Drupal released a security advisory to address a vulnerability affecting multiple Drupal core versions. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review Drupal security advisory SA-CORE-2024-001 for more information and…
Category: All CISA Advisories
VMware Releases Security Advisory for Aria Operations
VMware released a security advisory to address a vulnerability (CVE-2023-34063) in Aria Operations. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2024-0001 and apply…
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-6549 Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability CVE-2023-6548 Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability CVE-2024-0519 Google Chromium V8 Out-of-Bounds Memory…
Known Indicators of Compromise Associated with Androxgh0st Malware
SUMMARY The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with threat actors deploying…
CISA and FBI Release Known IOCs Associated with Androxgh0st Malware
Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), Known Indicators of Compromise Associated with Androxgh0st Malware, to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with threat actors…
Cisco Releases Security Advisory for Cisco Unity Connection
Cisco released a security advisory to address a vulnerability (CVE-2024-20272) in Cisco Unity Connection. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Cisco Unity Connection…
Juniper Networks Releases Security Bulletin for Junos OS and Junos OS Evolved
Juniper Networks has released a security advisory to address a vulnerability (CVE-2024-21611) in Junos OS and Junos OS Evolved. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review the Juniper…
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-21887 Ivanti Connect Secure and Policy Secure Command Injection Vulnerability CVE-2023-46805 Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability These types of vulnerabilities are…
Ivanti Releases Security Update for Connect Secure and Policy Secure Gateways
Ivanti has released a security update to address an authentication bypass vulnerability (CVE-2023-46805) and a command injection vulnerability (CVE-2024-21887) in all supported versions (9.x and 22.x) of Connect Secure and Policy Secure gateways. A cyber threat actor could exploit these…
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-29357 Microsoft SharePoint Server Privilege Escalation Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to…