CISA – Page 3 – TheCyberThrone

CISA Adds Solarwinds CVE-2024-28986 to KEV Catalog

The U.S.CISA warned of a critical security vulnerability affecting SolarWinds Web Help Desk. This vulnerability, tracked as CVE-2024-28986 with a CVSS 9.8, has been added to CISA’s Known Exploited Vulnerabilities…

PravinKarthik August 16, 2024

CISA KEV Update Part III – July 2024

The US CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2012-4792 Microsoft Internet Explorer contains a use-after-free vulnerability that allows a remote…

PravinKarthik July 24, 2024

CISA Intrudes One of FCEB and remains Persisted for five months

The US CISA led red team exercise at one of federal agencies (unnamed) in 2023 revealed a string of security failings that exposed its most critical assets. CISA calls this…

PravinKarthik July 14, 2024

CISA KEV Update Part III – June 2024

The US CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2022-24816 GeoSolutionsGroup JAI-EXT Code Injection Vulnerability CVE-2022-2586 Linux Kernel Use-After-Free Vulnerability CVE-2020-13965 Roundcube Webmail…

PravinKarthik June 27, 2024

CISA warns on the impersonation scams

The CISA has issued a warning about a surge in impersonation scams that involving fraudsters pretending to be government employees, using their names and titles to deceive unsuspecting victims. Recently,…

PravinKarthik June 14, 2024

CISA KEV Catalog Update May 2024 – Part IV

The U.S. CISA added the following vulnerabilities to its Known Exploited Vulnerabilities catalog CVE-2024-24919 Check Point Quantum Security Gateways Information Disclosure Vulnerability CVE-2024-1086 Linux Kernel Use-After-Free Vulnerability The vulnerability CVE-2024-24919 is a Quantum Gateway information…

PravinKarthik May 31, 2024

CISA adds Flink Vulnerability to its KEV -CVE-2020-17519

The U.S. CISA added a security flaw impacting Apache Flink, an open-source, unified stream-processing and batch-processing framework, to the Known Exploited Vulnerabilities catalog, citing evidence of active exploitation. The vulnerability…

PravinKarthik May 24, 2024

CISA Adds CVE-2023-43208 to its Catalog

The US CISA has added a flaw affecting NextGen Healthcare’s Mirth Connect product to its Known Exploited Vulnerabilities catalog. Mirth Connect is a widely used cross-platform interface engine that healthcare…

PravinKarthik May 21, 2024