Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for CISA Alerts Fed Agen ...

 Cyber News

A missing authentication flaw in Palo Alto Networks’ Expedition tool now jeopardizes firewall configurations across sectors, with attackers actively exploiting this vulnerability in the wild. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert regarding an actively exploited   show more ...

vulnerability in Palo Alto Networks' Expedition tool. This flaw, labeled CVE-2024-5910, poses a critical threat by allowing attackers to take over administrative accounts, putting configuration secrets and credentials at risk. Expedition’s widespread usage in firewall migration and management makes the vulnerability particularly concerning for organizations relying on this tool for seamless transitions from other firewalls to Palo Alto’s PAN-OS. Also read: Palo Alto Networks Warns Customers of Actively-Exploited PAN-OS vulnerability Although Palo Alto Networks released a patch in July, exploitation is now observed, urging immediate remediation for any organization using Expedition versions below 1.2.92. The Expedition Vulnerability CVE-2024-5910 represents a missing authentication vulnerability in the Expedition tool, enabling attackers with network access to assume control of the admin account. This exploit opens a gateway to sensitive data such as configuration details, credentials, and other critical information. With a CVSSv4.0 base score of 9.3, this flaw ranks as critical, posing significant risks to both enterprise and federal environments. Only Expedition versions below 1.2.92 are susceptible, and organizations using older versions face potential exposure until they implement the recommended upgrade. Also read: Patch Now! Critical Flaw Found in Palo Alto Networks Expedition Migration Tool Technical Details of Expedition Vulnerability Vulnerability ID: CVE-2024-5910 (Missing Authentication for Critical Function) Severity Level: Critical (CVSSv4.0 Score: 9.3) Affected Versions: Expedition versions below 1.2.92 Unaffected Versions: Expedition 1.2.92 and newer Impact: Admin account takeover, unauthorized access to configuration secrets, potential firewall control Exploitation in the Wild The risk associated with CVE-2024-5910 likely escalated following the release of a proof-of-concept (PoC) exploit by security researcher Zach Hanley from Horizon3.ai in October. This PoC demonstrated how CVE-2024-5910 could be combined with another vulnerability, CVE-2024-9464—a command injection flaw—to enable remote, arbitrary command execution on vulnerable systems. By chaining these exploits, attackers gain the ability to reset admin credentials and potentially take control of PAN-OS firewall configurations. This compounded risk has heightened concerns as attackers can exploit Expedition’s missing authentication and reset vulnerabilities, offering them unauthorized access to sensitive network resources. CISA Adds CVE-2024-5910 to KEV Catalog To underscore the critical nature of this flaw, CISA on Thursday added CVE-2024-5910 to its Known Exploited Vulnerabilities (KEV) Catalog. This inclusion mandates all U.S. federal agencies to secure vulnerable Expedition servers by November 28, emphasizing the federal government’s priority to address known and actively exploited vulnerabilities. The CVE-2024-5910 vulnerability exemplifies the ongoing challenge of securing essential network management tools. This flaw, particularly due to its integration with critical firewall migration software, emphasizes the need for immediate and proactive vulnerability management. Regular patching, stringent credential rotation, and restricted network access remain essential defenses against exploits like these. With CISA closely monitoring this threat, addressing CVE-2024-5910 serves not only as regulatory compliance but as a vital security measure. Updating Expedition to the latest version and adhering to security best practices strengthens organizational resilience against similar vulnerabilities, helping prevent unauthorized access and safeguard sensitive network configurations.

image for Newpark Resources Hi ...

 Cyber News

Newpark Resources, a key supplier to the oilfield industry has disclosed that it fell victim to a ransomware attack that disrupted access to critical systems and limited the functionality of certain business applications, last week. The company, which provides drilling tools and equipment to oilfields, as well as   show more ...

