News247WorldPress’ Post

New Post: #CISA and @FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate Directory #Traversal Vulnerabilities - https://lnkd.in/da36fVFW CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate Directory Traversal Vulnerabilities 05/02/2024 02:00 PM EDT Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Secure by Design Alert, Eliminating Directory Traversal Vulnerabilities in Software. This Alert was crafted in response to recent well-publicized threat actor campaigns that exploited directory traversal vulnerabilities in software (e.g., CVE-2024-1708, CVE-2024-20345) to compromise users of the software—impacting critical infrastructure sectors, including the Healthcare and Public Health Sector. Additionally, this Alert highlights the prevalence, and continued threat actor exploitation of, directory traversal defects. Currently, CISA has listed 55 directory traversal vulnerabilities in our Known Exploited Vulnerabilities (KEV) catalog. Approaches to avoid directory traversal vulnerabilities are known, yet threat actors continue to exploit these vulnerabilities which have impacted the operation of critical services, including hospital and school operations. CISA and the FBI urge software manufacturer executives to require their organizations to conduct formal testing to determine their products’ susceptibility to directory traversal vulnerabilities. For more information on recommended principles and best practices to achieve this goal, visit CISA’s Secure by Design page. To catch up on the publications in this series, visit Secure by Design Alerts. Robert Williams#News247WorldPress

New Post: #CISA and @FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate Directory #Traversal Vulnerabilities - https://lnkd.in/dAir6seU CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate Directory Traversal Vulnerabilities 05/02/2024 02:00 PM EDT Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Secure by Design Alert, Eliminating Directory Traversal Vulnerabilities in Software. This Alert was crafted in response to recent well-publicized threat actor campaigns that exploited directory traversal vulnerabilities in software (e.g., CVE-2024-1708, CVE-2024-20345) to compromise users of the software—impacting critical infrastructure sectors, including the Healthcare and Public Health Sector. Additionally, this Alert highlights the prevalence, and continued threat actor exploitation of, directory traversal defects. Currently, CISA has listed 55 directory traversal vulnerabilities in our Known Exploited Vulnerabilities (KEV) catalog. Approaches to avoid directory traversal vulnerabilities are known, yet threat actors continue to exploit these vulnerabilities which have impacted the operation of critical services, including hospital and school operations. CISA and the FBI urge software manufacturer executives to require their organizations to conduct formal testing to determine their products’ susceptibility to directory traversal vulnerabilities. For more information on recommended principles and best practices to achieve this goal, visit CISA’s Secure by Design page. To catch up on the publications in this series, visit Secure by Design Alerts. Robert Williams#News247WorldPress

"CISA and the Federal Bureau of Investigation (FBI) crafted this Alert in response to recent well-publicized threat actor campaigns that exploited directory traversal vulnerabilities in software (e.g., CVE-2024-1708, CVE-2024-20345) to compromise users of the software—impacting critical infrastructure sectors, including the Healthcare and Public Health Sector. Additionally, this Alert highlights the prevalence, and continued threat actor exploitation of, directory traversal defects. Currently, CISA has listed 55 directory traversal vulnerabilities in our Known Exploited Vulnerabilities (KEV) catalog. Approaches to avoid directory traversal vulnerabilities are known, yet threat actors continue to exploit these vulnerabilities which have impacted the operation of critical services, including hospital and school operations. For more information on recommended principles and best practices to achieve this goal, visit CISA’s Secure by Design page. To catch up on the publications in this series, visit Secure by Design Alerts." https://lnkd.in/gmpf6ZFH

CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate Directory Traversal Vulnerabilities: Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Secure by Design Alert, Eliminating Directory Traversal Vulnerabilities in Software. This Alert was crafted in response to recent well-publicized threat actor campaigns that exploited directory traversal vulnerabilities in software (e.g., CVE-2024-1708, CVE-2024-20345) to compromise users of the software—impacting critical infrastructure sectors, including the Healthcare and Public Health Sector. Additionally, this Alert highlights the prevalence, and continued threat actor exploitation of, directory traversal defects. Currently, CISA has listed 55 directory traversal vulnerabilities in our Known Exploited Vulnerabilities (KEV) catalog. Approaches to avoid directory traversal vulnerabilities are known, yet threat actors continue to exploit these vulnerabilities which have impacted the operation of critical services, including hospital and school operations. CISA and the FBI urge software manufacturer executives to require their organizations to conduct formal testing to determine their products’ susceptibility to directory traversal vulnerabilities. For more information on recommended principles and best practices to achieve this goal, visit CISA’s Secure by Design page. To catch up on the publications in this series, visit Secure by Design Alerts. https://lnkd.in/gQr5qYPG

CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate Directory Traversal Vulnerabilities Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Secure by Design Alert, Eliminating Directory Traversal Vulnerabilities in Software. This Alert was crafted in response to recent well-publicized threat actor campaigns that exploited directory traversal vulnerabilities in software (e.g., CVE-2024-1708, CVE-2024-20345) to compromise users of the software—impacting critical infrastructure sectors, including the Healthcare and Public Health Sector. Additionally, this Alert highlights the prevalence, and continued threat actor exploitation of, directory traversal defects. Currently, CISA has listed 55 directory traversal vulnerabilities in our Known Exploited Vulnerabilities (KEV) catalog. Approaches to avoid directory traversal vulnerabilities are known, yet threat actors continue to exploit these vulnerabilities which have impacted the operation of critical services, including hospital and school operations. CISA and the FBI urge software manufacturer executives to require their organizations to conduct formal testing to determine their products’ susceptibility to directory traversal vulnerabilities. For more information on recommended principles and best practices to achieve this goal, visit CISA’s Secure by Design page. To catch up on the publications in this series, visit Secure by Design Alerts. https://lnkd.in/gcNTRqj2

