Snatch ransomware Dissection
The U.S. FBI and the CISA released a joint cybersecurity advisory warning of the Snatch ransomware operation. Snatch first appeared in 2018 and operates on a ransomware-as-a-service model. The first…
CISA KEV Update – September 2023
CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. With this addition, the catalog numbers surpasses 1000 vulnerabilities CVE-2022-22265 Samsung Mobile Devices Use-After-Free…
CISA KEV Update August 2023 – Part III
The US CISA added a critical flaw CVE-2023-26359 with a CVSS score 9.8 affecting Adobe ColdFusion to its Known Exploited Vulnerabilities Catalog. Adobe fixed the vulnerability in March 2023. It…
CISA Releases Cyber Defense Plan for RMM
The U.S. CISA has released a plan to address systemic cybersecurity risks in remote monitoring and management software. The Remote Monitoring and Management Cyber Defense Plan was created to address…
CISA KEV Update August 2023 – Part II
US CISA has added critical flaw CVE-2023-24489 with a CVSS score 9.8 affecting Citrix ShareFile to its Known Exploited Vulnerabilities Catalog. Citrix ShareFile is a secure file sharing and storage…
US CISA Cybersecurity Strategic Plan
The US CISA has unveiled its Cybersecurity Strategic Plan for the next fiscal years 2024-2026, focusing on three main goals and several objectives. The first goals is ‘addressing immediate cyber…
CISA Advisory on Top Exploited Vulnerabilities of 2022
The CISA has published a report that was co-authored by the NSA, FBI, and the FYEY (Five Eyes) from different countries. The report provides a complete insight into CVEs that…
CISA KEV Update July 2023 – Part II
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-29298 Adobe ColdFusion Improper Access Control Vulnerability CVE-2023-38205 Adobe ColdFusion Improper Access Control Vulnerability The…