other energy-related industries such as pipelines and petrochemicals, disclosed the incident in a regulatory filing with the U.S. Securities and Exchange Commission (SEC). According to Newpark, the ransomware attack was detected on October 29, 2024. The company’s statement detailed that an unauthorized third party had gained access to some of its internal information systems. In response, Newpark quickly activated its cybersecurity response plan, engaging both internal resources and external advisors to investigate and contain the incident. “Upon detection, the Company activated its cybersecurity response plan and launched an investigation internally with the support of external advisors to assess and contain the threat,” Newpark stated in the SEC filing. The incident, the Newpark Resources cyberattack, has caused disruptions across various internal systems and has limited access to key applications essential to Newpark’s operations. This includes systems for financial reporting and other corporate functions. Despite these challenges, the company reassured stakeholders that its manufacturing and field operations have remained largely operational, thanks to established downtime procedures put in place to mitigate such risks. However, the scope and impact of the attack, particularly regarding potential financial implications, are still being assessed. Understanding the Financial Impact on Newpark Resources While the attack’s full financial repercussions have yet to be determined, Newpark indicated that, based on the current assessment, it does not expect the incident to materially affect the company’s overall financial health. However, the company has committed to updating its disclosure should any significant changes arise as it continues to evaluate the extent of the attack. The statement emphasized: “Based on the Company’s current knowledge of the facts and circumstances related to this incident, the Company believes that this incident is not reasonably likely to materially impact the Company's financial condition or results of operations. Should any of the relevant facts and circumstances substantively change, the Company will make any required disclosures.” Rising Cybersecurity Threats in the Energy Sector Newpark Resources is not alone in facing ransomware threats. The oil and gas industry, which is critical to global infrastructure and the economy, has been a frequent target of ransomware attacks. The industry’s significant role in the global economy and its susceptibility to operational disruptions make it particularly attractive to cybercriminals who aim to exploit the potential for ransom payments to resume vital operations. High-profile cyber incidents in the sector over recent years highlights the widespread nature of this threat. In 2021, the Colonial Pipeline cyberattack disrupted fuel supplies across the Eastern United States, causing panic buying and fuel shortages. Similarly, other companies such as Shell, Halliburton, and Oiltanking have experienced ransomware incidents that prompted federal agencies to tighten cybersecurity regulations. These attacks have led to stronger mandates for companies in the energy sector to adopt more robust cybersecurity protocols. Global Concerns Over Cybersecurity in Energy The need for improved cybersecurity in the energy sector extends beyond North America. For instance, in September 2024, Iranian Vice President Mohammad Reza Aref expressed concern over the country’s increasing vulnerability to cyberattacks targeting fuel stations. His comments came amid discussions of fuel price hikes, which only add to the pressure on a sector already strained by cyber threats. Cyberattacks on Iran’s fuel stations have caused nationwide disruptions in fuel supply, illustrating the impact that similar incidents could have on other nations if such attacks are not effectively mitigated. At a recent ceremony for the introduction of Iran’s new Minister of Oil, Aref highlighted these breaches and called for urgent security enhancements to protect the country’s energy infrastructure. As incidents like these grow more frequent, they draw attention to the shared cybersecurity challenges faced by oil-producing nations globally. Strengthening Cybersecurity for Energy Infrastructure The U.S. government, along with other global authorities, has made significant strides in establishing tighter cybersecurity measures for the energy sector. This includes mandating critical infrastructure companies to adhere to stricter cybersecurity standards, increasing threat monitoring, and encouraging information-sharing between the government and private sector to better identify and prevent potential threats. Companies within the sector are now more likely than ever to implement strong cyber defenses and prepare for the possibility of attacks, as the regulatory landscape continues to evolve. As for Newpark Resources, the company’s swift response to the ransomware attack demonstrates the value of having a prepared cybersecurity response plan in place. By quickly activating its incident response plan, Newpark was able to limit the attack’s impact on its core operations and continue its manufacturing and field work with minimal disruption.

image for Building a Resilient ...

