2024 – Page 15 – CYNET-CSIRT

Fortinet Releases Security Advisories for FortiOS

Fortinet released security updates to address critical remote code execution vulnerabilities in FortiOS (CVE-2024-21762, CVE-2024-23313). A cyber threat actor could exploit these vulnerabilities to take control of an affected system.…

Comments Off

February 10, 2024

Current Activity

Cisco Releases Security Advisory for Vulnerabilities in Cisco Expressway Series

Cisco released a security advisory to address vulnerabilities affecting Cisco Expressway Series. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA…

Comments Off

February 9, 2024

Current Activity

VMware Releases Security Advisory for Aria Operations for Networks

VMware released a security advisory to address multiple vulnerabilities in Aria Operations for Networks. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected…

Comments Off

February 8, 2024

Analysis Reports

MAR-10448362-1.v1 Volt Typhoon

Notification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein.…

Comments Off

February 8, 2024

Current Activity

CISA and Partners Release Advisory on PRC-sponsored Volt Typhoon Activity and Supplemental Living Off the Land Guidance

Today, CISA, the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S.…

Comments Off

February 8, 2024

Alerts

PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure

SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state-sponsored cyber actors are seeking…

Comments Off

February 8, 2024

Bulletins

Vulnerability Summary for the Week of January 29, 2024

High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info 60indexpage_project -- 60indexpage A vulnerability classified as critical has been found in 60IndexPage up to…

Comments Off

February 6, 2024

Current Activity

Juniper Networks Releases Security Bulletin for Juniper Secure Analytics

Juniper Networks released a security bulletin to address multiple vulnerabilities affecting Juniper Secure Analytics optional applications. A cyber threat actor could exploit one of these vulnerabilities to take control of…

Comments Off

February 3, 2024

Current Activity

Moby and Open Container Initiative Release Critical Updates for Multiple Vulnerabilities Affecting Docker-related Components

Moby and the Open Container Initiative (OCI) have released updates for multiple vulnerabilities (CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-21626) affecting Docker-related components, including Moby BuildKit and OCI runc. A cyber threat actor…

Comments Off

February 2, 2024

Current Activity

CISA and FBI Release Secure by Design Alert Urging Manufacturers to Eliminate Defects in SOHO Routers

Today, CISA and the Federal Bureau of Investigation (FBI) published guidance on Security Design Improvements for SOHO Device Manufacturers as a part of the new Secure by Design (SbD) Alert…

Comments Off

February 1, 2024