CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame

October 10, 2024 at 09:39AM The US CISA has added vulnerabilities in Fortinet and Ivanti products to its Known Exploited Vulnerabilities catalog. Fortinet’s critical CVE-2024-23113 affects multiple products, allowing remote code execution. Ivanti faces issues with CVE-2024-9379 and CVE-2024-9380 related to its Cloud Services Application, prompting security recommendations for users. ### Meeting Takeaways **1. Fortinet … Read more

Microsoft Releases October 2024 Security Updates

October 8, 2024 at 03:29PM Microsoft released security updates to address vulnerabilities in multiple products. CISA advises users and administrators to review and apply necessary updates from the Microsoft Security Update Guide for October to mitigate potential cyber threats. Based on the meeting notes, the key takeaway is that Microsoft has released security updates to … Read more

Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch

October 3, 2024 at 02:33AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Ivanti Endpoint Manager (EPM) to its Known Exploited Vulnerabilities catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-29824, allows for remote code execution and is actively targeted by threat actors. Federal agencies are … Read more

Critical Ivanti RCE flaw with public exploit now used in attacks

October 2, 2024 at 02:58PM CISA warned of an actively exploited critical Ivanti vulnerability, allowing remote code execution on vulnerable EPM appliances. Tracked as CVE-2024-29824, the SQL Injection flaw affects unpatched systems. Ivanti released security updates in May but confirmed ongoing exploitation. Federal agencies are required to patch within three weeks. Prioritize patching to block … Read more

CISA: Network switch RCE flaw impacts critical infrastructure

October 2, 2024 at 11:05AM The U.S. cybersecurity agency CISA has issued a warning about two critical vulnerabilities in Optigo Networks ONS-S8 Aggregation Switch products, used in critical infrastructure worldwide. The flaws allow bypassing of password requirements and could lead to remote code execution. No fixes are available, so users are advised to apply suggested … Read more

Organizations Warned of Exploited SAP, Gpac and D-Link Vulnerabilities

October 1, 2024 at 08:51AM CISA alerted organizations about exploited SAP Commerce, Gpac framework, and D-Link DIR-820 router vulnerabilities, which are years old. This warning highlights the ongoing risk posed by these vulnerabilities in the wild. (47 words) Based on the meeting notes, the key takeaway is that CISA has warned about the exploitation of … Read more

Israeli Group Claims Lebanon Water Hack as CISA Reiterates Warning on Simple ICS Attacks

September 26, 2024 at 07:55AM The US cybersecurity agency CISA warns of unsophisticated hacks on industrial control systems (ICS) and operational technology. Red Evil hacktivist group claimed to have compromised water systems used by Hezbollah, making exaggerated claims of control. However, an expert believes this is more likely an influence/misinformation operation. CISA also issued a … Read more

CISA Adds Patched Ivanti Bug to KEV Catalog

September 25, 2024 at 02:13PM CISA has added CVE-2024-7593, a high-severity Ivanti vulnerability, to its Known Exploited Vulnerabilities Catalog. The flaw allows remote unauthenticated attackers to create admin accounts by bypassing the admin panel due to an authentication algorithm implementation issue in older Ivanti vTM versions. Patched in vTM versions 22.2R1, 22.3R3, 22.5R2, 22.6R2, and … Read more

CISA: Hackers target industrial systems using “unsophisticated methods”

September 25, 2024 at 12:27PM CISA warns of threat actors targeting critical infrastructure networks through unsophisticated methods such as brute force attacks and default credentials on Internet-exposed industrial devices. Ongoing attacks are impacting water and wastewater systems. CISA advises applying security measures to defend against malicious activity, following previous warnings of pro-Russian hacktivists targeting water … Read more

CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns

September 25, 2024 at 02:48AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Ivanti Virtual Traffic Manager (vTM) to its Known Exploited Vulnerabilities catalog. The flaw, CVE-2024-7593, allows remote unauthenticated attackers to create rogue administrative users. Ivanti has released patches, and agencies are required to address the flaw … Read more