Collaborate Disseminate
CISA warns organizations of a two-year-old Windows Print Spooler vulnerability being exploited in the wild.
The post CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation appeared first on SecurityWeek.
Continue reading CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation
Malicious hackers are targeting SAP applications at an alarming pace, according to warnings from Onapsis and Flashpoint.
The post SAP Applications Increasingly in Attacker Crosshairs, Report Shows appeared first on SecurityWeek.
Continue reading SAP Applications Increasingly in Attacker Crosshairs, Report Shows
CISA says a second SharePoint vulnerability demonstrated last year at Pwn2Own, CVE-2023-24955, has been exploited in the wild.
The post CISA: Second SharePoint Flaw Disclosed at Pwn2Own Exploited in Attacks appeared first on SecurityWeek.
Continue reading CISA: Second SharePoint Flaw Disclosed at Pwn2Own Exploited in Attacks
CISA adds Pixel Android phone (CVE-2023-21237) and Sunhillo SureLine (CVE-2021-36380) flaws to its known exploited vulnerabilities catalog.
The post CISA Warns of Pixel Phone Vulnerability Exploitation appeared first on SecurityWeek.
Continue reading CISA Warns of Pixel Phone Vulnerability Exploitation
CISA has added CVE-2020-3259, an old Cisco ASA vulnerability exploited by ransomware, to its KEV catalog.
The post CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks appeared first on SecurityWeek.
Continue reading CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks
CISA has added the Roundcube flaw tracked as CVE-2023-43770 to its known exploited vulnerabilities catalog.
The post CISA Warns of Roundcube Webmail Vulnerability Exploitation appeared first on SecurityWeek.
Continue reading CISA Warns of Roundcube Webmail Vulnerability Exploitation
In an unprecedented move, CISA is demanding that federal agencies disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure products within 48 hours.
The post CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products appeared … Continue reading CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products
Ivanti documents a brand-new zero-day and belatedly ships patches; Mandiant is reporting “broad exploitation activity.”
The post After Delays, Ivanti Patches Zero-Days and Confirms New Exploit appeared first on SecurityWeek.
Continue reading After Delays, Ivanti Patches Zero-Days and Confirms New Exploit
CISA has added a critical-severity Apache Superset flaw (CVE-2023-27524) to its Known Exploited Vulnerabilities catalog.
The post CISA Warns of Apache Superset Vulnerability Exploitation appeared first on SecurityWeek.
Continue reading CISA Warns of Apache Superset Vulnerability Exploitation
CISA has added to its Known Exploited Vulnerabilities Catalog four Qualcomm bugs, including three exploited as zero-days.
The post CISA Urges Federal Agencies to Patch Exploited Qualcomm Vulnerabilities appeared first on SecurityWeek.
Continue reading CISA Urges Federal Agencies to Patch Exploited Qualcomm Vulnerabilities