Exploitation – Page 2 – OWASP Jakarta

CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability

CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability Nov 08, 2024Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical security flaw impacting Palo Alto Networks Expedition to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active Read more

By adminowasp, 9 months ago

News

Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation

Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation Oct 24, 2024Ravie LakshmananVulnerability / Network Security Fortinet has confirmed details of a critical security flaw impacting FortiManager that has come under active exploitation in the wild. Tracked as CVE-2024-47575 (CVSS score: 9.8), the vulnerability is also known as FortiJump Read more

By adminowasp, 9 months ago

A cake made to resemble Fortigate device

News

FortiGate admins report active exploitation 0-day. Vendor isn’t talking.

FortiGate admins report active exploitation 0-day. Vendor isn’t talking. Citing the Reddit comment, Beaumont took to Mastodon to explain: “People are quite openly posting what is happening on Reddit now, threat actors are registering rogue FortiGates into FortiManager with hostnames like ‘localhost’ and using them to get RCE.” Beaumont wasn’t Read more

By adminowasp, 9 monthsOctober 23, 2024 ago

News

CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)

CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) Oct 23, 2024Ravie LakshmananVulnerability / Threat Intelligence A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday, citing evidence of active exploitation. The Read more

By adminowasp, 9 months ago

News

CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability

CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability Oct 16, 2024Ravie LakshmananVulnerability / Data Protection The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of Read more

By adminowasp, 9 months ago

News

Qualcomm urges OEMs to patch after ‘targeted’ exploitation • The Register

Qualcomm urges OEMs to patch after ‘targeted’ exploitation • The Register Qualcomm has issued 20 patches for its chipsets’ firmware, including one Digital Signal Processor (DSP) software flaw that has been exploited in the wild. That vulnerability, CVE-2024-43047, carries a CVSS 7.8-out-of-10 severity rating, and was notably reported by both Read more

By adminowasp, 10 monthsOctober 10, 2024 ago

News

Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge: International Embassies Web Malware Exploitation Serving Domain Properties

Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge: International Embassies Web Malware Exploitation Serving Domain Properties Folks, Do you remember the international embassies web malware exploitation spree using client-side exploits that took place back in 2009 with the Russian Business Network the hosting provider of choice for these Read more

By adminowasp, 10 monthsOctober 3, 2024 ago

News

CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns

CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns Sep 25, 2024Ravie LakshmananVulnerability / Cyber Attack The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting Ivanti Virtual Traffic Manager (vTM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active Read more

By adminowasp, 10 months ago

News

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability Sep 14, 2024Ravie LakshmananEnterprise Security / Threat Intelligence Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild. The high-severity vulnerability in question is CVE-2024-8190 (CVSS Read more

By adminowasp, 10 months ago

News

SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation

SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation Sep 06, 2024Ravie LakshmananNetwork Security / Threat Detection SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible. The Read more

By adminowasp, 11 months ago