-
CISA adds known exploited vulnerability to its catalog
CISA has added a new vulnerability to its catalog of known exploited vulnerabilities, based on evidence of active exploitation. CVE-2024-49138 Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer…
-
Multiple vulnerabilities in Google Android operating system could allow remote code execution
Several vulnerabilities have been discovered in the Google Android operating system, the most serious of which could allow remote code execution in the context of the logged in user. Following…
-
CISA issues six opinions on industrial control systems
CISA released six advisories on industrial control systems (ICS) on November 26, 2024. These advisories provide timely information on current security issues, vulnerabilities, and exploits regarding ICS. ICSA-24-331-01 Schneider Electric…
-
USDA Releases Success Story Detailing Implementation of Phishing-Resistant Multi-Factor Authentication
The USDA turned to the capabilities of Fast IDentity Online (FIDO), a set of authentication protocols that use cryptographic keys on user devices, to provide a secure way to authenticate…
-
Multiple vulnerabilities in Ivanti Endpoint Manager could allow remote code execution
MS-ISAC NOTICE NUMBER: 2024-129 ISSUE DATE(S): 11/12/2024 PREVIEW: Several vulnerabilities have been discovered in Ivanti Endpoint Manager, the most serious of which could allow remote code execution. Ivanti Endpoint Manager…
-
CISA adds four known exploited vulnerabilities to its catalog
CISA has added four new vulnerabilities to its catalog of known exploited vulnerabilities, based on evidence of active exploitation. CVE-2024-43093 Android Framework Elevation of Privilege Vulnerability CVE-2024-51567 CyberPanel Incorrect Default…
-
Fortinet Updates Guidance and Indicators of Compromise Following Exploitation of FortiManager Vulnerability
Fortinet has updated its security advisory for a critical vulnerability in FortiManager (CVE-2024-47575) to include workarounds and additional indicators of compromise (IOCs). A remote, unauthenticated cybercriminal could exploit this vulnerability…
-
Multiple vulnerabilities in Siemens InterMesh subscriber devices could allow remote code execution
MS-ISAC NOTICE NUMBER: 2024-122 ISSUE DATE(S): 10/29/2024 PREVIEW: Several vulnerabilities have been discovered in Siemens InterMesh subscriber devices, the most serious of which could allow remote code execution. InterMesh leverages…
-
Vulnerability in Fortinet FortiManager could allow remote code execution
MS-ISAC NOTICE NUMBER: 2024-120 ISSUE DATE(S): 10/23/2024 PREVIEW: A vulnerability has been discovered in Fortinet FortiManager that could allow remote code execution. FortiManager is a network management and security tool…
Search
Recent Posts
- How to Align AI Initiatives with Cybersecurity Policies in 2025
- Vulnerability in Microsoft Windows Server Update Services (WSUS) could allow remote code execution
- Several vulnerabilities in Ivanti products could allow remote code execution
- Several vulnerabilities in Aria VMware operations and VMware tools could allow a climbing of privileges
