-
#StopRansomware: Phobos Ransomware | CISA
SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories…
-
A Vulnerability in Apache OFBiz Could Allow for Remote Code Execution
MS-ISAC ADVISORY NUMBER: 2024-004 DATE(S) ISSUED: 01/12/2024 OVERVIEW: A vulnerability has been discovered in the Apache OFBiz, which could allow for remote code execution. Apache OFBiz is an open source…
-
Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways
SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and the following partners (hereafter referred to as the authoring organizations) are releasing this joint Cybersecurity Advisory to warn that cyber threat…
-
VMSA-2024-0004
Advisory ID: VMSA-2024-0004 CVSSv3 Range: 6.7 Issue Date: 2024-02-20 Updated On: 2024-02-20 (Initial Advisory) CVE(s): CVE-2024-22235 Synopsis: VMware Aria Operations updates address local privilege escalation vulnerability. (CVE-2024-22235)
-
VMSA-2024-0003
Review ID: VMSA-2024-0003 CVSSv3 range: 9.6 – 7.8 Date of issue: 2024-02-20 Updated: 2024-02-20 (Initial notice) CVE(s): CVE-2024-22245, CVE-2024-22250 Synopsis: Addresses arbitrary authentication relay and session hijacking vulnerabilities in deprecated…
-
CISA and MS-ISAC Release Advisory on Compromised Account Used to Access State Government Organization
Today, CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), Threat Actor Leverages Compromised Account of Former Employee to Access State Government Organizationto…
-
Threat Actor Leverages Compromised Account of Former Employee to Access State Government Organization
SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) conducted an incident response assessment of a state government organizations network environment after…
-
Multiple Vulnerabilities in FortiOS Could Allow for Remote Code Execution
MS-ISAC ADVISORY NUMBER: 2024-019 DATE(S) ISSUED: 02/09/2024 OVERVIEW: Multiple vulnerabilities have been discovered in FortiOS, the most severe of which could allow for remote code execution. FortiOS is Fortinet’s operating…
-
VMSA-2024-0002
Important Advisory ID: VMSA-2024-0002 CVSSv3 Range: 4.3 – 7.8 Issue Date: 2024-02-06 Updated On: 2024-02-06 (Initial Advisory) CVE(s): CVE-2024-22237, CVE-2024-22238, CVE-2024-22239, CVE-2024-22240, CVE-2024-22241 Synopsis: VMware Aria Operations for Networks (Formerly…
Search
Recent Posts
- Vulnerability in Dell RecoverPoint for Virtual Machines could allow arbitrary code execution
- Multiple vulnerabilities in Ivanti Endpoint Manager Mobile could allow remote code execution
- A vulnerability in the WatchGuard Fireware operating system could allow arbitrary code execution.
- Vulnerability in Cisco AsyncOS Could Allow Remote Code Execution
