Newswires

April 28, 2024

Ukraine Targeted by Exploitation of Seven-Year-Old Microsoft Office Vulnerability
Deep Instinct Threat Lab has detected a targeted cyber operation against Ukraine that exploits a nearly seven-year-old vulnerability in Microsoft Office.
April 25, 2024

CISA Adds Cisco and CrushFTP Flaws to Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog to include significant flaws in Cisco's Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls, and CrushFTP's Virtual File System (VFS).
April 25, 2024

North Korea’s Lazarus Group Deploys New Kaolin RAT via Fake Job Lures
The Lazarus Group, a North Korean threat actor, has been discovered using a new remote access trojan (RAT) named Kaolin RAT.
April 25, 2024

Critical Vulnerability in Over 1,400 CrushFTP Servers Actively Exploited
Over 1,400 CrushFTP servers that are accessible online have been identified as being susceptible to a critical server-side template injection (SSTI) vulnerability, which is currently under active exploitation.
April 25, 2024

CISA Catalogs Microsoft Windows Print Spooler Flaw Exploited by APT28
The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. has recently incorporated the Microsoft Windows Print Spooler Privilege Escalation vulnerability, known as CVE-2022-38028, into its Known Exploited Vulnerabilities (KEV) catalog.
April 24, 2024

Government Networks Worldwide Breached by ArcaneDoor Hackers Exploiting Cisco Zero-Days
Cisco has alerted the public to the activities of a state-sponsored hacking group that has been exploiting two zero-day vulnerabilities in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls.
April 24, 2024

Urgent Call to Update: Exploited Zero-Day Vulnerability in CrushFTP Cloud Targets US Organizations
A serious security flaw has been identified in the CrushFTP server, a cloud-based file transfer system used by multiple organizations.
April 24, 2024

Google Fixes Severe Chrome Vulnerability, CVE-2024-4058
Google has announced an update to Chrome 124 that addresses four vulnerabilities, among which is a critical flaw, tagged as CVE-2024-4058.
April 23, 2024

Microsoft Retracts Solution for Outlook Bug Causing False Security Alerts
Microsoft has retracted a patch for a known issue with its Outlook email client that was causing false security warnings when users tried to open ICS calendar files after installing the December Outlook Desktop security updates.
April 23, 2024

Siemens Developing Solution for Device Impacted by Palo Alto Firewall Vulnerability
Siemens is actively working on a fix for a critical zero-day vulnerability in its Ruggedcom APE1808 devices, which are configured with Palo Alto Networks' (PAN) Virtual NGFW.

Previous 444546 Next

See VULNERA In Action

Meet with a team member to discuss your use cases and see a demo.

Schedule Now

By Solution

By Feature

I Want To…

Learn More

VULNERA vs Vulnerability Scanners

Security Assessment Buyers Guide

Resources

Resources

Blog

Threat Intelligence

I Want To…

Learn More

Top 10 Vulnerability Management Questions Answered

About

About

Partners

I Want To…

Learn More

Simplifying Vulnerability Management

Newswires

See VULNERA In Action

Quick Menu

Features

Subscribe