Cisco
Critical Cisco vulnerability CVE-2024-20419 lets unauthenticated attackers change admin passwords
"A successful exploit could allow an attacker to access the web UI or API with the privileges of the compromised user."
News
Network devices now riskier than endpoints, research claims
Study highlights devices which suffer the most vulnerabilities and warns of risks to come - including industrial robots
Cisco
Cisco ASA zero days exploited in wild: NCSC says “pull the power plug” to avoid persistence
Four months of exploitation in the wild? Deep joy...
vulnerabiities
Two zero days exploited weekly: GPU drivers, browsers targeted
macOS goes apparently untouched, says Google, despite iOS exploits that do impact the Apple operating system.
Ivanti
13,000 unpatched Ivanti appliances exposed as attacks escalate, firmware analysis shocks users.
“Security” product shipped with a 13-year-old, unsupported base OS and software libraries with 973 vulnerabilities; 111 of which have publicly known exploits available.
Fortinet
Fortinet patches MORE pre-auth RCEs, with exploits reported. Ivanti also slips out a fresh VPN fix...
"Disable SSL VPN (disable webmode is NOT a valid workaround..."
Qualys
Bugs are turning into exploits faster than ever
Vulnerabilities are turning into actively exploited flaws at a rapid pace, often within the same day. This according to research from security vendor Qualys.
cybersecurity
ownCloud users could get badly owned as exploitation starts of CVSS 10 bug, with 11,000 instances exposed
ownCloud claims 200,000 installations, 600 enterprise customers, and 200 million users with customers including the European Commission.