 Cyber Essentials

This November, the Cybersecurity and Infrastructure Security Agency (CISA) kicks off Critical Infrastructure Security and Resilience (CISR) Month, emphasizing the need for a resilient approach to securing essential national infrastructure. Under the ongoing theme "Resolve to be Resilient," CISA CISR Month aims   show more ...

to raise awareness about protecting the critical infrastructure that forms the backbone of daily life in America. Critical infrastructure spans a vast network of systems and assets that are crucial to the nation's safety, economy, and quality of life. It includes services we depend on daily, from the power grid and water supply to transportation, healthcare, and financial systems. The security and resilience of this infrastructure are critical, as disruptions—whether from natural disasters, cyberattacks, or other incidents—can have far-reaching consequences. “Building resilience into our planning is essential throughout the year,” stated Dr. David Mussington, CISA’s Executive Assistant Director for Infrastructure Security. He emphasized that protecting critical infrastructure is not solely a government responsibility. Instead, it requires a "whole-of-community" approach, with engagement from all levels of government, infrastructure owners and operators, and the public. This shared responsibility aims to ensure that, when disruptions do occur, communities are better prepared to respond, recover, and minimize impacts. CISR Month: Key Strategies for Critical Infrastructure This month, CISA is focusing on practical strategies that infrastructure organizations can implement to strengthen security and resilience. These strategies provide a framework for organizations to anticipate, prepare for, and recover from disruptions with minimal downtime. Here are four core practices being highlighted: Know Your Infrastructure and Dependencies Organizations need to identify their most essential systems and assets, along with any dependencies on other infrastructure that could impact their operations. By understanding these dependencies, organizations can better anticipate potential vulnerabilities and ensure continuity. Assess Your Risks A comprehensive risk assessment should consider the full range of threats, from natural hazards to cyber and physical attacks. Identifying these risks helps organizations understand where they may be vulnerable and what consequences disruptions might bring. Make Actionable Plans Planning is essential for resilience. Organizations should develop both a risk management plan to mitigate identified vulnerabilities and an incident response and recovery plan to restore operations quickly after a disruption. Measure Progress to Continuously Improve Resilience is a continuous journey. Organizations are encouraged to regularly test and refine their incident response plans under realistic conditions. By learning from exercises and past incidents, organizations can foster a culture of continuous improvement, strengthening their ability to adapt to changing risks. These practices support an organization’s capacity to not only respond to disruptions but also recover in a way that builds back stronger. As highlighted by Dr. Mussington, "It’s about being proactive, not just reactive." With resilience at the forefront, CISA encourages organizations to take steps today that will better prepare them for tomorrow. Why Resilience Matters CISA’s focus on resilience aligns with its mission to ensure that critical infrastructure remains reliable and secure, even amid unexpected disruptions. Strengthening resilience isn’t just about minimizing downtime; it’s also about protecting lives, jobs, and essential services that communities rely on. It reduces the economic impact of incidents, keeps people connected, and fosters innovative approaches to reducing risks. CISA’s Executive Assistant Director, Dr. Mussington, calls on organizations and communities alike to see resilience as a long-term commitment. “Resilience means doing the work upfront to prepare for disruptions, anticipating that they will happen,” he said. By taking a proactive stance, critical infrastructure can better withstand and recover from incidents, maintaining vital services that are central to Americans’ daily lives. CISA is inviting everyone to participate in CISR Month by exploring its Critical Infrastructure Security and Resilience webpage, which offers resources such as toolkits and social media graphics. The agency also encourages people to join the conversation on social media using the hashtag #BeResilient. This collective effort helps spread the message about the importance of resilience and provides practical steps for individuals and organizations to get involved. Critical infrastructure resilience isn’t just a goal for the month of November—it’s an ongoing commitment. By working together, government agencies, private organizations, and individuals can strengthen the security of the systems that keep our nation running smoothly.

image for Canada Cites Securit ...

 Cyber News

The Canadian government has ordered TikTok Technology Canada, Inc., the Canadian arm of TikTok’s parent company ByteDance Ltd., to wind up operations in Canada. This order follows an extensive national security review conducted under the Investment Canada Act. This decision comes as countries worldwide, including   show more ...

