-
CISA warns of more Palo Alto Networks bugs exploited in attacks
CISA warned today that two more critical security vulnerabilities in Palo Alto Networks' Expedition migration tool are now actively exploited in attacks.
- November 14, 2024
- 05:01 PM
0
-
Palo Alto Networks warns of potential PAN-OS RCE vulnerability
Palo Alto Networks warned customers to restrict access to their next-generation firewalls because of a potential remote code execution vulnerability in the PAN-OS management interface.
- November 08, 2024
- 12:42 PM
0
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
CISA warns of critical Palo Alto Networks bug exploited in attacks
Today, CISA warned that attackers are exploiting a critical missing authentication vulnerability in Palo Alto Networks Expedition, a migration tool that can help convert firewall configuration from Checkpoint, Cisco, and other vendors to PAN-OS.
- November 07, 2024
- 02:03 PM
- 0
-
Progress urges admins to patch critical WhatsUp Gold bugs ASAP
Progress Software warned customers to patch multiple critical and high-severity vulnerabilities in its WhatsUp Gold network monitoring tool as soon as possible.
- September 27, 2024
- 08:01 AM
- 0
-
CISA urges software devs to weed out XSS vulnerabilities
CISA and the FBI urged tech companies to review their software and eliminate cross-site scripting (XSS) vulnerabilities before shipping.
- September 17, 2024
- 12:39 PM
- 0
-
FTC: Over $110 million lost to Bitcoin ATM scams in 2023
The U.S. Federal Trade Commission (FTC) has reported a massive increase in losses to Bitcoin ATM scams, nearly ten times the amount from 2020 and reaching over $110 million in 2023.
- September 03, 2024
- 04:40 PM
- 0
-
FBI warns crypto firms of aggressive social engineering attacks
The FBI warns of North Korean hackers aggressively targeting cryptocurrency companies and their employees in sophisticated social engineering attacks, aiming to deploy malware that steals their crypto assets.
- September 03, 2024
- 01:43 PM
- 0
-
CISA warns of Jenkins RCE bug exploited in ransomware attacks
CISA has added a critical Jenkins vulnerability that can be exploited to gain remote code execution to its catalog of security bugs, warning that it's actively exploited in attacks.
- August 19, 2024
- 03:16 PM
- 0
-
Microsoft: Enable MFA or lose access to admin portals in October
Microsoft warned Entra global admins on Thursday to enable multi-factor authentication (MFA) for their tenants until October 15 to ensure users don't lose access to admin portals.
- August 16, 2024
- 03:06 PM
- 0
-
Exploit released for Cisco SSM bug allowing admin password changes
Cisco warns that exploit code is now available for a maximum severity vulnerability that lets attackers change any user password on unpatched Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers.
- August 08, 2024
- 03:01 PM
- 0
-
CISA warns of hackers abusing Cisco Smart Install feature
CISA recommends disabling the legacy Cisco Smart Install feature after seeing it abused by threat actors in recent attacks to steal sensitive data, such as system configuration files.
- August 08, 2024
- 01:23 PM
- 0
-
Acronis warns of Cyber Infrastructure default password abused in attacks
Acronis warned customers to patch a critical Cyber Infrastructure security flaw that lets attackers bypass authentication on vulnerable servers using default credentials.
- July 26, 2024
- 12:39 PM
- 0
-
Progress warns of critical RCE bug in Telerik Report Server
Progress Software has warned customers to patch a critical remote code execution security flaw in the Telerik Report Server that can be used to compromise vulnerable devices.
- July 25, 2024
- 11:46 AM
- 0
-
Google Chrome now asks for passwords to scan protected archives
Google Chrome now warns when downloading risky password-protected files and provides improved alerts with more information about potentially malicious downloaded files.
- July 24, 2024
- 12:09 PM
- 0
-
CISA urges devs to weed out OS command injection vulnerabilities
CISA and the FBI urged software companies on Wednesday to review their products and eliminate path OS command injection vulnerabilities before shipping.
- July 10, 2024
- 02:02 PM
- 0
-
RCE bug in widely used Ghostscript library now exploited in attacks
A remote code execution vulnerability in the Ghostscript document conversion toolkit, widely used on Linux systems, is currently being exploited in attacks.
- July 08, 2024
- 12:26 PM
- 1
-
CISA warns of Windows bug exploited in ransomware attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity Windows vulnerability abused in ransomware attacks as a zero-day to its catalog of actively exploited security bugs.
- June 14, 2024
- 12:39 PM
- 0
-
CISA warns of criminals impersonating its employees in phone calls
Today, the Cybersecurity and Infrastructure Security Agency (CISA) warned that criminals are impersonating its employees in phone calls and attempting to deceive potential victims into transferring money.
- June 12, 2024
- 01:58 PM
- 0
-
FBI warns of fake remote work ads used for cryptocurrency fraud
Today, the FBI issued a warning about scammers using fake remote job ads to steal cryptocurrency from job seekers across the United States while posing as recruiters for legitimate companies.
- June 04, 2024
- 04:33 PM
- 1
-
Hackers target Check Point VPNs to breach enterprise networks
Threat actors are targeting Check Point Remote Access VPN devices in an ongoing campaign to breach enterprise networks, the company warned in a Monday advisory.
- May 27, 2024
- 02:19 PM
- 0
0
