CISA KEV Update July 2023 – Part I
CISA has added several new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation during the month of July 2023. Here, the list of vulnerabilities is listed…
CISA KEV Update June 2023 – Part III
The US CISA added eight new vulnerabilities to its known exploited vulnerabilities catalog, six were now-patched security flaws that impacted Samsung mobile devices and the two others are D-Link router…
CISA releases guidelines on FCEB Devices
Researchers have discovered many devices running on government networks that expose remote management interfaces on the open Web. Earlier this month, CISA released Binding Operational Directive (BOD) 23-02, with the…
CISA and NSA Guidelines for CI/CD
The US NSA and the CISA have published a comprehensive set of guidelines aimed at defending Continuous Integration/Continuous Delivery (CI/CD) environments. The guidelines address the rising threat of malicious cyber…
CISA KEV Update Part II – June 2023
The U.S. CISA recently added six new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. VMware Aria Remote Command Execution First on the list is the critical vulnerability CVE-2023-20887. This…
CISA Publishes BMC Hardening Guidelines
The US CISA and the NSA have released joint guidance on hardening Baseboard Management Controllers (BMCs), an essential component embedded in computer hardware that facilitate remote management and control. The…
CISA KEV Update Part I – June 2023
US CISA have added a Progress MOVEit Transfer SQL injection vulnerability, tracked as CVE-2023-34362, to its Known Exploited Vulnerabilities Catalog. Threat actors are actively exploiting a zero-day vulnerability in the…
CISA KEV UPDATE Part II – May 2023
The U.S. CISA has warned of active exploitation of a medium severity flaw affecting Samsung devices. The security bug tracked as CVE-2023-21492 with a CVSS score of 4.4, impacts select…