Australia, the UK, and the US, are increasing scrutiny on social media platforms for concerns ranging from data privacy and national security to children’s safety. Canada’s Action: A Targeted Decision On announcing the decision, François-Philippe Champagne, Canada’s Minister of Innovation, Science, and Industry, clarified that while TikTok Technology Canada, Inc. must wind up its Canadian business, this order does not prohibit Canadians from using the TikTok app or creating content on it. The government is not restricting access to TikTok but is focusing on ByteDance’s operations and the risks associated with foreign control over data. Minister Champagne explained, “The government is taking action to address specific national security risks related to ByteDance Ltd.’s operations in Canada. This decision was made based on a multi-step review process that involved Canada’s national security and intelligence community, as well as advice from other government partners.” The national security review, conducted under the Investment Canada Act, aims to protect Canadian interests from potential threats linked to foreign investments in sectors that may impact national security. Given TikTok’s popularity and the large amount of user data it collects, concerns about foreign access to personal information have grown in Canada and other countries. What This Means for Canadians Although the government’s order impacts TikTok’s Canadian business operations, Canadians’ access to the platform remains unchanged. Minister Champagne emphasized that using TikTok is a personal choice, but he urged Canadians to exercise caution. Canadians are encouraged to adopt good cybersecurity practices, understand how their data is managed, and assess potential risks from foreign entities. To help Canadians stay informed, Champagne recommended consulting resources from the Canadian Centre for Cyber Security. While Canada remains open to foreign investments, the government is prepared to take action when such investments pose a potential threat to national security. As Champagne stated, “Canada continues to welcome foreign direct investment, but we will act decisively when investments threaten our national security.” A Broader Trend: Countries Increasing Scrutiny on Social Media Platforms Canada’s move aligns with a global trend of countries tightening regulations on social media platforms, particularly regarding data privacy and child protection. Social media platforms are under increased scrutiny, as governments seek to protect citizens from various risks linked to these platforms. Australia: Recently, Australia announced plans to introduce legislation banning social media access for children under 16. Prime Minister Anthony Albanese shared that the government’s primary objective is to reduce the harmful impact of excessive social media usage on children. This law, expected to take effect by late 2025, would make Australia one of the first countries to implement such a strict age restriction, setting a precedent for others grappling with similar concerns. United Kingdom: In August 2024, the UK’s Information Commissioner’s Office (ICO) called on 11 social media and video-sharing platforms to enhance their child privacy protections. Following a review of 34 platforms, British regulators found significant lapses in safeguarding young users’ privacy. The ICO is pressing companies to enforce stricter privacy settings, geolocation restrictions, and age verification measures to better protect minors. In response to these lapses, the ICO has also issued fines, such as the £12.7 million fine imposed on TikTok last year for allowing underage users without parental consent. United States: The US has also shown strong resolve in holding social media companies accountable for data protection issues involving children. Meta, the parent company of Facebook and Instagram, recently faced accusations of misleading parents about its data privacy practices. The company denies these claims, calling the accusations a “political stunt,” but the legal pressure reflects the growing concerns about children’s data protection in the US. Why Are Countries Increasing Restrictions on Social Media? As social media platforms grow in influence and data collection capabilities, nations are becoming more cautious about the risks these platforms pose. There are several reasons behind the global push for stricter social media regulation: Data Privacy Concerns: Social media platforms, particularly those owned by foreign companies, collect vast amounts of personal information. Governments are increasingly worried about where and how this data is stored, who has access to it, and how it could be used in ways that undermine national security. Children’s Safety and Privacy: With minors frequently accessing social media, concerns about their safety and privacy have escalated. Unrestricted access can expose young users to inappropriate content, cyberbullying, and even exploitation. Governments are stepping up efforts to enforce stricter privacy controls to protect minors. Foreign Influence and National Security: Platforms like TikTok, owned by companies in countries with potentially conflicting interests, raise concerns over national security. With fears that foreign governments could access personal data or influence content, countries are wary of the platform’s reach and potential interference. Misinformation and Psychological Impact: The rapid spread of misinformation, compounded by algorithms that often prioritize sensational or polarizing content, is affecting users’ mental health and contributing to social division. Policymakers are increasingly concerned about the impact of such content, especially on younger, more impressionable audiences. Cross-Border Legal Complexities: Many social media companies are headquartered in one country while operating globally, complicating enforcement of local regulations. Countries are finding it challenging to enforce their laws when companies operate across borders, hence the need for more direct action. The Road Ahead The decision to wind up TikTok Technology Canada, Inc. highlights Canada’s cautious approach to foreign investments in sensitive sectors. As Canada joins other countries in tightening social media regulations, it reflects a growing movement to address the impact of these platforms on national security and public well-being. While Canada has not banned TikTok outright, this decision shows a commitment to protecting sensitive information and ensuring foreign investments align with national interests. As countries like Australia and the UK push forward with new restrictions, it will be worth watching how global social media platforms adapt to the changing regulatory environment.

image for Kaspersky uncovers a ...

