Tag: Cybersecurity Threat Advisory

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: ‘Salt Typhoon’ causing damage in North America

Cybersecurity Threat Advisory: ‘Salt Typhoon’ causing damage in North America

Salt Typhoon, a highly sophisticated Chinese hacking group, has breached significant sectors in North America and Southeast Asia. Continue reading this Cybersecurity Threat Advisory to learn more about this notorious group and how to prevent your organization to become the...

/ October 11, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New critical vulnerability in Palo Alto Expedition

Cybersecurity Threat Advisory: New critical vulnerability in Palo Alto Expedition

A vulnerability identified as CVE-2024-5910, has been disclosed by Palo Alto. With a CVSS score of 9.3, this vulnerability can lead to authentication bypass, enabling attackers to manipulate network configurations and launch further attacks. Read this Cybersecurity Threat Advisory for...

/ October 11, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Fortinet RCE vulnerability exploited

Cybersecurity Threat Advisory: Critical Fortinet RCE vulnerability exploited

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a remote code execution (RCE) vulnerability being actively exploited in Fortinet products. If you are using Fortinet, please read this Cybersecurity Threat Advisory to learn how to...

/ October 11, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New critical GitLab SAML vulnerability

Cybersecurity Threat Advisory: New critical GitLab SAML vulnerability

A new critical GitLab vulnerability within RUBY-SAML and OmniAuth-SAML libraries to bypass SAML authentication was disclosed. If you are using GitLab, read this Cybersecurity Threat Advisory to learn how to mitigate your risk. What is the threat? This vulnerability allows...

/ October 10, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Apache Avro SDK vulnerability

Cybersecurity Threat Advisory: Apache Avro SDK vulnerability

A critical security flaw in the Apache Avro Java Software Development Kit (SDK), tracked as CVE-2024-47561, poses a significant threat to systems using this data serialization framework. A successful exploitation allows an attacker to execute arbitrary code on vulnerable instances....

/ October 9, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Exploited cryptojacking campaign impacting Docker

Cybersecurity Threat Advisory: Exploited cryptojacking campaign impacting Docker

A new cryptojacking campaign exploiting the Docker Engine API has been discovered. The large-scale hacking campaign is targeting Docker Swarm, Kubernetes, and Secure Socket Shell (SSH) servers. Continue reading this Cybersecurity Threat Advisory to learn how to mitigate your risk...

/ October 3, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical RCE vulnerability in ZCS

Cybersecurity Threat Advisory: Critical RCE vulnerability in ZCS

There is a critical remote code execution (RCE) vulnerability in Zimbra Collaboration Suite (ZCS) version 9.0, tracked as CVE-2024-45519. The vulnerability allows unauthenticated attackers to remotely execute arbitrary commands by exploiting weaknesses in Zimbra’s SMTP PostJournal service. Review the details...

/ October 2, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical GitLab SAML vulnerability

Cybersecurity Threat Advisory: Critical GitLab SAML vulnerability

A vulnerability identified as CVE-2024-45409 has been found in GitLab’s Ruby-SAML library. This flaw stems from the improper validation of Security Assertion Markup Language (SAML) responses. Continue reading this Cybersecurity Threat Advisory to secure your environment. What is the threat?...

/ September 20, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: SolarWinds ARM vulnerabilities

Cybersecurity Threat Advisory: SolarWinds ARM vulnerabilities

SolarWinds has issued patches to address two vulnerabilities in its Access Rights Manager (ARM) software. Out of the two, one is a critical vulnerability that can lead to remote code execution (RCE). Review the details within this Cybersecurity Threat Advisory...

/ September 18, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Active exploitation of Ivanti CSA vulnerability

Cybersecurity Threat Advisory: Active exploitation of Ivanti CSA vulnerability

A new vulnerability known as CVE-2024-8190 is affecting Ivanti Cloud Services Appliance (CSA) and is being actively exploited. This OS command injection vulnerability allows a remote, authenticated attacker to execute arbitrary commands on the system. Review the details in this...

/ September 18, 2024