Our news

If exploited, the most serious of these flaws could lead to a denial-of-service condition for Jetson products.

READ MORE →

Hackers masquerade as security researchers to befriend analysts and eventually infect fully patched systems at multiple firms with a malicious backdoor.

READ MORE →

A security flaw in TikTok could have allowed attackers to query query the platform’s database – potentially opening up for privacy violations.

READ MORE →

The high-severity security vulnerability (CVE-2021-1257) allows cross-site request forgery (CSRF) attacks.

READ MORE →

Original release date: January 25, 2021 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available. High Vulnerabilities Primary Vendor —…

READ MORE →

The security vendor is investigating potential zero-day vulnerabilities in its Secure Mobile Access (SMA) 100 series.

READ MORE →

The “KindleDrip” attack would have allowed attackers to siphon money from unsuspecting victims.

READ MORE →

Netscout researchers identify more than 14,000 existing servers that can be abused by ‘the general attack population’ to flood organizations’ networks with traffic.

READ MORE →

Researchers have traced the origins of a campaign – infecting SQL servers to mine cryptocurrency – back to an Iranian software firm.

READ MORE →

Original release date: January 21, 2021 Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to review the following Cisco Advisories…

READ MORE →