CVE-2019-11510

Top CVEs targeted by PRC state-sponsored cyber actors

The FBI, NSA and CISA coauthored a joint Cybersecurity Advisory detailing how People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit common, publicly known vulnerabilities used since 2020 to “actively target U.S. and allied networks.”

Top CVEs targeted by PRC state-sponsored cyber actors Read More »

PRC state-sponsored cyber actors routinely exploit these 16 network device vulnerabilities

The FBI, NSA and CISA coauthored a joint Cybersecurity Advisory detailing how People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit publicly known vulnerabilities to gain access to a broad network of compromised infrastructure.

PRC state-sponsored cyber actors routinely exploit these 16 network device vulnerabilities Read More »

The Top 15 mostly commonly exploited vulnerabilities in 2021

The Cybersecurity Advisory (CSA) published details on the top 15 vulnerabilities most routinely exploited by malicious cyber actors in 2021. Common CVEs include Log4Shell, ProxyLogon, ProxyShell, ZeroLogon and others.

The Top 15 mostly commonly exploited vulnerabilities in 2021 Read More »

Alert: Attackers exploiting Pulse Connect Secure vulnerabilities (updated)

CISA warned attackers continue to exploit Pulse Connect Secure vulnerabilities. The alert was issued after CISA confirmed malicious activity on public and private entity networks. Additional detection methods were also added on April 30.

Alert: Attackers exploiting Pulse Connect Secure vulnerabilities (updated) Read More »

APT actors exploit legacy internet-facing vulnerabilities in combination with Zerologon to target organizations

Advanced persistent threat actors (APTs) are exploiting multiple legacy vulnerabilities in combination with newer “Zerologon” to target government networks, critical infrastructure, and elections organizations.

APT actors exploit legacy internet-facing vulnerabilities in combination with Zerologon to target organizations Read More »

Chinese threat actors targeting U.S. government agencies and these 4 CVEs

Chinese Ministry of State Security (MSS)-affiliated cyber threat actors are targeting U.S. government agencies, as well as exploiting four popular vulnerabilities over the past 12 months.

Chinese threat actors targeting U.S. government agencies and these 4 CVEs Read More »

Patch these 10 most commonly exploited vulnerabilities

U.S. government cybersecurity experts are providing guidance on the “top 10” most commonly exploited vulnerabilites. The alert helps highlight the importance of patching and prioritizing vulnerabilities with known exploits.

Patch these 10 most commonly exploited vulnerabilities Read More »

Alert: Threat actors continue to exploit patched Pulse Secure VPN devices

Organizations that are running Pulse Security VPN devices may still be at risk of being exploited, even if previously patched, according to a new Department of Homeland Security (DHS) advisory. The risk is elevated if an actor previously exploited CVE-2019-11510 and stole AD credentials from the victim organization.

Alert: Threat actors continue to exploit patched Pulse Secure VPN devices Read More »