❗ Urgent Alert from CISA and FBI: Secure Your Software Against Directory Traversal Vulnerabilities ❗ Yesterday, CISA and the FBI jointly released a critical Secure by Design Alert, emphasizing the pressing need for manufacturers to eliminate Directory Traversal Vulnerabilities in their software. Recent high-profile cyber-attacks have underscored the grave consequences of such vulnerabilities, impacting vital sectors like Healthcare and Public Health. 🔍 Despite known preventive measures, threat actors persist in exploiting these weaknesses, with 55 directory traversal vulnerabilities already documented in CISA's Known Exploited Vulnerabilities (KEV) catalog. 🚨 CISA and FBI call upon software manufacturer executives to prioritize formal testing to assess their products' susceptibility to these vulnerabilities. Protecting critical services, such as hospitals and schools, demands proactive action. Let's fortify our software against threats and safeguard our critical infrastructure. Stay vigilant, stay secure. #Cybersecurity #SecureByDesign #CISA #FBI #DirectoryTraversal

Ivanti Connect Secure (9.x, 22.x) / Ivanti Policy Secure products. "The list of flaws is as follows : CVE-2024-21894 (CVSS score: 8.2) - A heap overflow vulnerability in the IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in order to crash the service thereby causing a DoS attack. In certain conditions, this may lead to execution of arbitrary code. CVE-2024-22052 (CVSS score: 7.5) - A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in order to crash the service thereby causing a DoS attack. CVE-2024-22053 (CVSS score: 8.2) - A heap overflow vulnerability in the IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in order to crash the service thereby causing a DoS attack or in certain conditions read contents from memory. CVE-2024-22023 (CVSS score: 5.3) - An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests in order to temporarily cause resource exhaustion thereby resulting in a limited-time DoS. "

CISA and FBI Release Secure by Design Alert on Eliminating OS Command Injection Vulnerabilities: Today, CISA and FBI are releasing their newest Secure by Design Alert in the series, Eliminating OS Command Injection Vulnerabilities, in response to recent well-publicized threat actor campaigns that exploited OS command injection defects in network edge devices (CVE-2024-20399, CVE-2024-3400, CVE-2024-21887) to target and compromise users. These vulnerabilities allowed unauthenticated malicious actors to remotely execute code on network edge devices. OS command injection vulnerabilities have long been preventable by clearly separating user input from the contents of a command. Despite this finding, OS command injection vulnerabilities—many of which result from CWE-78—are still a prevalent class of vulnerability. CISA and FBI urge CEOs and other business leaders at technology manufacturers to request their technical leaders analyze past occurrences of this class of defect and develop a plan to eliminate them in the future. For more on how to champion Secure by Design principles, visit our webpage. To join with the 150+ other companies who have signed our Secure by Design pledge, visit here. https://lnkd.in/g2rYFuf4

CVSS 9.9 Alert - Two critical vulnerabilities have been actively exploited in Palo Alto Networks Expedition. 🚨 CVE-2024-9463 (9.9) - OS command injection vulnerability 🚨 CVE-2024-9465 (9.2) - SQL injection vulnerability These flaws could allow attackers to gain unauthorized access to sensitive information and execute arbitrary commands on affected systems. Successful exploitation of these vulnerabilities could have severe consequences, including: 🔴 Data exposure of sensitive information such as passwords, API keys, and device configurations. 🔴 Attackers could gain unauthorized access to systems and execute malicious code. 🔴 Critical network services could be disrupted or compromised. CISA has issued a directive for federal agencies (FCEB) to patch affected systems by December 5th. Organizations using Palo Alto Networks Expedition should prioritize updating their software to the latest version. Mitigation Strategies: ☑️ Limit access to Expedition servers to authorized users and systems. ☑️ Change all passwords and API keys associated with Expedition. ☑️ Continuously monitor networks for signs of suspicious activity. ☑️ Apply the latest security patches to address the vulnerabilities. Organizations can significantly reduce their exploitation risks and safeguard critical infrastructure by taking these steps. 

🚨 CISA says no more to path traversal vulnerabilities... CISA and the FBI have warned software companies to address path traversal vulnerabilities in their products. 🤔 Top 4 takeaways: ▶️ These vulnerabilities allow attackers to manipulate critical files, which can lead to code execution, data access, and system outages. ▶️ Notable incidents include the exploitation of CVE-2024-1708 and CVE-2024-20345, impacting critical sectors like healthcare and leading to ransomware attacks. ▶️ Developers are urged to implement effective mitigations to prevent such security flaws, with directory traversal vulnerabilities ranking eighth in MITRE’s top 25 most dangerous software weaknesses #developers #software #vulnerability #kraven #KravenSecurity #adamgoss #cti #threatintelligence