Aggregator
【公告】JSRC九月英雄榜单揭晓
【活动】双十一回血活动开启,单个漏洞奖励可达4万+!
CSA GCR 2024 | 百度安全DDoS防护服务荣获安全磐石奖等多项殊荣
Fog
CVE-2004-1016 | Linux Kernel 2.4.x sendmsg deadlock (EDB-685 / Nessus ID 16303)
Цукерберг в осаде: мошенники захватили 21 млн пользователей BlueSky
10 Most Impactful PAM Use Cases for Enhancing Organizational Security
Пароли в завещании: японская инициатива для упрощения жизни после смерти
Qilin
Qilin
North Korean Front Companies Impersonate U.S. IT Firms to Fund Missile Programs
N-able Strengthens Cybersecurity via $266M Adlumin Purchase
With Adlumin’s cloud-native XDR and MDR services, N-able consolidates its position as a leader in IT management. Buying the Washington D.C.-based security operations vendor for up to $266 million drives value through AI-powered threat detection and compliance solutions tailored for MSPs.
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
- CVE-2024-44308 Apple Multiple Products Code Execution Vulnerability
- CVE-2024-44309 Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability
- CVE-2024-21287 Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability
Users and administrators are also encouraged to review the Palo Alto Threat Brief: Operation Lunar Peek related to CVE-2024-0012, the Palo Alto Security Bulletin for CVE-2024-0012, and the Palo Alto Security Bulletin for CVE-2024-9474 for additional information.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
CISA Releases Seven Industrial Control Systems Advisories
CISA released seven Industrial Control Systems (ICS) advisories on November 21, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
- ICSA-24-326-01 Automated Logic WebCTRL Premium Server
- ICSA-24-326-02 OSCAT Basic Library
- ICSA-24-326-03 Schneider Electric Modicon M340, MC80, and Momentum Unity M1E
- ICSA-24-326-04 Schneider Electric Modicon M340, MC80, and Momentum Unity M1E
- ICSA-24-326-05 Schneider Electric EcoStruxure IT Gateway
- ICSA-24-326-06 Schneider Electric PowerLogic PM5300 Series
- ICSA-24-326-07 mySCADA myPRO Manager
CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.
CISA Releases Insights from Red Team Assessment of a U.S. Critical Infrastructure Sector Organization
Today, CISA released Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a U.S. Critical Infrastructure Sector Organization in coordination with the assessed organization. This cybersecurity advisory details lessons learned and key findings from an assessment, including the Red Team’s tactics, techniques, and procedures (TTPs) and associated network defense activity.
This advisory provides comprehensive technical details of the Red Team’s cyber threat activity, including their attack path to compromise a domain controller and human machine interface (HMI), which serves as a dashboard for operational technology (OT).
CISA encourages all critical infrastructure organizations, network defenders, and software manufacturers to review and implement the recommendations and practices to mitigate the threat posed by malicious cyber actors and to improve their cybersecurity posture.
For more information on the most common and impactful threats, tactics, techniques, and procedures, see CISA’s Cross-Sector Cybersecurity Performance Goals. To learn more about secure by design principles and practices, visit CISA’s Secure by Design webpage.