto-managed RRset at query time, superseding any customer-configured CAA records on the zone. When a customer publishes a stricter CAA record using the RFC 8657 accounturi or validationmethods parameters, the Certificate Authority does not observe those parameters when evaluating the served RRset under RFC 8659. As a result, the RFC 8657 account-binding and validation-method-binding protections are not enforced end-to-end on Universal SSL zones. Successful exploitation could result in issuance of a browser-trusted TLS certificate to an attacker, enabling MITM against the affected domain. Exploitation is non-trivial in practice: an attacker would need to hold an ACME account at one of the Certificate Authorities in the served CAA RRset and to simultaneously satisfy domain control validation across the multiple geographically distinct Network Perspectives the CA relies on for Multi-Perspective Issuance Corroboration. Cloudflare prefixes are anycast-announced from hundreds of locations globally, raising the bar against single-vantage-point BGP hijacks. Any resulting misissuance of a browser-trusted certificate is subject to Certificate Transparency logging required by major browsers, and would be visible to CT monitoring. Mitigation: Customers requiring strict RFC 8657 enforcement need to disable Universal SSL on the affected zone. Universal SSL's automatic CAA management and customer-set RFC 8657 accounturi and validationmethods enforcement are mutually exclusive by the nature of the issue, so there is no in-product workaround that preserves both. Certificate Transparency monitoring is recommended for all customers as a general detection control. Credits: David Osipov (ORCID: https://orcid.org/0009-0005-2713-9242), independent researcher
Out of bounds read and write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.