Known Exploited Vulnerabilities and counting....
A known exploited vulnerability (KEV) refers to a software vulnerability that is being actively exploited by cybercriminals or threat actors. When a vulnerability becomes known to be exploited in the wild, it signals that the vulnerability poses a significant and imminent risk to organizations.
Common Vulnerability and Exposure
CVEs form a database of known security vulnerabilities that are actively tracked and managed by a group of organizations, such as the U.S. National Cyber Security Alliance. CVEs are an important tool for network security management because they not only provide an inventory of existing vulnerabilities, but also provide information about how the vulnerability can be exploited and instructions on how to protect against it.
Search Known Exploits
Search for CVEs by vendor to identify known exploited vulnerabilities in your environment
CVE = Common Vulnerability and Exposure
CVE OF THE WEEK:
Palo Alto Networks
PAN-OS
Patch deadline: a year ago on 01/20/2025
CVE-2024-3393
Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malformed DNS packets in the DNS Security feature that, when exploited, allows an unauthenticated attacker to remotely reboot the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.
Palo Alto Networks PAN-OS Malformed DNS Packet Vulnerability
Learn more about this CVE: paloaltonetworks.com
Cyber Security News
You may have missed...
*
Inside a cyberattack: How hackers steal data
The truth about cybersecurity is that it's almost impossible to keep hackers outside of an organization, particularly as the cybercrime industry ...
Critical Node.js Vulnerability Can Cause Server Crashes via async_hooks Stack Overflow
js API that allows developers to track the lifecycle of asynchronous resources, such as database queries, timers, or HTTP requests. Cybersecurity. The...
Trump resubmits Sean Plankey for CISA director | Cybersecurity Dive
... Cybersecurity and Infrastructure Security Agency, setting up another showdown with the lawmakers who blocked Plankey's nomination last year.
CrowdStrike CEO says AI agents are unpredictable as company snaps up more ...
This follows last week's $740 million purchase of cybersecurity startup SGNL. The deal is slated to help users of its trademark Falcon security ...
Dark Web Forum Breached, Hackers Exposed - Security Magazine
BreachForums, a hacking crime forum on the Dark Web, faced a data breach of its own on Jan. 9. A website associated with the ShinyHunters ...
Hawaii cancer center pays ransom to hackers | Healthcare News & Analysis
Honolulu-based University of Hawaii Cancer Center paid a ransom to hackers to keep them from releasing patient data. In August, the cancer center ...
Tennessee man who allegedly hacked Supreme Court's computer system expected to plead guilty
A 24-year-old man from Springfield is expected to plead guilty in federal court on Friday to charges related to hacking the Supreme Court's ...
China bans select US and Israeli cybersecurity tools: sources - Yahoo Finance
STORY: Beijing has told Chinese companies to stop using U.S. and Israeli cybersecurity software. That's according to sources who spoke to Reuters.
Identity theft on social media – What to do when your best friend suddenly starts giving you crypto tips
The National Cyber Security Centre (NCSC) strongly recommends the following measures: Enable two-factor authentication (2FA): This is the most ...
Updated daily