Author: DEFENDEDGE

CISA released nineteen Industrial Control Systems (ICS) advisories on November 14, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-319-01 Siemens RUGGEDCOM CROSSBOW ICSA-24-319-02 Siemens SIPORT ICSA-24-319-03 Siemens OZW672 and OZW772 Web Server ICSA-24-319-04 Siemens SINEC NMS ICSA-24-319-05 Siemens Solid Edge ICSA-24-319-06 Siemens SCALANCE M-800 Family ICSA-24-319-07 Siemens… Read more

Palo Alto Networks (PAN) has released an important informational bulletin on securing management interfaces after becoming aware of claims of an unverified remote code execution vulnerability via the PAN-OS management interface. CISA urges users and administrators to review the following for more information, follow PAN’s guidance for hardening network devices, review PAN’s instruction for accessing… Read more

Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessary updates: Microsoft Security Update Guide for November Read more

Ivanti released security updates to address vulnerabilities in Ivanti Endpoint Manager (EPM), Ivanti Avalanche, Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Security Access Client. CISA encourages users and administrators to review the following Ivanti security advisories and apply the necessary guidance and updates: Ivanti Security Advisory EPM Ivanti Security Advisory Avalanche Ivanti Security Advisory… Read more

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–Beauty Parlour Management System  A vulnerability, which was classified as critical, has been found in 1000 Projects Beauty Parlour Management System 1.0. This issue affects some unknown processing of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to sql injection. The… Read more

Summary The following cybersecurity agencies coauthored this joint Cybersecurity Advisory (hereafter collectively referred to as the authoring agencies): United States: The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and National Security Agency (NSA) Australia: Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) Canada: Canadian Centre for Cyber Security (CCCS) New… Read more

The Cybersecurity and Infrastructure Security Agency (CISA), through the Joint Cyber Defense Collaborative (JCDC), enabled proactive coordination and information sharing to bolster cybersecurity ahead of the 2024 Olympic and Paralympic Games in Paris. Recognizing the potential for cyber threats targeting the Games, CISA worked to strengthen U.S. private sector ties and facilitate connections with key… Read more

Citrix released security updates to address multiple vulnerabilities in NetScaler ADC, NetScaler Gateway, and Citrix Session Recording. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.    CISA encourages users and administrators to review the following and apply necessary updates:    NetScaler ADC and NetScaler Gateway Security Bulletin… Read more

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info acnoo — flutter_api  Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo Acnoo Flutter API allows Authentication Bypass.This issue affects Acnoo Flutter API: from n/a through 1.0.5. 2024-10-28 9.8 CVE-2024-50486 audit@patchstack.com  adirectory–aDirectory  Unrestricted Upload of File with Dangerous Type vulnerability… Read more

CISA has received multiple reports of a large-scale spear-phishing campaign targeting organizations in several sectors, including government and information technology (IT). The foreign threat actor, often posing as a trusted entity, is sending spear-phishing emails containing malicious remote desktop protocol (RDP) files to targeted organizations to connect to and access files stored on the target’s… Read more