GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents. As cyber threats continue to evolve, CISA remains committed to updating its catalog with vulnerabilities that meet specific risk and exploitation criteria. The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new vulnerability to its Known Exploited Vulnerabilities Catalog. Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world. This directive mandates that Federal Civilian Executive Branch (FCEB) agencies address known vulnerabilities by specified deadlines to protect their networks from active threats. Organizations are encouraged to integrate these updates into their regular vulnerability management practices to maintain robust defenses against potential cyber threats. This latest inclusion in the Known Exploited Vulnerabilities Catalog is part of an ongoing effort under the Binding Operational Directive (BOD) 22-01. While BOD 22-01 specifically targets FCEB agencies, CISA strongly advises all organizations to prioritize timely remediation of vulnerabilities listed in the catalog. This vulnerability, CVE-2024-29824, affects Ivanti Endpoint Manager (EPM) and has become a target for cybercriminals using public exploits in recent attacks on Ivanti endpoints. By addressing these vulnerabilities promptly, organizations can significantly reduce their exposure to cyberattacks and enhance their overall cybersecurity posture. Ivanti, a U.S.-based IT software company renowned for its enterprise solutions in IT asset management, service management, and cybersecurity, is central to this issue. The exploitation of CVE-2024-29824 underscores the urgent need for organizations to remain vigilant and proactive in their cybersecurity efforts.
This Cyber News was published on gbhackers.com. Publication date: Thu, 03 Oct 2024 08:13:06 +0000