Category: alerts
Category Added in a WPeMatico Campaign
-
Critical Flaws in Popular ICS Platform Can Trigger RCE
Cisco Talos discovered eight vulnerabilities in the Open Automation Software, two of them critical, that pose risk for critical infrastructure networks. Read more
-
CISA and DoD Release 5G Security Evaluation Process Investigation Study
Original release date: May 26, 2022 CISA and the Department of Defense (DoD) have released their 5G Security Evaluation Process Investigation Study for federal agencies. The new features, capabilities, and services offered by fifth-generation (5G) cellular network technology can transform mission and business operations; and federal agencies will eventually be applying different 5G usage scenarios:… Read more
-
Zoom Patches ‘Zero-Click’ RCE Bug
The Google Project Zero researcher found a bug in XML parsing on the Zoom client and server. Read more
-
Verizon Report: Ransomware, Human Error Among Top Security Risks
2022’s DBIR also highlighted the far-reaching impact of supply-chain breaches and how organizations and their employees are the reasons why incidents occur. Read more
-
Vulnerability Summary for the Week of May 16, 2022
Original release date: May 24, 2022 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info There were no high vulnerabilities recorded this week. Back to top Medium Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info There were no medium vulnerabilities recorded this week.… Read more
-
CISA Adds 20 Known Exploited Vulnerabilities to Catalog
Original release date: May 24, 2022 CISA has added 20 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click… Read more
-
Mozilla Releases Security Products for Multiple Firefox Products
Original release date: May 23, 2022 Mozilla has released security updates to address vulnerabilities in Firefox 100.0.2, Firefox for Android 100.3.0, and Firefox ESR 91.9.1. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Mozilla security advisory MFSA 2022-19 and apply the necessary updates. This product… Read more
-
CISA Adds 21 Known Exploited Vulnerabilities to Catalog
Original release date: May 23, 2022 CISA has added 21 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog,… Read more
-
CISA Releases Analysis of FY21 Risk and Vulnerability Assessments
Original release date: May 19, 2022 CISA has released an analysis and infographic detailing the findings from the 112 Risk and Vulnerability Assessments (RVAs) conducted across multiple sectors in Fiscal Year 2021 (FY21). The analysis details a sample attack path comprising 11 successive tactics, or steps, a cyber threat actor could take to compromise an… Read more
-
Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover
Privilege escalation flaw discovered in the Jupiter and JupiterX Core Plugin affects more than 90,000 sites. Read more