CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-34102 Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability CVE-2024-28995 SolarWinds Serv-U
Continue ReadingCategory: Dynamic Threat Feeds
AI-Powered Learning: Your NIST NICE Prompt Library (Built with Google Gemini)
Written by: Jake Liefer In the ever-evolving landscape of cybersecurity, staying ahead of threats demands continuous learning and skill development. The NIST NICE framework provides a roadmap, but mastering its extensive tasks, knowledge, and skills
Continue ReadingISC Stormcast For Wednesday, July 17th, 2024 https://isc.sans.edu/podcastdetail/9056, (Wed, Jul 17th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingWho You Gonna Call? AndroxGh0st Busters! [Guest Diary], (Tue, Jul 16th)
[This is a Guest Diary by Michael Gallant, an ISC intern as part of the SANS.edu BACS program]
Continue ReadingTAG-100 Uses Open-Source Tools in Suspected Global Espionage Campaign, Compromising Two Asia-Pacific Intergovernmental Bodies
SummaryRecorded Futures Insikt Group identified a suspected cyber-espionage campaign by TAG-100, targeting global government and private sector organizations. TAG-100 exploited internet-facing devices and used open-source tools like the Go backdoor Pantegana. The campaign compromised two Asia-Pacific
Continue ReadingCISA Releases One Industrial Control Systems Advisory
CISA released one Industrial Control Systems (ICS) advisory on July 16, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-198-01 Rockwell Automation Pavilion 8 CISA encourages users and administrators
Continue ReadingRockwell Automation Pavilion 8
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Pavilion 8 Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow
Continue Reading“Reply-chain phishing” with a twist, (Tue, Jul 16th)
Few weeks ago, I was asked by a customer to take a look at a phishing message which contained a link that one of their employees clicked on. The concern was whether the linked-to site was
Continue ReadingISC Stormcast For Tuesday, July 16th, 2024 https://isc.sans.edu/podcastdetail/9054, (Tue, Jul 16th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingCISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-36401 OSGeo GeoServer GeoTools Eval Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors
Continue Reading