Most Exploited Vulnerabilities in the Pandemic and Pre-pandemic Era

In July 2021, Cybersecurity and Infrastructure Security Agency (CISA), together  with the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI), published an advisory notifying about the top 30 vulnerabilities that were exploited in the wild to retrieve sensitive data such as intellectual … Continue reading “Most Exploited Vulnerabilities in the Pandemic and Pre-pandemic Era”

Publicly-known Vulnerabilities Exploited by State-sponsored Cyber Threat Actors

In the start of Oct 2020, Cybersecurity and Infrastructure Security Agency (CISA) published an advisory  notifying about vulnerabilities that were exploited in the wild to retrieve sensitive data such as intellectual property, economic, political, as well as military information. According to CISA, in the light of heightened tensions  between U.S. and China, these vulnerabilities were … Continue reading “Publicly-known Vulnerabilities Exploited by State-sponsored Cyber Threat Actors”

VPN Vulnerabilities Exploited in the Wild

The Cybersecurity and Infrastructure Security Agency (CISA), with contributions from the Federal Bureau of Investigation (FBI), has published a report detailing nefarious activities originating in Iran, targeting several U.S. agencies. Pioneer Kitten and UNC757 were named as malicious actors in the report. Using various tactics, techniques and procedures (TTPs), it was reported that the affected … Continue reading “VPN Vulnerabilities Exploited in the Wild”

Identify and Remediate Most Exploited Vulnerabilities in last 5 years using VMDR

Summary: Amidst the global pandemic time period, DHS CISA and FBI share list of top 10 most exploited vulnerabilities on May 12,2020. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (DHS CISA) and the Federal Bureau of Investigation (FBI), urges organizations in the public and private sector to apply necessary updates in order to … Continue reading “Identify and Remediate Most Exploited Vulnerabilities in last 5 years using VMDR”

Citrix Application Delivery Controller (ADC) and Gateway Remote Code Execution Vulnerability

Recently, Citrix has announced a critical vulnerability in the Citrix Application Delivery Controller (ADC) and Citrix Gateway products. The vulnerability, tracked as CVE-2019-19781, allows an unauthenticated remote attacker to run arbitrary code on the appliances. At this moment, few details regarding the vulnerability have been released. Affected products: Citrix ADC and Citrix Gateway version 13.0 … Continue reading “Citrix Application Delivery Controller (ADC) and Gateway Remote Code Execution Vulnerability”