August 29, 2024 at 03:30PM CISA has added a critical security flaw in the Apache OFBiz open source ERP system to its Known Exploited Vulnerabilities catalog. Tracked as CVE-2024-38856, the bug carries a score of 9.8 out of 10 on the CVSS scale, enabling pre-authentication RCE. Organizations must update to version 18.12.15 by Sept. 17 … Read more
August 9, 2024 at 07:54AM The US cybersecurity agency CISA warned about threat actors targeting improperly configured Cisco devices. Malicious actors abuse features like Smart Install to acquire system configuration files and exploit weak password types. Meanwhile, Cisco faces critical vulnerabilities in its IP phones, without releasing patches due to end-of-life products. Multiple exploits and … Read more
July 31, 2024 at 06:36AM DigiCert is revoking TLS certificates due to a domain validation issue, affecting websites, applications, and services. The company needs to revoke certificates within 24 hours due to strict CA/Browser Forum rules. The issue was related to validating domain ownership using a DNS CNAME record. Roughly 0.4% of domain validations were … Read more
May 22, 2024 at 09:57AM Rockwell Automation urges customers to secure industrial control systems from internet exposure. Shodan search reveals 7,000+ connected items. The company cautions against public internet connectivity for non-designed devices. They address recent vulnerabilities and the potential for cyber attacks due to global tensions. CISA has also raised awareness of Rockwell’s notice. … Read more
May 3, 2024 at 09:10AM CISA and the FBI issued a Secure by Design Alert about path traversal software vulnerabilities targeting critical infrastructure. These flaws enable unauthorized access to application files and directories, allowing threat actors to compromise systems. Urging organizations to eliminate these defects, the agencies emphasize a secure software development lifecycle and suggest … Read more
April 12, 2024 at 10:41AM CISA warns of Russian spies’ theft of sensitive data from Microsoft’s email system, prompting an Emergency Directive for affected agencies to analyze exfiltrated emails, reset compromised credentials, and enhance security. Microsoft and CISA collaborate to provide metadata on the exfiltrated emails. Security experts criticize Microsoft’s security practices and disclosure approach. … Read more
April 11, 2024 at 12:42PM CISA issued a red-alert notice about a potential supply chain breach at Sisense, a data analytics company. The agency advised Sisense customers to reset credentials and report any suspicious activity. CISA is collaborating with industry partners to address the incident, emphasizing its potential impact on critical infrastructure. Sisense has not … Read more
January 16, 2024 at 08:36PM The FBI and CISA warn that cybercriminals are leveraging old vulnerabilities to deploy Androxgh0st malware, targeting .env files containing user credentials for AWS, Microsoft Office 365, SendGrid, and Twilio. The malware can be used to steal data, execute code remotely, and create new AWS users and instances. Mitigations include updating … Read more
December 13, 2023 at 06:32PM APT29, the Russian cyber threat group responsible for the SolarWinds hack, is actively exploiting a critical security vulnerability in JetBrains TeamCity. This presents a global threat, potentially enabling access to valuable data and the possibility of sabotaging software compilations and deployments. Patching alone won’t mitigate the danger, making active threat … Read more
December 6, 2023 at 06:00AM CISA warns of a high-severity Adobe ColdFusion vulnerability (CVE-2023-26360) being actively exploited, affecting outdated versions of the software. Attackers used it for unauthorized access and code execution on government servers, installing malware, and conducting reconnaissance. Updated ColdFusion versions have fixed the flaw. Meeting Takeaways: 1. The U.S. Cybersecurity and Infrastructure … Read more