In July 2021, Cybersecurity and Infrastructure Security Agency (CISA), together with the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI), published an advisory notifying about the top 30 vulnerabilities that were exploited in the wild to retrieve sensitive data such as intellectual … Continue reading “Most Exploited Vulnerabilities in the Pandemic and Pre-pandemic Era”
Tag: CVE-2020-5902
Publicly-known Vulnerabilities Exploited by State-sponsored Cyber Threat Actors
In the start of Oct 2020, Cybersecurity and Infrastructure Security Agency (CISA) published an advisory notifying about vulnerabilities that were exploited in the wild to retrieve sensitive data such as intellectual property, economic, political, as well as military information. According to CISA, in the light of heightened tensions between U.S. and China, these vulnerabilities were … Continue reading “Publicly-known Vulnerabilities Exploited by State-sponsored Cyber Threat Actors”
VPN Vulnerabilities Exploited in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA), with contributions from the Federal Bureau of Investigation (FBI), has published a report detailing nefarious activities originating in Iran, targeting several U.S. agencies. Pioneer Kitten and UNC757 were named as malicious actors in the report. Using various tactics, techniques and procedures (TTPs), it was reported that the affected … Continue reading “VPN Vulnerabilities Exploited in the Wild”
F5 BIG-IP Remote Code Execution Vulnerability(CVE-2020-5902)
Overview: F5 Networks recently released updates for the critical RCE vulnerability (CVE-2020-5902) that affects its BIG-IP products. The vulnerability that has been actively exploited in the wild allows attackers to read files, execute code or take complete control over vulnerable systems having network access. The vulnerability has a CVSS score of 10. F5 Networks specializes … Continue reading “F5 BIG-IP Remote Code Execution Vulnerability(CVE-2020-5902)”