The Cybersecurity and Infrastructure Security Agency (CISA) and the United States Coast Guard, released an Analysis Report and Infographic detailing the findings from the 143 risk and vulnerability assessments (RVAs) conducted across multiple critical infrastructure sectors in FY23.
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user.
Multiple vulnerabilities have been discovered in Ivanti products, the most severe of which could allow for remote code execution. Successful exploitation could allow for remote code execution in the context of the system. An attacker can delete data, and more, with this vulnerability.
A vulnerability in SonicWall SonicOS Management Access and SSLVPN, which could allow for unauthorized resource access and in specific conditions, causing the firewall to crash. SonicOS is SonicWall’s operating system designed for their firewalls and other security devices.
The education sector is a primary focus for threat actors, ranking among the most vulnerable sectors globally. This susceptibility stems from the vast collection of valuable data, a general deficit in cybersecurity awareness, and extensive, prevalent vulnerabilities.
Multiple vulnerabilities have been discovered in SolarWinds Web Help Desk (WHD), the most severe of which could allow for remote code execution. Successful exploitation of the most severe vulnerability could allow for remote code execution in the context of the system.
Employment scams are increasing, and scammers are devising new methods to target unsuspecting job seekers. Recently observed scams more frequently begin with a text message, initiating conversations about a potential job opportunity. The scammer claims to be a recruiter...
As students, staff, and caregivers prepare for the new school year, so do cybercriminals. Schools often have limited resources, face persistent cyber threats, and are susceptible to physical hazards. These cyber threats can disrupt essential services and potentially compromise safety.
Some CrowdStrike customers have experienced blue screen of death (BSOD) issues on Windows systems overnight due to a defect found in a single content update for Windows hosts. The issue affects customers worldwide and has cascading impacts across sectors and services.
Multiple vulnerabilities have been discovered in MOVEit products, which could allow for authentication bypass. Successful exploitation of these vulnerabilities could allow for an attacker to bypass authentication. An attacker could then view, change, or delete data.
