Category: Good news
Cisco released security updates to address vulnerabilities in Cisco software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. njdh njdh njdh njdh njdh njdh njdh njdh njdh njdh njdh njdh njdh njdh njdh njdh njdh njdh njdh njdh njdh njdh njdh njdh njdh njdh njdh njdh…
Read MoreOracle released its quarterly Critical Patch Update Advisory for July 2024 to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Oracle Critical Patch Update Advisory and apply the necessary updates: Source link…
Read MoreCISA released three Industrial Control Systems (ICS) advisories on July 18, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations. Source link lol
Read MoreCISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-34102 Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability CVE-2024-28995 SolarWinds Serv-U Path Traversal Vulnerability CVE-2022-22948 VMware vCenter Server Incorrect Default File Permissions Vulnerability These types of vulnerabilities are frequent attack…
Read MoreMS-ISAC ADVISORY NUMBER: 2024-081 DATE(S) ISSUED: 07/17/2024 OVERVIEW: Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated…
Read MoreCISA released one Industrial Control Systems (ICS) advisory on July 16, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations. Source link lol
Read MoreAdobe–Bridge Bridge versions 14.0.4, 13.0.7, 14.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-07-09 7.8 CVE-2024-34139psirt@adobe.com Adobe–InDesign Desktop InDesign Desktop versions…
Read MoreCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog…
Read MoreOn July 12, AT&T released a public statement on unauthorized access of customer data from a third-party cloud platform. AT&T also provided recommendations and resources for affected customers. CISA encourages customers to review the following AT&T article for additional information and follow necessary guidance to help protect personal information. Source link lol
Read MoreCISA released twenty-one Industrial Control Systems (ICS) advisories on July 11, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-193-01 Siemens Remote Connect Server ICSA-24-193-02 Siemens RUGGEDCOM APE 1808 ICSA-24-193-03 Siemens Teamcenter Visualization and JT2Go ICSA-24-193-04 Siemens Simcenter Femap ICSA-24-193-05 Siemens SCALANCE, RUGGEDCOM, SIPLUS, and SINEC ICSA-24-193-06 Siemens…
Read MoreRecent Posts
- A Vulnerability in Apache Struts2 Could Allow for Remote Code Execution
- CISA Adds One Known Exploited Vulnerability to Catalog | CISA
- Xerox To Buy Lexmark For $1.5B In Blockbuster Print Deal
- Vulnerability Summary for the Week of December 16, 2024 | CISA
- Arm To Seek Retrial In Qualcomm Case After Mixed Verdict