Oct 1, 2019 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of a working exploit for a vulnerability that exists in the Pulse Connect Secure Virtual Private Network (VPN) solution software The vulnerability, known as CVE-2019-11510, was initially disclosed in April 2019 and has resurfaced after the ACSC has received multiple reports of this publicly available exploit available for use on Pastebin and GitHub.
Oct 1, 2019 - Overview The Australian Signals Directorate’s Australian Cyber Security Centre is aware of a vulnerability that exists in the Pulse Connect Secure Virtual Private Network (VPN) solution. We advise users to ensure their systems are patched and up to date. The Pulse VPN Vulnerability, also known as CVE-2019-11510, was initially disclosed in April 2019 but has resurfaced after multiple reports of exploitation and the disclosure of working exploits available for use on Pastebin and GitHub.
Sep 28, 2018 - This week Cisco Systems released its semi-annual Software Security Advisory Report detailing a number of vulnerabilities in its IOS and IOS XE switch and router operating software. Cisco, a manufacturer of networking hardware and telecommunications equipment, listed a total of 13 vulnerabilities which, if left unpatched, could enable an attacker to gain system privileges or cause a denial of service (DoS) on an affected device. Cisco has labelled all of the 13 vulnerabilities a Security Impact Rating (SIR) of High.
Aug 24, 2018 - Developers, organisations and companies are being urged to upgrade Apache Struts today to ensure critical infrastructure and customer data is not put at risk. The new remote code execution vulnerability affects all supported versions of Apache Struts 2, Apache Software Foundation said. Apache Struts is a globally popular framework used for creating Java web applications. A patched version has been released today.
Jul 1, 2018 - The ACSC has become aware of a critical vulnerability in the Drupal content management system. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised. Drupal assesses this vulnerability as critical. If you are using a version of Drupal prior to 7.58 or 8.51, the ACSC recommends that you upgrade immediately as per Drupal's advice.