cisa – Seite 4 – Wolfinisoftware.de

security

CISA flags Windows Task Host vulnerability as exploited in attacks

15.04.2026

CISA warned U.S. government agencies to secure their systems against a Windows Task Host privilege escalation vulnerability that could allow attackers to gain SYSTEM privileges. […]

Mehr lesen →

soc

CISO Conversations: Ross McKerchar, CISO at Sophos

15.04.2026

Sophos’ Ross McKerchar discusses leadership at scale, retaining talent, defending against AI-enabled threats, and the industry’s growing trust problem. The post CISO Conversations: Ross McKerchar, CISO at Sophos appeared first on SecurityWeek.

Mehr lesen →

soc

CISA Adds Two Known Exploited Vulnerabilities to Catalog

14.04.2026

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2009-0238 Microsoft Office Remote Code Execution Vulnerability CVE-2026-32201 Microsoft SharePoint Server Improper Input Validation Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding […]

Mehr lesen →

security

Angriffe auf sieben Sicherheitslücken beobachtet – eine ist 14 Jahre alt

14.04.2026

Die US-Cybersicherheitsbehörde CISA warnt vor Angriffen auf sieben Sicherheitslücken. Eine davon hat 14 Jahre auf dem Buckel.

Mehr lesen →

soc

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

13.04.2026

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2012-1854 Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability CVE-2020-9715 Adobe Acrobat Use-After-Free Vulnerability CVE-2023-21529 Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability CVE-2023-36424 Microsoft Windows Out-of-Bounds Read Vulnerability CVE-2025-60710 Microsoft Windows Link Following Vulnerability […]

Mehr lesen →

security

Analysis of one billion CISA KEV remediation records exposes limits of human-scale security

10.04.2026

Analysis of 1 billion CISA KEV remediation records reveal a breaking point for human-scale security. Qualys shows most critical flaws are exploited before defenders can patch them. […]

Mehr lesen →

security

CISA orders feds to patch exploited Ivanti EPMM flaw by Sunday

08.04.2026

CISA has given U.S. government agencies four days to secure their systems against a critical-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that has been exploited in attacks since January. […]

Mehr lesen →

soc

CISA Adds One Known Exploited Vulnerability to Catalog

08.04.2026

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-1340 Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing […]

Mehr lesen →

soc

CISA Adds One Known Exploited Vulnerability to Catalog

06.04.2026

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-35616 – Fortinet FortiClient EMS Improper Access Control Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing […]

Mehr lesen →

soc

CISA Adds One Known Exploited Vulnerability to Catalog

06.04.2026

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-25108 Soliton Systems K.K. FileZen OS Command Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing […]

Mehr lesen →

Tag: cisa