Cybersecurity

CISA: Cisco and CrushFTP vulnerabilities are being actively exploited

The top U.S. cybersecurity agency is ordering all federal civilian agencies to patch three high-profile vulnerabilities in the next week because they are being exploited by hackers.  On Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) added two Cisco product vulnerabilities — CVE-2024-20353 and CVE-2024-20359 — as well as one vulnerability affecting popular file transfer […]

Cybersecurity

Ivanti Disputes CISA Findings of Post-Factory Reset Hacking

Endpoint Security , Governance & Risk Management , Patch Management Gateway Maker Says Technique Won’t Succeed in Live Customer Environment Mihir Bagwe (MihirBagwe) • March 1, 2024     Ivanti disputes that hackers in a production environment can establish persistence after a factory reset. (Image: Shutterstock) Corporate VPN maker Ivanti disputed findings by the U.S. […]

Cybersecurity

Citrix warns admins to immediately patch NetScaler for actively exploited zero-days

Citrix warns admins to immediately patch NetScaler for actively exploited zero-days Pierluigi Paganini January 17, 2024 Citrix fixed two actively exploited zero-day vulnerabilities impacting Netscaler ADC and Gateway appliances. Citrix warns customers to install security updates to address two actively exploited zero-day vulnerabilities, tracked as CVE-2023-6548 and CVE-2023-6549, impacting Netscaler ADC and Gateway appliances. “Exploits […]