Vulnerability
-
CISA, German cyber authorities warn Zyxel firewalls facing active exploitation
Attackers have targeted dozens of companies with Helldown ransomware, researchers found.
By David Jones • Dec. 4, 2024 -
Palo Alto Networks pushes back as Shadowserver spots 2K of its firewalls exploited
The security vendor maintains only a limited number of customers’ firewalls have been exploited by a zero-day it patched earlier this week.
By Matt Kapko • Nov. 22, 2024 -
Palo Alto Networks customers grapple with another actively exploited zero-day
The security vendor warned of an unconfirmed vulnerability in PAN-OS earlier this month. A CVE entry and patch came 10 days later.
By Matt Kapko • Nov. 19, 2024 -
Federal probe finds vulnerabilities across more than 300 US water systems
The Environmental Protection Agency lacks a documented plan to coordinate incident reporting with CISA, the agency’s Office of Inspector General found.
By David Jones • Nov. 19, 2024 -
Palo Alto Networks’ customer migration tool hit by trio of CVE exploits
CISA warned of two critical and actively exploited vulnerabilities in Expedition one week after another CVE came under active exploitation in the same product.
By Matt Kapko • Nov. 15, 2024 -
Microsoft revamps how it will disclose vulnerabilities
The company said the additional disclosure method using the Common Security Advisory Framework will help organizations better prioritize CVEs.
By David Jones • Nov. 15, 2024 -
Citrix Session Recording users warned of CVEs that allow hackers to gain control
Security researchers at watchTowr discovered the flaw and claim attackers can gain access without authentication, a finding which Citrix disputes.
By David Jones • Nov. 13, 2024 -
Zero-days from top security vendors were most exploited CVEs in 2023
The top five vulnerabilities exploited by attackers last year were found in security gear from Citrix, Cisco and Fortinet, the Five Eyes’ cyber agencies found.
By Matt Kapko • Nov. 13, 2024 -
Critical Veeam CVE targeted by new ransomware variant
Multiple ransomware variants are now targeting the CVE, which has a CVSS of 9.8. For customers, the risk of exploitation is only increasing.
By Matt Kapko • Nov. 12, 2024 -
Sponsored by Imprivata
The company you keep: your most trusted vendor could be your biggest security risk
Your trusted vendor might be your biggest security risk. Learn how to mitigate third-party threats.
By Joel Burleson-Davis, SVP Worldwide Engineering, Cyber, Imprivata • Nov. 11, 2024 -
Fortinet finds more malicious IPs linked to widely exploited zero-day
The cybersecurity vendor said the additional indicators of compromise don’t reflect any major changes. Researchers warn thousands of devices remain exposed.
By Matt Kapko • Oct. 31, 2024 -
Poor vulnerability management could indicate larger cyber governance issues, S&P says
Companies that fail to properly mitigate security vulnerabilities are leaving themselves open to malicious activity, the research firm said.
By David Jones • Oct. 29, 2024 -
Cisco warns actively exploited CVE can lead to DoS attacks against VPN services
The company warned the threat activity is linked to previously disclosed brute-force attacks beginning in March.
By David Jones • Oct. 28, 2024 -
Critical Veeam CVE actively exploited in ransomware attacks
Multiple ransomware groups targeted the vulnerability, which has a CVSS score of 9.8, more than a month after it was disclosed and patched by the data backup and recovery vendor.
By Matt Kapko • Oct. 22, 2024 -
Microsoft confirms partial loss of security log data on multiple platforms
The company previously expanded free access to security logs on several platforms, including Purview, following the 2023 state-linked hack of Exchange Online.
By David Jones • Oct. 18, 2024 -
FBI, CISA seek input on software security, configuration changes
Authorities are seeking public comment on steps the software industry can take to make their products more resistant to malicious threat activity.
By David Jones • Oct. 17, 2024 -
CISA adds SolarWinds flaw to exploited vulnerabilities catalog
A hardcoded credentials vulnerability in SolarWinds Web Help Desk lets attackers read and modify sensitive help desk ticket information.
By David Jones • Oct. 16, 2024 -
Critical CVE in 4 Fortinet products actively exploited
CISA added the format string vulnerability to its known exploited vulnerabilities catalog last week, months after it was first disclosed by the company.
By David Jones • Oct. 14, 2024 -
CISA’s vulnerability management program spotted 250 critical CVEs in 2023
The 51 federal civilian agencies involved in the program remediated 872 vulnerabilities last year, up 78% increase from 2022, according to CISA.
By Matt Kapko • Oct. 4, 2024 -
Ivanti up against another attack spree as hackers target its endpoint manager
Ivanti customers are facing a new series of exploitation attempts after the company pledged in April to launch a comprehensive overhaul of its internal security practices.
By David Jones • Oct. 3, 2024 -
CUPS vulnerability, a near miss, delivers another warning for open source
While a major crisis was averted, the disclosures may open up needed conversations about transparency and coordination, according to researchers.
By David Jones • Sept. 30, 2024 -
A quartet of Linux CVEs draws exploit fears among open source community
Attackers can use the chained vulnerabilities to execute remote commands after a user initiates a print job.
By David Jones • Sept. 27, 2024 -
CISA catalog falls short on CVEs targeted by Flax Typhoon
A report by VulnCheck highlights the ongoing backlog in identifying active exploitation of CVEs.
By David Jones • Sept. 24, 2024 -
Attackers exploit second Ivanti Cloud Service Appliance flaw for more access
Hackers are exploiting the vulnerability in tandem with a previously disclosed CVE, to bypass authentication measures and take control of an affected system.
By David Jones • Sept. 20, 2024 -
Valid accounts remain top access point for critical infrastructure attacks, officials say
CISA attributed 2 in 5 successful intrusions to valid account abuse last year, but that is down from 2022.
By Matt Kapko • Sept. 17, 2024