Category: Good news
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-38812 VMware vCenter Server Heap-Based Buffer Overflow Vulnerability CVE-2024-38813 VMware vCenter Server Privilege Escalation Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD)…
Read MoreUSDA turned to Fast IDentity Online (FIDO) capabilities, a set of authentication protocols that uses cryptographic keys on user devices, to offer a secure way to authenticate user identities without passwords. USDA’s adoption of FIDO highlights the importance of organizations moving away from password authentication and adopting more secure MFA technologies. This report offers examples…
Read More
After Nutanix CEO Rajiv Ramaswami was “approached” about a role with a competitor, the Nutanix board responded with an “off-cycle” stock award worth nearly $50 million, citing “immediate retention concerns,” according to a recent filing with the SEC. Nutanix President and CEO – and a former VMware C-level executive – Rajiv Ramaswami won a massive…
Read MoreCISA released one Industrial Control Systems (ICS) advisory on November 19, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations. Source link lol
Read More
‘Nutanix has sensed blood in the water from the Broadcom acquisition and it is making a big push to do right by partners,’ says Gary McConnell, CEO of Nutanix partner VirtuIT. ‘They’ve rolled out a ton of training and have made their technical and sales resources available to partners that are new to having discussions…
Read MoreMS-ISAC ADVISORY NUMBER: 2024-130 DATE(S) ISSUED: 11/18/2024 OVERVIEW: Multiple vulnerabilities have been discovered in Palo Alto PAN-OS, the most severe of which could allow for authentication bypass. PAN-OS is the software that runs all Palo Alto Networks next-generation firewalls. Successful exploitation could allow for authentication bypass with administrator privileges. An attacker could then install programs;…
Read MoreThe CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring…
Read MoreCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-9463 Palo Alto Networks Expedition OS Command Injection Vulnerability CVE-2024-9465 Palo Alto Networks Expedition SQL Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational…
Read MoreCISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-1212 Progress Kemp LoadMaster OS Command Injection Vulnerability CVE-2024-0012 Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability CVE-2024-9474 Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability Users and administrators are also encouraged to review the Palo…
Read More
‘Price is a factor, but it’s really more like taking the whole package, which is the pricing, the known stagnation, the changes to support all of that, and sliding that across the table to your customer with whom you might have taken decades to develop trust,’ Nutanix’s Dave Gwyn tells CRN. The reverberations that started…
Read More