USDA Releases Success Story Detailing the Implementation of Phishing-Resistant Multi-Factor Authentication Today, the Cybersecurity and Infrastructure Security Agency (CISA) and...
2024 CWE Top 25 Most Dangerous Software Weaknesses The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Homeland...
CISA and Partners Release Update to BianLian Ransomware Cybersecurity Advisory Today, CISA, the Federal Bureau of Investigation (FBI), and the...
Apple Releases Security Updates for Multiple Products Apple released security updates to address vulnerabilities in multiple Apple products. A cyber...
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on November 21, 2024. These...
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on November 26, 2024. These...
CISA Releases Insights from Red Team Assessment of a U.S. Critical Infrastructure Sector Organization Today, CISA released Enhancing Cyber Resilience:...
Vulnerability Summary: CVE-2024-11620 Improper Control of Generation of Code ('Code Injection') vulnerability in Rank Math SEO allows Code Injection.This issue...
Vulnerability Summary: CVE-2024-52283 Missing sanitation of inputs allowed arbitrary users to conduct a stored XSS attack that triggers for users...
Vulnerability Summary: CVE-2024-11402 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP-speedup Block Editor Bootstrap Blocks...
Vulnerability Summary: CVE-2024-52474 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LLC «TriIncom» Express...
Vulnerability Summary: CVE-2024-49503 A Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SUSE manager...
Vulnerability Summary: CVE-2024-52496 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AbsolutePlugins...
Vulnerability Summary: CVE-2024-52495 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eniture Technology Distance...
Vulnerability Summary: CVE-2024-52490 Unrestricted Upload of File with Dangerous Type vulnerability in Pathomation allows Upload a Web Shell to a...
Vulnerability Summary: CVE-2024-52481 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Astoundify Jobify - Job...
Vulnerability Summary: CVE-2024-52475 Authentication Bypass Using an Alternate Path or Channel vulnerability in Automation Web Platform Wawp allows Authentication Bypass.This...
Ransomware Group: APT73 VICTIM NAME: wwwfpjcompy NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Ransomware Group: HUNTERS VICTIM NAME: Horsa NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Vulnerability Summary: CVE-2024-52498 Path Traversal: '.../...//' vulnerability in Softpulse Infotech SP Blog Designer allows PHP Local File Inclusion.This issue affects...
Vulnerability Summary: CVE-2024-52499 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Kardi...
Vulnerability Summary: CVE-2024-52501 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in webbytemplate...
