Latest News
Stay up to date with the latest posts and updates
Alerts
-
Threat Actors Exploiting Ivanti EPMM Vulnerabilities
SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and the Norwegian National Cyber Security Centre (NCSC-NO) are releasing this joint Cybersecurity Advisory (CSA) in response to active exploitation…
4 min read
-
Vulnerability Summary for the Week of July 24, 2023
High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info biltay_technology — scienta Improper Neutralization of Special Elements used in an SQL Command…
4 min read
-
CISA Releases Malware Analysis Reports on Barracuda Backdoors
CISA has published three malware analysis reports on malware variants associated with exploitation of CVE-2023-2868. CVE-2023-2868 is a remote command injection vulnerability affecting Barracuda Email Security Gateway (ESG)…
4 min read
-
Ivanti Releases Security Updates for EPMM to address CVE-2023-35081
Ivanti has identified and released patches for a directory traversal vulnerability (CVE-2023-35081, CWE-22) in Ivanti Endpoint Manager Mobile (EPMM). This vulnerability allows an attacker with EPMM administrator privileges…
4 min read
-
Preventing Web Application Access Control Abuse
SUMMARY The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security Agency (NSA) are releasing this joint Cybersecurity…
4 min read
-
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-37580 Zimbra Collaboration (ZCS) Cross-Site Scripting (XSS) Vulnerability These types of vulnerabilities…
4 min read
