CISA

CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability

Feb 28, 2023 by iHash Leave a Comment

Feb 28, 2023Ravie LakshmananSoftware Security / Cyber Attack The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity flaw affecting the ZK Framework to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation. Tracked as CVE-2022-36537 (CVSS score: 7.5), the issue impacts ZK Framework versions 9.6.1, … [Read more...] about CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability

New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool

Feb 11, 2023 by iHash Leave a Comment

Feb 11, 2023Ravie LakshmananRansomware / Endpoint Security After the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a decryptor for affected victims to recover from ESXiArgs ransomware attacks, the threat actors have bounced back with an updated version that encrypts more data. The emergence of the new variant was reported by a system administrator on … [Read more...] about New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool

CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws

Feb 11, 2023 by iHash Leave a Comment

Feb 11, 2023Ravie LakshmananThreat Response / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active abuse in the wild. Included among the three is CVE-2022-24990, a bug affecting TerraMaster network-attached storage (TNAS) devices that could … [Read more...] about CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws

CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems

Jan 18, 2023 by iHash Leave a Comment

Jan 18, 2023Ravie LakshmananICS/SCADA Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published four Industrial Control Systems (ICS) advisories, calling out several security flaws affecting products from Siemens, GE Digital, and Contec. The most critical of the issues have been identified in Siemens SINEC INS that could lead to remote code … [Read more...] about CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems

CISA Warns of Active exploitation of JasperReports Vulnerabilities

Dec 30, 2022 by iHash Leave a Comment

Dec 30, 2022Ravie LakshmananPatch Management The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two-years-old security flaws impacting TIBCO Software's JasperReports product to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The flaws, tracked as CVE-2018-5430 (CVSS score: 7.7) and CVE-2018-18809 (CVSS score: … [Read more...] about CISA Warns of Active exploitation of JasperReports Vulnerabilities

CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability

Nov 29, 2022 by iHash Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical flaw impacting Oracle Fusion Middleware to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2021-35587, carries a CVSS score of 9.8 and impacts Oracle Access Manager (OAM) versions 11.1.2.3.0, 12.2.1.3.0, and … [Read more...] about CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability

CISA Warns of Hackers Exploiting Critical Atlassian Bitbucket Server Vulnerability

Oct 1, 2022 by iHash Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed critical flaw impacting Atlassian's Bitbucket Server and Data Center to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2022-36804, the issue relates to a command injection vulnerability that could allow malicious actors … [Read more...] about CISA Warns of Hackers Exploiting Critical Atlassian Bitbucket Server Vulnerability

CISA Alerts on Actively Exploited Flaws in Zabbix Network Monitoring Platform

Feb 24, 2022 by iHash Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of two security flaws impacting Zabbix open-source enterprise monitoring platform, adding them to its Known Exploited Vulnerabilities Catalog. On top of that, CISA is also recommending that Federal Civilian Executive Branch (FCEB) agencies patch all systems against the … [Read more...] about CISA Alerts on Actively Exploited Flaws in Zabbix Network Monitoring Platform

CISA, FBI, NSA Issue Advisory on Severe Increase in Ransomware Attacks

Feb 12, 2022 by iHash Leave a Comment

Cybersecurity authorities from Australia, the U.K., and the U.S. have published a joint advisory warning of an increase in sophisticated, high-impact ransomware attacks targeting critical infrastructure organizations across the world in 2021. The incidents singled out a broad range of sectors, including defense, emergency services, agriculture, government facilities, IT, … [Read more...] about CISA, FBI, NSA Issue Advisory on Severe Increase in Ransomware Attacks

CISA, FBI and NSA Publish Joint Advisory and Scanner for Log4j Vulnerabilities

Dec 29, 2021 by iHash Leave a Comment

Cybersecurity agencies from Australia, Canada, New Zealand, the U.K., and the U.S. on Wednesday released a joint advisory in response to widespread exploitation of multiple vulnerabilities in Apache's Log4j software library by nefarious adversaries. "These vulnerabilities, especially Log4Shell, are severe," the intelligence agencies said in the new guidance. "Sophisticated … [Read more...] about CISA, FBI and NSA Publish Joint Advisory and Scanner for Log4j Vulnerabilities

The Mental Health & Self-Improvement Bundle for $19

Lenovo ThinkCentre M900 Tiny Core i5-6500T 16GB 256GB SSD Wi-Fi Windows 10 Pro (Grade A Refurbished) for $199

Apple iPad Pro 9.7" 32GB , Silver (Wi-Fi Only) [A1673] Bundle – Updates to IOS 16 for $199

Microsoft Surface Pro 5, 12.3" 4GB RAM 128GB SSD Windows 10 (Refurbished) for $280

Microsoft Surface Pro 6, 12.3" 8GB RAM Windows 10 (Refurbished) for $549