 Privacy

Battle City, colloquially known as that tank game, is a symbol of a bygone era. Some 30 years ago, gamers would pop a cartridge into their console, settle in front of a bulky TV, and obliterate waves of enemy tanks until the screen gave out. Today, the worlds a different place, but tank games remain popular. Modern   show more ...

iterations offer gamers not just the thrill of gameplay but also the chance to earn NFTs. Cybercriminals too have something to offer: a sophisticated attack targeting crypto-gaming enthusiasts. Backdoor and zero-day exploit in Google Chrome This story begins in February 2024, when our security solution detected the Manuscrypt backdoor on a users computer in Russia. Were very familiar with this backdoor; various versions of it have been used by the Lazarus APT group since at least 2013. So, given we already know the main tool and methods used by the attackers — whats so special about this particular incident? The thing is that these hackers typically target large organizations like banks, IT companies, universities, and even government agencies. But this time, Lazarus hit an individual user, planting a backdoor on a personal computer! The cybercriminals lured the victim to a game site and thereby gained complete access to their system. Three things made this possible: The victims irresistible desire to play their favorite tank game in a new format A zero-day vulnerability in Google Chrome An exploit that allowed remote code execution in the Google Chrome process Before you start to worry, relax: Google has since released a browser update, blocked the tank games website, and thanked the Kaspersky security researchers. But just in case, our products detect both the Manuscrypt backdoor and the exploit. Weve delved into the details of this story on the Securelist blog. Fake accounts At the start of the investigation, we thought the group had gone to extraordinary lengths this time: Did they actually create an entire game just for a scam? But we soon worked out what theyd really done. The cybercriminals based their game — DeTankZone — on the existing game DeFiTankLand. They really went all out, stealing the source code of DeFiTankLand and creating fake social media accounts for their counterfeit. Around the same time, in March 2024, the price of the DefitankLand (sic) cryptocurrency plummeted — the developers of the original game announced that their cold wallet had been hacked, and someone had stolen $20,000. The identity of this someone remains a mystery. The developers believe it was an insider, but we suspect that the ever-present tentacles of Lazarus are involved. Differences between the fake and the original are minimal The cybercriminals orchestrated a full-blown promotion campaign for their game: they boosted follower counts on X (formerly Twitter), sent collaboration offers to hundreds of cryptocurrency influencers (also potential victims), created premium LinkedIn accounts, and organized waves of phishing emails. As a result, the fake game got even more traction than the original (6000 followers on X, versus 5000 for the original games account). Social media content created by AI with the help of graphic designers How we played tanks Now for the most fun part… The malicious site that Lazarus lured their victims to offered a chance, not only to try out a zero-day browser exploit, but also to play a beta version of the game. Now, here at Kaspersky, we respect the classics, so we couldnt resist having a go on this promising new version. We downloaded an archive that seemed completely legitimate: 400MB in size, correct file structure, logos, UI elements, and 3D model textures. Boot her up! The DeTankZone start menu greeted us with a prompt to enter an email address and password. We first tried logging in using common passwords like 12345 and password but that doesnt work. Fine, then, we think. Well just register a new account. Again, no luck — the system wouldnt let us play. The start menu inspires confidence with a seemingly legitimate login form So why were there 3D model textures and other files in the game archive? Could they really have been other components of the malware? Actually, it wasnt that bad. We reverse-engineered the code and discovered elements responsible for the connection to the game server — which, for this fake version, was non-functional. So, in theory, the game was still playable. A bit of time spent, a little programming, and voilà — we replace the hackers server with our own, and the red tank Boris enters the arena. The game reminded us of shareware games from 20 years ago — which made all the effort worthwhile Lessons from this attack The key takeaway here is that even seemingly harmless web links can end up with your entire computer being hijacked. Cybercriminals are constantly refining their tactics and methods. Lazarus is already using generative AI with some success, meaning we can expect even more sophisticated attacks involving it in the future. Security solutions are also evolving with effective integration of AI — learn more here and here. All ordinary internet users have to do is make sure their devices are protected, and stay informed about the latest scams. Fortunately, the Kaspersky Daily blog makes this easy — subscribe to stay updated…

