Cloud Security Alliance News Clipping Site

Tag: active threats

  • Alerts: CISA Adds Three Known Exploited Vulnerabilities to Catalog

    by

    system automation
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2024/11/21/cisa-adds-three-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Three Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-44308 Apple Multiple Products Code Execution Vulnerability CVE-2024-44309 Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability CVE-2024-21287 Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability…

  • Alerts: CISA Adds Two Known Exploited Vulnerabilities to Catalog

    by

    system automation
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2024/11/20/cisa-adds-two-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Two Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-38812 VMware vCenter Server Heap-Based Buffer Overflow Vulnerability CVE-2024-38813 VMware vCenter Server Privilege Escalation Vulnerability These types of vulnerabilities are frequent attack vectors…

  • Hacker News: We assume damage to Baltic Sea cables was sabotage, German Defence minister

    by

    system automation
    in

    Source URL: https://www.theguardian.com/world/2024/nov/19/baltic-sea-cables-damage-sabotage-german-minister Source: Hacker News Title: We assume damage to Baltic Sea cables was sabotage, German Defence minister Feedly Summary: Comments AI Summary and Description: Yes Summary: The incident involving the sabotage of undersea fibre-optic cables in the Baltic Sea has raised significant concerns about the security of critical infrastructure in Europe. The implications…

  • Alerts: CISA Adds Three Known Exploited Vulnerabilities to Catalog

    by

    system automation
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2024/11/18/cisa-adds-three-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Three Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-1212 Progress Kemp LoadMaster OS Command Injection Vulnerability CVE-2024-0012 Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability CVE-2024-9474 Palo Alto Networks PAN-OS…

  • Hacker News: Teen serial swatter-for-hire busted, pleads guilty, could face 20 years

    by

    system automation
    in

    Source URL: https://www.theregister.com/2024/11/18/teenage_serial_swatterforhire_busted/ Source: Hacker News Title: Teen serial swatter-for-hire busted, pleads guilty, could face 20 years Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses various significant incidents in cybersecurity, including a teenager convicted of swatting, critical vulnerabilities in software, an ongoing debate regarding protections for cybersecurity researchers in international law,…

  • Alerts: CISA Adds Two Known Exploited Vulnerabilities to Catalog

    by

    system automation
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2024/11/14/cisa-adds-two-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Two Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-9463 Palo Alto Networks Expedition OS Command Injection Vulnerability CVE-2024-9465 Palo Alto Networks Expedition SQL Injection Vulnerability These types of vulnerabilities are frequent…

  • Alerts: CISA Adds Five Known Exploited Vulnerabilities to Catalog

    by

    system automation
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2024/11/12/cisa-adds-five-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Five Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2021-26086 Atlassian Jira Server and Data Center Path Traversal Vulnerability CVE-2014-2120 Cisco Adaptive Security Appliance (ASA) Cross-Site Scripting (XSS) Vulnerability CVE-2021-41277 Metabase GeoJSON API Local…

  • Alerts: CISA Adds Four Known Exploited Vulnerabilities to Catalog

    by

    system automation
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2024/11/07/cisa-adds-four-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Four Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-43093 Android Framework Privilege Escalation Vulnerability CVE-2024-51567 CyberPanel Incorrect Default Permissions Vulnerability CVE-2019-16278 Nostromo nhttpd Directory Traversal Vulnerability CVE-2024-5910 Palo Alto Expedition Missing…