Security Affairs

MARCH 25, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds FortiClient EMS, Ivanti EPM CSA, Nice Linear eMerge E3-Series bugs to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.

Hacking 120

Hacking Cybersecurity Software Risk 120

eSecurity Planet

MARCH 19, 2024

Microsoft, as usual, led the pack in quantity for Patch Tuesday this March with fixes for nearly 59 vulnerabilities including two critical flaws. Patching teams may be busy with this anticipated work, but be sure to also address the off-schedule critical vulnerabilities that affect Fortinet, QNAP, Kubernetes, and WordPress plug-ins.

Authentication 102

Authentication VPN Software DDOS 102

eSecurity Planet

SEPTEMBER 18, 2023

Active exploits also lead to new versions of all major browsers as well as older versions of Apple products. Organizations of all sizes need to review the active exploits and announced patches and ensure that vulnerabilities in all of their high value and high risk systems are mitigated. The fix: Update all Kubernetes versions 1.28

Firewall 95

Firewall Security Defenses Risk Cybersecurity 95

NopSec

APRIL 3, 2024

March may be absolute madness for the NCAA and people in bunny suits, but it was a fairly quiet month for security research. That didn’t stop a few research teams from laying into Fortinet, as is the Easter tradition. Researchers identified two (2) critical injection vulnerabilities that impact FortiGate and FortClient EMS.

VPN 45

VPN Authentication Architecture Software 45