Remove tag cybersecurity-and-infrastructure-security-agency
Remove Data Remove Information Security Remove Security
article thumbnail

CISA adds ownCloud and Google Chrome bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

Cybersecurity and Infrastructure Security Agency (CISA) added ownCloud and Google Chrome vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The fact that the issue was discovered by Google TAG suggests it was exploited by a nation-state actor or by a surveillance firm. x before 0.2.1

IT 107
article thumbnail

Shadowserver reported that +15K Citrix servers are likely vulnerable to attacks exploiting the flaw CVE-2023-3519

Security Affairs

Cybersecurity and Infrastructure Security Agency (CISA) this week warned of cyber attacks against Citrix NetScaler Application Delivery Controller (ADC) and Gateway devices exploiting recently discovered zero-day CVE-2023-3519. Exploits of CVE-2023-3519 on unmitigated appliances have been observed.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition

Security Affairs

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

article thumbnail

Apache Software Foundation fixes code execution flaw in Apache Struts 2

Security Affairs

The Apache Software Foundation has released a security update to address a “possible remote code execution” flaw in Struts 2 that is related to the OGNL technology. . The remote code execution flaw, tracked as CVE-2020-17530, resides in forced OGNL evaluation when evaluated on raw user input in tag attributes. to Struts 2.5.25

article thumbnail

Data management sets the next phase of zero-trust

Collibra

Nowadays zero-trust is being recognized as a principle and a best practice that can be applied to broad aspects of security, accelerated by industry’s innovations. It sets out clear visions and specific actions around the five pillars of security: identity, devices, networks, application & workloads, and data.

article thumbnail

Mar 13- Mar 19 Ukraine – Russia the silent cyber conflict

Security Affairs

This post provides a timeline of the events related to the Russia invasion of Ukraine from the cyber security perspective. Google’s TAG team revealed that China-linked APT groups are targeting Ukraine ’s government for intelligence purposes. March 15 – The German BSI agency recommends replacing Kaspersky antivirus software.

Cloud 94
article thumbnail

Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies

Security Affairs

The actors are positioning themselves as an elite cyber offensive group targeting NATO infrastructure and performing cyberespionage to steal sensitive data. The actors are positioning themselves as an elite cyber offensive group targeting NATO infrastructure and performing cyberespionage to steal sensitive data.