 Feed

Debian Linux Security Advisory 5804-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine. An anonymous researcher, Q1IQ (@q1iqF) and P1umer discovered that processing maliciously crafted web content may lead to an unexpected process crash. Narendra Bhati discovered that processing maliciously crafted web content may prevent Content Security Policy from being enforced.

 Feed

Ubuntu Security Notice 6882-2 - USN-6882-1 fixed vulnerabilities in Cinder. The update caused a regression in certain environments due to incorrect privilege handling. This update fixes the problem. Martin Kaesberger discovered that Cinder incorrectly handled QCOW2 image processing. An authenticated user could use this issue to access arbitrary files on the server, possibly exposing sensitive information.

 Feed

Red Hat Security Advisory 2024-9019-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include cross site scripting, denial of service, spoofing, and use-after-free vulnerabilities.

 Feed

Red Hat Security Advisory 2024-9018-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include cross site scripting, denial of service, spoofing, and use-after-free vulnerabilities.

 Feed

Red Hat Security Advisory 2024-9017-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include cross site scripting, denial of service, spoofing, and use-after-free vulnerabilities.

 Feed

Red Hat Security Advisory 2024-9016-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include cross site scripting, denial of service, spoofing, and use-after-free vulnerabilities.

 Feed

Red Hat Security Advisory 2024-9015-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include cross site scripting, denial of service, spoofing, and use-after-free vulnerabilities.

 Feed

Let’s face it—traditional security training can feel as thrilling as reading the fine print on a software update. It’s routine, predictable, and, let’s be honest, often forgotten the moment it's over. Now, imagine cybersecurity training that’s as unforgettable as your favorite show. Remember how   show more ...

"Hamilton" made history come alive, or how "The Office" taught us CPR (Staying Alive beat, anyone?)?

 Feed

The threat actors behind the AndroxGh0st malware are now exploiting a broader set of security flaws impacting various internet-facing applications, while also deploying the Mozi botnet malware. "This botnet utilizes remote code execution and credential-stealing methods to maintain persistent access, leveraging unpatched vulnerabilities to infiltrate critical infrastructures," CloudSEK said in a

 Feed

High-profile entities in India have become the target of malicious campaigns orchestrated by the Pakistan-based Transparent Tribe threat actor and a previously unknown China-nexus cyber espionage group dubbed IcePeony. The intrusions linked to Transparent Tribe involve the use of a malware called ElizaRAT and a new stealer payload dubbed ApoloStealer on specific victims of interest, Check Point

 Feed

We’ve all heard a million times: growing demand for robust cybersecurity in the face of rising cyber threats is undeniable. Globally small and medium-sized businesses (SMBs) are increasingly targeted by cyberattacks but often lack the resources for full-time Chief Information Security Officers (CISOs). This gap is driving the rise of the virtual CISO (vCISO) model, offering a cost-effective

 Feed

A new campaign has targeted the npm package repository with malicious JavaScript libraries that are designed to infect Roblox users with open-source stealer malware such as Skuld and Blank-Grabber. "This incident highlights the alarming ease with which threat actors can launch supply chain attacks by exploiting trust and human error within the open source ecosystem, and using readily available

 Feed

Cybersecurity researchers have flagged a new malware campaign that infects Windows systems with a Linux virtual instance containing a backdoor capable of establishing remote access to the compromised hosts. The "intriguing" campaign, codenamed CRON#TRAP, starts with a malicious Windows shortcut (LNK) file likely distributed in the form of a ZIP archive via a phishing email. "What makes the CRON#

 Feed

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical security flaw impacting Palo Alto Networks Expedition to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-5910 (CVSS score: 9.3), concerns a case of missing authentication in the Expedition migration tool that

2024-11
Aggregator history
Friday, November 08
FRI
SAT
SUN
MON
TUE
WED
THU
NovemberDecemberJanuary