Security News

CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)
2024-10-23 12:54

A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on...

CISA proposes new security requirements to protect govt, personal data
2024-10-22 22:11

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is proposing security requirements to prevent adversary states from accessing American's personal data as well as government-related...

CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack
2024-10-22 04:47

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting ScienceLogic SL1 to its Known Exploited Vulnerabilities (KEV) catalog, following...

CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability
2024-10-16 04:54

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) software to its Known Exploited Vulnerabilities...

CISA: Hackers abuse F5 BIG-IP cookies to map internal servers
2024-10-11 16:27

CISA is warning that threat actors have been observed abusing unencrypted persistent F5 BIG-IP cookies to identify and target other internal devices on the targeted network. [...]

CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance
2024-10-11 08:34

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that it has observed threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic...

CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame
2024-10-10 13:34

Usual three-week window to address significant risks to federal agencies applies The US Cybersecurity and Infrastructure Security Agency (CISA) says vulnerabilities in Fortinet and Ivanti products...

CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches
2024-10-10 05:44

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Fortinet products to its Known Exploited Vulnerabilities (KEV) catalog,...

CISA says critical Fortinet RCE flaw now exploited in attacks
2024-10-09 22:07

​Today, CISA revealed that attackers actively exploit a critical FortiOS remote code execution (RCE) vulnerability in the wild. [...]

Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch
2024-10-03 06:06

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited...