Cuba Ransomware Alert
The US government has issued an alert about the Cuba ransomware gang that gains profits. The threat actors have hit more than 100 organizations worldwide, demanding over $145 million in…
CISA Vulnerability Management Transformation
The US. CISA released a set of documents to guide prioritization of software vulnerability remediation by agencies and other organizations. But use of the guidance is largely contingent on vendors…
CISA’s New Directives to Critical Infrastructure
The US CISA has issued a new report outlining baseline cybersecurity performance goals for all critical infrastructure sectors. The document is the result of a July 2021 security memorandum signed…
CISA Adds Linux Kernal Vulnerability to Known Exploited Catalog
The U.S. CISA adds the Linux kernel vulnerability, tracked as CVE-2021-3493, to its Known Exploited Vulnerabilities Catalog. The CVE-2021-3493 is a Linux Kernel privilege escalation vulnerability. The overlayfs stacking file system in Linux kernel does…
Vulnerabilities Used by Chinese Threat Actors – Advisory Report
A new joint advisory from US CISA, FBI, and NSA states Chinese state–sponsored threat actors continue to exploit known vulnerabilities to target US and allied networks and companies, They use…
Atlassian Bitbucket flaw added to Known Exploited Catalog
The U.S. CISA added a recently disclosed critical vulnerability in Atlassian’s Bitbucket Server and Data Center to its Known Exploited Vulnerabilities Catalog. Atlassian fixed a critical flaw in Bitbucket Server and Data Center in August…
CISA Adds ZOHO RCE to Exploited Catalog
The U.S. CISA today added a recently disclosed security flaw in Zoho ManageEngine, tracked as CVE-2022-35405 with a CVSS score 9.8, to its Known Exploited Vulnerabilities Catalog. The CVE-2022-35405 flaw is a…
Stuxnet added to CISA Catalog
The U.S. CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog and given October 6th, 2022 as a deadline Below is the list of vulnerabilities added to the…