The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three new flaws in its Known Exploited Vulnerabilities (KEV) catalog, including a critical OS command injection impacting Progress Kemp LoadMaster. The flaw,… Source link
Broadcom appears to be playing catchup regarding a recent update for critical vulnerabilities in VMware vCenter Server. These vulnerabilities, which enable remote code execution and privilege escalation, were supposedly… Article Source https://www.techzine.eu/news/security/126360/previously-patched-vcenter-vulnerabilities-actively-exploited/
A recently discovered vulnerability in Citrix Virtual Apps and Desktops is being actively exploited in the wild. The flaw, which allows for unauthenticated remote code execution (RCE), poses a significant threat to… Article Source https://cybersecuritynews.com/citrix-virtual-apps-desktops-flaw-exploit/
Zero-days comprised the majority of the most routinely exploited vulnerabilities last year, an increase from 2022 which allowed cybercriminals to attack higher-priority targets, Five Eyes cyber… Article Source https://www.cybersecuritydive.com/news/security-vendors-zero-days-top-cve-exploits/732814/
Citrix, Cisco, Fortinet Zero-Days Among 2023s Most Exploited Vulnerabilities SecurityWeek Article Source https://www.securityweek.com/citrix-cisco-fortinet-zero-days-among-2023s-most-exploited-vulnerabilities/
Google Patches Two Android Vulnerabilities Exploited in Targeted Attacks SecurityWeek Article Source https://www.securityweek.com/google-patches-two-android-vulnerabilities-exploited-in-targeted-attacks/
Nov 05, 2024Ravie LakshmananMobile Security / Vulnerability Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-43093, has… Article Source https://thehackernews.com/2024/11/google-warns-of-actively-exploited-cve.html
Dive Brief: A vulnerability that can lead to denial of service in the remote access VPN service of Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense is facing active… Article Source https://www.cybersecuritydive.com/news/cisco-exploited-cve-vpn/731216/
U.S. CISA adds Cisco ASA and FTD, and RoundCube Webmail bugs to its Known Exploited Vulnerabilities catalog Pierluigi Paganini October 25, 2024 U.S. Cybersecurity and… Article Source https://securityaffairs.com/170231/security/u-s-cisa-adds-cisco-asa-and-ftd-and-roundcube-webmail-bugs-to-its-known-exploited-vulnerabilities-catalog.html
Cisco issued updates to fix a medium-severity flaw in its Adaptive Security Appliance’s and Firepower Threat Defense Software’s Remote Access VPN service, tracked as CVE-2024-20481, which has already been leveraged in ongoing attacks, according… Article Source https://www.channele2e.com/brief/cisco-addresses-exploited-asa-ftd-vulnerability