Lindsay P. Stought, CSM, PMP’s Post

Security Advisory 🚨: Critical vulnerabilities (CVE-2024-9463 & CVE-2024-9465) in Palo Alto Networks Expedition are being actively exploited, allowing unauthenticated attackers to execute commands as root or access sensitive data. Immediate updates to Expedition 1.2.96 or later are essential to mitigate these risks. 👉 Learn more and secure your systems here: https://hubs.ly/Q02YyTW70

#CyberNews The US Cybersecurity and Infrastructure Agency (CISA) has initiated "Vulnrichment," a project designed to enhance the enrichment of CVE records amid slowdowns in the National Vulnerability Database (NVD) managed by NIST. This slowdown has resulted from an uptick in software vulnerabilities and shifts in interagency support, causing significant backlogs in vulnerability analyses. Vulnrichment aims to categorize and update public CVE records swiftly, leveraging a decision tree model to prioritize remediation actions based on the severity and exploitability of vulnerabilities, ensuring that stakeholders can integrate these insights into their security protocols efficiently. Read More: https://lnkd.in/ebhkzQqg #USA #CISA #Vulnerabilities

On June 25, Progress disclosed two vulnerabilities: CVE-2024-5805, a critical severity authentication bypass vulnerability affecting MOVEit Gateway (SFTP module); and CVE-2024-5806, a high-severity authentication bypass vulnerability affecting MOVEit Transfer. Learn more about these vulnerabilities, how threat actors may exploit them, and our recommendations for remediation in our latest security bulletin: https://lnkd.in/gD9urmXu #EndCyberRisk CVE-2024-5805 & CVE-2024-5806 | Arctic Wolfarcticwolf.com

CISA Adds Two Known Exploited Vulnerabilities to Catalog: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. * CVE-2024-9463 Palo Alto Networks Expedition OS Command Injection Vulnerability * CVE-2024-9465 Palo Alto Networks Expedition SQL Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. https://lnkd.in/gFAX8XD9

On June 25, Progress disclosed two vulnerabilities: CVE-2024-5805, a critical severity authentication bypass vulnerability affecting MOVEit Gateway (SFTP module); and CVE-2024-5806, a high-severity authentication bypass vulnerability affecting MOVEit Transfer. Learn more about these vulnerabilities, how threat actors may exploit them, and our recommendations for remediation in our latest security bulletin: https://lnkd.in/gD9urmXu #EndCyberRisk

CISA Adds Two Known Exploited Vulnerabilities to Catalog: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. * CVE-2024-43461 Microsoft Windows MSHTML Platform Spoofing Vulnerability * CVE-2024-6670 Progress WhatsUp Gold SQL Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. https://lnkd.in/g73YtyGp

🚨 Critical Security Advisory: CVE-2024-5910 🚨 Palo Alto Networks has disclosed a CRITICAL vulnerability (CVE-2024-5910) in its Expedition tool, allowing potential admin account takeovers due to missing authentication for a critical function. Key Details: Severity: 9.3 (CRITICAL) Attack Vector: Network Privileges Required: None Exploitation Status: Active (reported by CISA) Affected Versions: Expedition 1.2 (versions < 1.2.92) Fix: Upgrade to Expedition 1.2.92 or later Impact: This vulnerability puts sensitive configuration data such as credentials and secrets at risk. Organizations using Expedition must act immediately to secure their systems. Mitigation Steps: Update: Upgrade Expedition to version 1.2.92 or later. Restrict Access: Limit network access to Expedition to authorized users, hosts, or networks. Let’s stay vigilant and proactive to ensure our systems remain secure! For more details, refer to the CISA Known Exploited Vulnerabilities Catalog ( https://lnkd.in/gH4EYi2T ). #CyberSecurity #VulnerabilityManagement #PaloAltoNetworks #CVE2024 #InfoSec

CISA Adds One Known Exploited Vulnerability to Catalog: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. * CVE-2024-4671 Google Chromium in Visuals Use-After-Free Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. https://lnkd.in/gRs38n62

CISA Adds One Known Exploited Vulnerability to Catalog: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. * CVE-2018-0824 Microsoft COM for Windows Deserialization of Untrusted Data Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. https://lnkd.in/gEKaS639

CISA Adds One Known Exploited Vulnerability to Catalog: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. * CVE-2024-4978 Justice AV Solutions (JAVS) Viewer Installer Embedded Malicious Code Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. https://lnkd.in/gE3yibZW