Category: alerts
Category Added in a WPeMatico Campaign
-
CISA Releases Alert on Exploitation of Pulse Connect Secure Vulnerabilities
Original release date: April 20, 2021 CISA is aware of ongoing exploitation of Ivanti Pulse Connect Secure vulnerabilities compromising U.S. government agencies, critical infrastructure entities, and private sector organizations. In response, CISA has released Alert AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities to offer technical details regarding this activity. Ivanti has provided a mitigation and… Read more
-
AA-21-110A: Exploitation of Pulse Connect Secure Vulnerabilities
Original release date: April 20, 2021 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actor—or actors—beginning in June 2020 or earlier related vulnerabilities in certain Ivanti Pulse Connect Secure products. Since March 31, 2021, CISA… Read more
-
Oracle Releases April 2021 Critical Patch Update
Original release date: April 20, 2021 Oracle has released its Critical Patch Update for April 2021 to address 384 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Oracle April 2021 Critical Patch Update and apply… Read more
-
Vulnerability Summary for the Week of April 12, 2021
Original release date: April 19, 2021 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info dreamreport — dream_report A privilege escalation vulnerability exists in Dream Report 5 R20-2. In the default configuration, the Syncfusion Dashboard Service service binary can be replaced by attackers to escalate privileges to NT SYSTEM.… Read more
-
NSA: 5 Security Bugs Under Active Nation-State Cyberattack
Widely deployed platforms from Citrix, Fortinet, Pulse Secure, Synacor and VMware are all in the crosshairs of APT29, bent on stealing credentials and more. Read more
-
WordPress Releases Security and Maintenance Update
Original release date: April 16, 2021 WordPress versions 4.7-5.7 are affected by multiple vulnerabilities. An attacker could exploit one of these vulnerabilities to take control of an affected website. CISA encourages users and administrators to review the WordPress Security and Maintenance Release and upgrade to WordPress 5.7.1. This product is provided subject to this Notification and… Read more
-
Google Project Zero Cuts Bug Disclosure Timeline to a 30-Day Grace Period
The zero-day flaw research group has revised its disclosure of the technical details of vulnerabilities in the hopes of speeding up the release and adoption of fixes. Read more
-
Mandiant Front Lines: How to Tackle Exchange Exploits
Matt Bromiley, senior principal consultant with Mandiant, offers checklists for how small- and medium-sized businesses (SMBs) can identify and clear ProxyLogon Microsoft Exchange infections. Read more
-
Gafgyt Botnet Lifts DDoS Tricks from Mirai
The IoT-targeted malware has also added new exploits for initial compromise, for Huawei, Realtek and Dasan GPON devices. Read more
-
CISA and CNMF Analysis of SolarWinds-related Malware
Original release date: April 15, 2021 CISA and the Department of Defense (DoD) Cyber National Mission Force (CNMF) have analyzed additional SolarWinds-related malware variants—referred to as SUNSHUTTLE and SOLARFLARE. One of the analyzed files was identified as a China Chopper webshell server-side component that was observed on a network with an active SUNSHUTTLE infection. The… Read more