Cybersecurity

CISA adds Microsoft Streaming Service bug to its Known Exploited Vulnerabilities catalog

CISA adds Microsoft Streaming Service bug to its Known Exploited Vulnerabilities catalog Pierluigi Paganini March 01, 2024 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft Streaming Service vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2023-29360 (CVSS Score 8.4) Microsoft Streaming Service Untrusted pointer dereference vulnerability […]

Cybersecurity

CISA adds Google Chromium V8 Type Confusion bug to its Known Exploited Vulnerabilities catalog

CISA adds Google Chromium V8 Type Confusion bug to its Known Exploited Vulnerabilities catalog Pierluigi Paganini February 07, 2024 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium V8 Type Confusion bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Google Chromium V8 Type Confusion bug, tracked as […]

Cybersecurity

CISA adds Atlassian Confluence Data Center bug to its Known Exploited Vulnerabilities catalog – Security Affairs

CISA adds Atlassian Confluence Data Center bug to its Known Exploited Vulnerabilities catalog Pierluigi Paganini January 25, 2024 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Atlassian Confluence Data Center and Server Template Injection bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Atlassian Confluence Data Center and Server Template […]

Cybersecurity

CISA: Agencies seeing steep decrease in known exploited vulnerabilities on federal networks

A catalog of exploited vulnerabilities run by the top cybersecurity agency in the U.S. is having a significant effect on the security of federal civilian agencies, according to Congressional testimony from a senior official. The Cybersecurity and Infrastructure Security Agency (CISA) has run its Known Exploited Vulnerabilities (KEV) catalog for more than two years and […]

Cybersecurity

Faster Patching Pace Validates CISA’s KEV Catalog Initiative

The Known Exploited Vulnerabilities (KEV) Catalog maintained by the US cybersecurity agency CISA has led to significant improvements in federal agencies’ patching efforts, with more than 1,000 vulnerabilities now included in the list. Launched in November 2021, the KEV Catalog lists flaws that CISA has proof are being exploited in malicious attacks, and is accompanied […]