Warns – Page 2 – OWASP Jakarta

Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation

Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation Oct 24, 2024Ravie LakshmananVulnerability / Network Security Fortinet has confirmed details of a critical security flaw impacting FortiManager that has come under active exploitation in the wild. Tracked as CVE-2024-47575 (CVSS score: 9.8), the vulnerability is also known as FortiJump Read more

By adminowasp, 9 months ago

News

CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)

CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) Oct 23, 2024Ravie LakshmananVulnerability / Threat Intelligence A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday, citing evidence of active exploitation. The Read more

By adminowasp, 9 months ago

News

CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability

CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability Oct 16, 2024Ravie LakshmananVulnerability / Data Protection The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of Read more

By adminowasp, 9 months ago

News

CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance

CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance Oct 11, 2024Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that it has observed threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) module to Read more

By adminowasp, 10 months ago

News

CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches

CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches Oct 10, 2024Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Fortinet products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of Read more

By adminowasp, 10 months ago

News

Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch

Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch Oct 03, 2024Ravie LakshmananVulnerability / Endpoint Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited Vulnerabilities (KEV) catalog, based Read more

By adminowasp, 10 months ago

News

Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities

Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities Sep 26, 2024Ravie LakshmananCloud Security / Cyber Espionage An advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential harvesting, malware delivery, and command-and-control (C2). Web infrastructure and security company Cloudflare Read more

By adminowasp, 10 months ago

News

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability Sep 14, 2024Ravie LakshmananEnterprise Security / Threat Intelligence Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild. The high-severity vulnerability in question is CVE-2024-8190 (CVSS Read more

By adminowasp, 10 months ago

News

Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure

Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure Aug 10, 2024Ravie LakshmananVulnerability / Enterprise Security Microsoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicious actors. The vulnerability, tracked as CVE-2024-38200 (CVSS score: 7.5), has been Read more

By adminowasp, 12 months ago

News

Google Warns of Pixel Firmware Security Flaw Exploited as Zero-Day

Google Warns of Pixel Firmware Security Flaw Exploited as Zero-Day Google has warned that a security flaw impacting Pixel Firmware has been exploited in the wild as a zero-day. The high-severity vulnerability, tagged as CVE-2024-32896, has been described as an elevation of privilege issue in Pixel Firmware. The company did Read more

By adminowasp, 1 year ago