Vulnerability Summary for the Week of May 20, 2024

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info ASUS--ExpertWiFi  ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability. An authenticated and…

Comments Off on Vulnerability Summary for the Week of May 20, 2024

Vulnerability Summary for the Week of May 13, 2024

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info 8theme--XStore Core  Improper Privilege Management vulnerability in 8theme XStore Core allows Privilege Escalation.This issue affects XStore Core:…

Comments Off on Vulnerability Summary for the Week of May 13, 2024

Vulnerability Summary for the Week of May 6, 2024

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info academy_lms -- academy_lms Missing Authorization vulnerability in Academy LMS.This issue affects Academy LMS: from n/a through 1.9.16.…

Comments Off on Vulnerability Summary for the Week of May 6, 2024

CISA and Partners Release Advisory on Black Basta Ransomware

Today, CISA, in partnership with the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released joint…

Comments Off on CISA and Partners Release Advisory on Black Basta Ransomware

#StopRansomware: Black Basta

SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These…

Comments Off on #StopRansomware: Black Basta

ASD’s ACSC, CISA, and Partners Release Secure by Design Guidance on Choosing Secure and Verifiable Technologies

Today, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), together with CISA, the Canadian Centre for Cyber Security (CCCS), the United Kingdom’s National Cyber Security Centre (NCSC-UK), and…

Comments Off on ASD’s ACSC, CISA, and Partners Release Secure by Design Guidance on Choosing Secure and Verifiable Technologies

Vulnerability Summary for the Week of April 29, 2024

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info 8theme -- xstore Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in…

Comments Off on Vulnerability Summary for the Week of April 29, 2024