Month: January 2025
Today, CISA released the Cybersecurity Performance Goals Adoption Report to highlight how adoption of Cybersecurity Performance Goals (CPGs) benefits our nation’s critical infrastructure sectors. Originally released in October 2022, CISA’s CPGs are voluntary practices that critical infrastructure owners can take to protect themselves against cyber threats. This report is based on analysis of 7,791 critical…
Read MoreMultiple vulnerabilities in SonicWall SonicOS could allow a remote attacker to bypass authentication.
- by nlqip
MS-ISAC ADVISORY NUMBER: 2025-002 DATE(S) ISSUED: 01/09/2025 OVERVIEW: Multiple vulnerabilities have been discovered in SonicWall SonicOS that could allow for authentication bypass. SonicOS is SonicWall’s operating system designed for their firewalls and other security devices. Successful exploitation of the most severe of these vulnerabilities could allow for authentication bypass on the affected system. Depending on the…
Read More‘He was definitely very engaged. He was a guy you wanted to go out and have a drink with and talk to. Definitely a loss there,’ said Michael Goldstein, president and CEO of LAN Infotech, a Fort Lauderdale, Fla.-based Dell partner. Dell Technologies’ longtime sales leader and former channel chief John Byrne is stepping aside…
Read MoreIntroduction You know the saying, right? “It’s always DNS” (unless it’s BGP, but I digress). Back in 2017 we covered just how the Domain Name System (DNS) is the Achillies heel of the internet and things haven’t improved much in the subsequent years. When we think of DNS failures we often think of a widespread…
Read MoreWhile Nvidia revealed the much-anticipated GeForce RTX 50 GPUs and GB10 Superchip, Intel, AMD and Qualcomm announced new processors designed for Copilot+ PCs at various price points and performance levels among many other PC chip announcements at CES 2025. The world’s largest chip designers heralded new waves of laptops, desktops and workstations—many with varying degrees…
Read More*No generative AI was used by the author Rapid Rate of Change Still Powering Technology Here we are a quarter of the way through the 21st century and the rate of change in technology shows no signs of slowing. And, while we are not quite the jet-setting hipsters that cartoons of the 1960’s predicted, we…
Read MoreMS-ISAC ADVISORY NUMBER: 2025-001 DATE(S) ISSUED: 01/09/2025 OVERVIEW: Multiple vulnerabilities have been discovered in Ivanti Products, the most severe of which could allow for remote code execution. Ivanti Endpoint Manager is a client-based unified endpoint management software. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution in the context…
Read MoreIvanti Releases Security Updates for Connect Secure, Policy Secure, and ZTA Gateways | CISA
- by nlqip
Ivanti released security updates to address vulnerabilities (CVE-2025-0282, CVE-2025-0283) in Ivanti Connect Secure, Policy Secure, and ZTA Gateways. A cyber threat actor could exploit CVE-2025-0282 to take control of an affected system. CISA has added CVE-2025-0282 to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CISA urges organizations to hunt for any malicious…
Read MoreCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. CISA urges organizations to apply mitigations as set forth in the CISA instructions linked below to include conducting…
Read MoreIvanti disclosed two vulnerabilities in its Connect Secure, Policy Secure and Neurons for ZTA gateway devices, including one flaw that was exploited in the wild as a zero-day. Background On January 8, Ivanti published a security advisory for two vulnerabilities affecting multiple products including Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Neurons for Zero…
Read MoreRecent Posts
- CISA Releases the Cybersecurity Performance Goals Adoption Report | CISA
- Multiple vulnerabilities in SonicWall SonicOS could allow a remote attacker to bypass authentication.
- Dell Sales Leader, Former Channel Chief John Byrne Steps Down
- The Dangers of DNS Hijacking
- CES 2025: 15 PC Chips Announced By Intel, Nvidia, AMD And Qualcomm