An Ivanti EPM SQL injection vulnerability tracked as CVE-2024-29824 has been exploited to target some of the company’s customers.
The post Ivanti EPM Vulnerability Exploited in the Wild appeared first on SecurityWeek.
Cisco Patches Critical Vulnerability in Data Center Management Product
A critical-severity vulnerability in Cisco NDFC could allow attackers to execute commands with elevated privileges.
The post Cisco Patches Critical Vulnerability in Data Center Management Product appeared first on SecurityWeek.
Court Data Exposed by Vulnerabilities in Software Used by US Government: Researcher
Several e-filing and record management systems used in various US states were affected by serious vulnerabilities exposing sensitive data.
The post Court Data Exposed by Vulnerabilities in Software Used by US Government: Researcher appeared first on SecurityWeek.
Adobe Commerce Flaw Exploited to Compromise Thousands of Sites
Over 4,000 Adobe Commerce and Magento stores unpatched against an exploited vulnerability have been compromised.
The post Adobe Commerce Flaw Exploited to Compromise Thousands of Sites appeared first on SecurityWeek.
Cybersecurity Head Says There’s No Chance a Foreign Adversary Can Change US Election Results
CISA director Jen Easterly says there is no chance a foreign adversary can change the results of the upcoming US election.
The post Cybersecurity Head Says There’s No Chance a Foreign Adversary Can Change US Election Results appeared first on SecurityWeek.
Chrome, Firefox Updates Patch High-Severity Vulnerabilities
The latest Chrome and Firefox security updates address multiple high-severity vulnerabilities affecting the popular web browsers.
The post Chrome, Firefox Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
New Vulnerabilities Expose Hundreds of Thousands of DrayTek Routers to Hacking
Forescout has identified more than a dozen new vulnerabilities in DrayTek routers, exposing hundreds of thousands of devices to attacks.
The post New Vulnerabilities Expose Hundreds of Thousands of DrayTek Routers to Hacking appeared first on SecurityWeek.
INTERPOL Arrests 8 in Major Phishing and Romance Fraud Crackdown in West Africa
INTERPOL has announced the arrest of eight individuals in Côte d’Ivoire and Nigeria as part of a crackdown on phishing scams and romance cyber fraud.
Dubbed Operation Contender 2.0, the initiative is designed to tackle cyber-enabled crimes in West Africa, the agency said.
One such threat involved a large-scale phishing scam targeting Swiss citizens that resulted in financial losses to the tune
Dubbed Operation Contender 2.0, the initiative is designed to tackle cyber-enabled crimes in West Africa, the agency said.
One such threat involved a large-scale phishing scam targeting Swiss citizens that resulted in financial losses to the tune
LockBit Ransomware and Evil Corp Leaders Arrested and Sanctioned in Joint Global Effort
A new wave of international law enforcement actions has led to four arrests and the takedown of nine servers linked to the LockBit (aka Bitwise Spider) ransomware operation, marking the latest salvo against what was once a prolific financially motivated group.
This includes the arrest of a suspected LockBit developer in France while on holiday outside of Russia, two individuals in the U.K. who
This includes the arrest of a suspected LockBit developer in France while on holiday outside of Russia, two individuals in the U.K. who
Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerability, tracked as CVE-2024-29824, carries a CVSS score of 9.6 out of a maximum of 10.0, indicating critical severity.
“An
The vulnerability, tracked as CVE-2024-29824, carries a CVSS score of 9.6 out of a maximum of 10.0, indicating critical severity.
“An