Known Exploited Vulnerabilities and counting....
A known exploited vulnerability (KEV) refers to a software vulnerability that is being actively exploited by cybercriminals or threat actors. When a vulnerability becomes known to be exploited in the wild, it signals that the vulnerability poses a significant and imminent risk to organizations.
Common Vulnerability and Exposure
CVEs form a database of known security vulnerabilities that are actively tracked and managed by a group of organizations, such as the U.S. National Cyber Security Alliance. CVEs are an important tool for network security management because they not only provide an inventory of existing vulnerabilities, but also provide information about how the vulnerability can be exploited and instructions on how to protect against it.
Search Known Exploits
Search for CVEs by vendor to identify known exploited vulnerabilities in your environment
CVE = Common Vulnerability and Exposure
CVE OF THE WEEK:
Palo Alto Networks
PAN-OS
Patch deadline: 10 months ago on 01/20/2025
CVE-2024-3393
Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malformed DNS packets in the DNS Security feature that, when exploited, allows an unauthenticated attacker to remotely reboot the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.
Palo Alto Networks PAN-OS Malformed DNS Packet Vulnerability
Learn more about this CVE: paloaltonetworks.com
Cyber Security News
You may have missed...
*
Inside a cyberattack: How hackers steal data
The truth about cybersecurity is that it's almost impossible to keep hackers outside of an organization, particularly as the cybercrime industry ...
Georgia Superior Court Clerks' Authority experiencing cybersecurity threat
“Due to a credible and ongoing cybersecurity threat, the Clerks' Authority activated its defensive security protocols, which include temporarily ...
Nova Scotia Power executives grilled over rising bills and security breach | CBC News
... cybersecurity breach discovered last April ... The head of Nova Scotia Power says customers will not have to pay for anything related to the ...
Middletown to resume water billing in January after cybersecurity incident - WLWT
The City of Middletown is delaying its water billing for residents until January 2026, in the aftermath of a cybersecurity incident that impacted ...
Have you thought about how AI will change cybersecurity? You should. - Atlanta Journal-Constitution
Generative AI as a cybersecurity tool cuts both ways, Atlanta-based security firms and the FBI told The Atlanta Journal-Constitution. The technology ....
Porch pirates are hacking tracking numbers to beat you home - Komando.com
Thieves are hacking into AT&T, UPS and FedEx records to watch tracking updates and pounce on packages minutes after they arrive. Many pirates ...
Here's Why Bitcoin Still Dominates As The Premier Store Of Value In Digital Assets
Unmatched Network Security Keeps Bitcoin In The Lead. Bitcoin remains the largest and most secure store of value in the crypto ecosystem, with a ...
Buterin calls privacy "basic hygiene" after SitusAMC security breach - Bit2Me News
Vitalik Buterin calls privacy an essential "hygiene" after the data leak at US banks, driving new crypto solutions in Ethereum and the financial ...
U.S. Investigated Bitcoin Miner Manufacturer Bitmain as National Security Risk: Report
The U.S. Department of Homeland Security has been investigating Chinese Bitcoin mining equipment manufacturer Bitmain as a potential threat to ...
Updated daily