CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
Year: 2023
CISA: Juniper Releases Security Advisory for Juniper Secure Analytics
Juniper Releases Security Advisory for Juniper Secure Analytics Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure...
New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks
A new variant of the Agent Tesla malware has been observed delivered via a lure file with the ZPAQ compression...
US-CERT Vulnerability Summary for the Week of November 13, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocheckpoint -- endpoint_securityLocal attacker can escalate privileges on affected installations of Check...
CureIAM – Clean Accounts Over Permissions In GCP Infra At Scale
Clean up of over permissioned IAM accounts on GCP infra in an automated way CureIAM is an easy-to-use, reliable, and...
Malicious Apps Disguised as Banks and Government Agencies Targeting Indian Android Users
Android smartphone users in India are the target of a new malware campaign that employs social engineering lures to install...
Play Ransomware Goes Commercial – Now Offered as a Service to Cybercriminals
The ransomware strain known as Play is now being offered to other threat actors "as a service," new evidence unearthed...
Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits
The Kinsing threat actors are actively exploiting a critical security flaw in vulnerable Apache ActiveMQ servers to infect Linux systems...
Mustang Panda Hackers Targets Philippines Government Amid South China Sea Tensions
The China-linked Mustang Panda actor has been linked to a cyber attack targeting a Philippines government entity amid rising tensions...
How Multi-Stage Phishing Attacks Exploit QRs, CAPTCHAs, and Steganography
Phishing attacks are steadily becoming more sophisticated, with cybercriminals investing in new ways of deceiving victims into revealing sensitive information...
HackerOne Bug Bounty Disclosure: b-html-injection-in-search-ui-when-selecting-a-circle-with-html-in-the-display-name-b-cx-fa
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'cx75fa'Link to Submitters Profile:https://hackerone.com/b'cx75fa' Report Title:b'HTML injection in search UI when selecting...
HackerOne Bug Bounty Disclosure: b-user-ldap-app-logs-user-passwords-in-the-log-file-on-level-debug-b-alacn
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'alacn1'Link to Submitters Profile:https://hackerone.com/b'alacn1' Report Title:b'user_ldap app logs user passwords in the...
HackerOne Bug Bounty Disclosure: b-delete-external-storage-of-any-user-b-cx-fa
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'cx75fa'Link to Submitters Profile:https://hackerone.com/b'cx75fa' Report Title:b'Delete external storage of any user'Report Link:https://hackerone.com/reports/2212627Date...
HackerOne Bug Bounty Disclosure: b-enabling-birthday-contact-to-any-user-b-nvz
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'nvz'Link to Submitters Profile:https://hackerone.com/b'nvz' Report Title:b'Enabling Birthday Contact to any user'Report Link:https://hackerone.com/reports/2112973Date...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Fourteen Industrial Control Systems Advisories
CISA Releases Fourteen Industrial Control Systems Advisories CISA released fourteen Industrial Control Systems (ICS) advisories on November 16, 2023. These...
CISA: Fortinet Releases Security Updates for FortiClient and FortiGate
Fortinet Releases Security Updates for FortiClient and FortiGate Fortinet has released security advisories addressing vulnerabilities in FortiClient and FortiGate. Cyber...
CISA: CISA, FBI, and MS-ISAC Release Advisory on Rhysida Ransomware
CISA, FBI, and MS-ISAC Release Advisory on Rhysida Ransomware Today, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on November 14, 2023. These...
CISA: Citrix Releases Security Updates for Citrix Hypervisor
Citrix Releases Security Updates for Citrix Hypervisor Citrix has released security updates addressing vulnerabilities in Citrix Hypervisor 8.2 CU1 LTSR....
CISA: CISA Requests Comment on Draft Secure Software Development Attestation Form
CISA Requests Comment on Draft Secure Software Development Attestation Form CISA has opened a 30-day Federal Register notice to receive...
CISA: FBI and CISA Release Advisory on Scattered Spider Group
FBI and CISA Release Advisory on Scattered Spider Group Today, the Federal Bureau of Investigation (FBI) and the Cybersecurity and...
CISA: Juniper Releases Security Advisory for Juniper Secure Analytics
Juniper Releases Security Advisory for Juniper Secure Analytics Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure...
CISA: CISA Releases The Mitigation Guide: Healthcare and Public Health (HPH) Sector
CISA Releases The Mitigation Guide: Healthcare and Public Health (HPH) Sector Today, CISA released the Mitigation Guide: Healthcare and Public...
