Tag: cyber actors
-
Alerts: CISA Adds Six Known Exploited Vulnerabilities to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2025/03/11/cisa-adds-six-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Six Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-24983 Microsoft Windows Win32k Use-After-Free Vulnerability CVE-2025-24984 Microsoft Windows NTFS Information Disclosure Vulnerability CVE-2025-24985 Microsoft Windows Fast FAT File System Driver Integer…
-
Alerts: CISA Adds Five Known Exploited Vulnerabilities to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2025/03/10/cisa-adds-five-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Five Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-25181 Advantive VeraCore SQL Injection Vulnerability CVE-2024-57968 Advantive VeraCore Unrestricted File Upload Vulnerability CVE-2024-13159 Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability CVE-2024-13160 Ivanti…
-
Alerts: CISA Adds Four Known Exploited Vulnerabilities to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2025/03/04/cisa-adds-four-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Four Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-50302 Linux Kernel Use of Uninitialized Resource Vulnerability CVE-2025-22225 VMware ESXi Arbitrary Write Vulnerability CVE-2025-22224 VMware ESXi and Workstation TOCTOU Race Condition Vulnerability CVE-2025-22226 VMware ESXi,…
-
Alerts: CISA Adds Two Known Exploited Vulnerabilities to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2025/02/25/cisa-adds-two-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Two Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-49035 Microsoft Partner Center Improper Access Control Vulnerability CVE-2023-34192 Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability Users and administrators are also encouraged…
-
Alerts: CISA Adds Two Known Exploited Vulnerabilities to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2025/02/24/cisa-adds-two-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Two Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2017-3066 Adobe ColdFusion Deserialization Vulnerability CVE-2024-20953 Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious…
-
Alerts: CISA Adds One Known Exploited Vulnerability to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2025/02/21/cisa-adds-one-known-exploited-vulnerability-catalog Source: Alerts Title: CISA Adds One Known Exploited Vulnerability to Catalog Feedly Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-24989 Microsoft Power Pages Improper Access Control Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose…
-
Cisco Talos Blog: Efficiency? Security? When the quest for one grants neither.
Source URL: https://blog.talosintelligence.com/efficiency-security-when-the-quest-for-one-grants-neither/ Source: Cisco Talos Blog Title: Efficiency? Security? When the quest for one grants neither. Feedly Summary: William discusses what happens when security is an afterthought rather than baked into processes and highlights the latest of Talos’ security research. AI Summary and Description: Yes **Summary:** The text provides a critique of recent security oversights…
-
Alerts: CISA Adds Two Known Exploited Vulnerabilities to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2025/02/20/cisa-adds-two-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Two Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-23209 Craft CMS Code Injection Vulnerability CVE-2025-0111 Palo Alto Networks PAN-OS File Read Vulnerability These types of vulnerabilities are frequent attack vectors for malicious…
-
Alerts: CISA Adds Two Known Exploited Vulnerabilities to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2025/02/18/cisa-adds-two-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Two Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added two vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-0108 Palo Alto PAN-OS Authentication Bypass Vulnerability CVE-2024-53704 SonicWall SonicOS SSLVPN Improper Authentication Vulnerability These types of vulnerabilities are frequent attack vectors for…