CISA KEV Update – May 2024

CISA KEV Update – May 2024

CISA is seen as active this week, and it has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2014-100005 D-Link DIR-600 Router…
CISA adds CVE-2024-29988 to its KEV catalog

CISA adds CVE-2024-29988 to its KEV catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-29988 Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability These types of vulnerabilities are frequent…
CISA releases guidelines on AI Based attacks

CISA releases guidelines on AI Based attacks

The US CISA has published guidelines to protect critical infrastructure against AI-based attacks. CISA in collaboration with Sector Risk Management Agencies and regulatory agencies to conduct sector-specific assessments of AI…
CISA adds CVE-2022-38028 to KEV Catalog

CISA adds CVE-2022-38028 to KEV Catalog

Attacks by Russian threat operation APT28, also known as Fancy Bear, Strontium, and Forest Blizzard, using the GooseEgg malware to exploit the Windows print spooler flaw. The vulnerability tracked as…
U.S. CISA Warning on Sisense breach

U.S. CISA Warning on Sisense breach

The U.S. CISA had urged the customers to reset the login credentials in response to a recent data breach at Sisense, a provider of data analytics services. Sisense’s AI and…
CISA KEV UPDATE March 2024 – Part 2

CISA KEV UPDATE March 2024 – Part 2

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2023-48788 Fortinet FortiClient EMS SQL Injection Vulnerability with a CVSS score 9.3 is a critical…