<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>Vulnerability Risk Management &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/tag/vulnerability-risk-management/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Tue, 23 Jan 2024 18:42:31 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>CVE-2024-0204: Critical Authentication Bypass in Fortra GoAnywhere MFT</title>
		<link>https://noise.getoto.net/2024/01/23/cve-2024-0204-critical-authentication-bypass-in-fortra-goanywhere-mft/</link>
		
		<dc:creator><![CDATA[Caitlin Condon]]></dc:creator>
		<pubDate>Tue, 23 Jan 2024 18:42:31 +0000</pubDate>
				<category><![CDATA[Emergent Threat Response]]></category>
		<category><![CDATA[Vulnerability Risk Management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=ea9e7b4804ccd335561e44ef90293c3f</guid>

					<description><![CDATA[On January 22, 2024, Fortra published a security advisory on CVE-2024-0204, a critical authentication bypass affecting its GoAnywhere MFT secure managed file transfer product prior to version 7.4.1.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2024/01/emergent-threat-banner-1-1.jpeg" length="0" type="" />

			</item>
		<item>
		<title>Critical CVEs in Outdated Versions of Atlassian Confluence and VMware vCenter Server</title>
		<link>https://noise.getoto.net/2024/01/19/critical-cves-in-outdated-versions-of-atlassian-confluence-and-vmware-vcenter-server/</link>
		
		<dc:creator><![CDATA[Rapid7]]></dc:creator>
		<pubDate>Fri, 19 Jan 2024 15:40:43 +0000</pubDate>
				<category><![CDATA[Emergent Threat Response]]></category>
		<category><![CDATA[Vulnerability Risk Management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=704a4ddae9ef366039408f59f3b9f5b7</guid>

					<description><![CDATA[<p>Rapid7 is highlighting two critical vulnerabilities in outdated versions of widely deployed software this week. Atlassian <a href="https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html">disclosed</a> CVE-2023-22527, a template injection vulnerability in Confluence Server with a maxed-out CVSS score of 10, while VMware pushed a fresh update to its October 2023 vCenter Server <a href="https://www.vmware.com/security/advisories/VMSA-2023-0023.html">advisory</a> on CVE-2023-34048 to note that</p>]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2024/01/etr-banner-2.jpeg" length="0" type="" />

			</item>
		<item>
		<title>Zero-Day Exploitation of Ivanti Connect Secure and Policy Secure Gateways</title>
		<link>https://noise.getoto.net/2024/01/11/zero-day-exploitation-of-ivanti-connect-secure-and-policy-secure-gateways/</link>
		
		<dc:creator><![CDATA[Caitlin Condon]]></dc:creator>
		<pubDate>Thu, 11 Jan 2024 13:00:40 +0000</pubDate>
				<category><![CDATA[Emergent Threat Response]]></category>
		<category><![CDATA[Vulnerability Risk Management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=a65cc7d51bf22d1f65417f2debf7c7b4</guid>

					<description><![CDATA[CVE-2023-46805 and CVE-2024-21887 are zero-day vulnerabilities affecting Ivanti Connect Secure and Ivanti Policy Secure gateways. They have been exploited in the wild to gain access to corporate networks and conduct a range of nefarious activities, including backdooring legitimate files.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2024/01/emergent-threat-banner-1.jpeg" length="0" type="" />

			</item>
		<item>
		<title>We Asked ChatGPT for 2024 Cybersecurity Predictions but You Should Make These Resolutions Instead</title>
		<link>https://noise.getoto.net/2023/12/18/we-asked-chatgpt-for-2024-cybersecurity-predictions-but-you-should-make-these-resolutions-instead/</link>
		
		<dc:creator><![CDATA[Rapid7]]></dc:creator>
		<pubDate>Mon, 18 Dec 2023 16:00:00 +0000</pubDate>
				<category><![CDATA[artificial intelligence]]></category>
		<category><![CDATA[Vulnerability Risk Management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=75f9f1ea2907239c97945991499f69f0</guid>

					<description><![CDATA[Here at Rapid7 we’ve seen a whole lot of threats and exploited vulnerabilities in 2023, many in the form of zero days. So it can be a little overwhelming to think about what could be in store for us in the year ahead.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2023/12/GettyImages-1493495125.jpg" length="0" type="" />

			</item>
		<item>
		<title>CVE-2023-49103 &#8211; Critical Information Disclosure in ownCloud Graph API</title>
		<link>https://noise.getoto.net/2023/12/01/cve-2023-49103-critical-information-disclosure-in-owncloud-graph-api/</link>
		
		<dc:creator><![CDATA[Stephen Fewer]]></dc:creator>
		<pubDate>Fri, 01 Dec 2023 17:19:25 +0000</pubDate>
				<category><![CDATA[Emergent Threat Response]]></category>
		<category><![CDATA[Vulnerability Risk Management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=fa43d5237cce5b33e2f0e687fd114934</guid>

					<description><![CDATA[On November 21, 2023, ownCloud disclosed CVE-2023-49103, an unauthenticated information disclosure vulnerability affecting ownCloud, when a vulnerable extension called “Graph API” (graphapi) is present.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2023/12/emergent-threat-banner.jpeg" length="0" type="" />

			</item>
		<item>
		<title>CVE-2023-47246: SysAid Zero-Day Vulnerability Exploited By Lace Tempest</title>
		<link>https://noise.getoto.net/2023/11/09/cve-2023-47246-sysaid-zero-day-vulnerability-exploited-by-lace-tempest/</link>
		
		<dc:creator><![CDATA[Caitlin Condon]]></dc:creator>
		<pubDate>Thu, 09 Nov 2023 14:12:55 +0000</pubDate>
				<category><![CDATA[Emergent Threat Response]]></category>
		<category><![CDATA[Vulnerability Risk Management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=aeed4d36b077eccfca3b83af18a18165</guid>

					<description><![CDATA[A new zero-day vulnerability (CVE-2023-47246) in SysAid IT service management software is being exploited by the threat group responsible for the MOVEit Transfer attack in May 2023.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2023/11/emergent-threat-banner.jpeg" length="0" type="" />

			</item>
		<item>
		<title>Rapid7-Observed Exploitation of Atlassian Confluence CVE-2023-22518</title>
		<link>https://noise.getoto.net/2023/11/06/rapid7-observed-exploitation-of-atlassian-confluence-cve-2023-22518/</link>
		
		<dc:creator><![CDATA[Rapid7]]></dc:creator>
		<pubDate>Mon, 06 Nov 2023 15:31:47 +0000</pubDate>
				<category><![CDATA[Emergent Threat Response]]></category>
		<category><![CDATA[Vulnerability Risk Management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=af4e3afac7f189c6c850648c106a5fcc</guid>

					<description><![CDATA[<!--kg-card-begin: markdown--><p><em>Daniel Lydon and Conor Quinn contributed attacker behavior insights to this blog.</em></p>
<p>As of November 5, 2023, Rapid7 Managed Detection and Response (MDR) is observing exploitation of Atlassian Confluence in multiple customer environments, including for ransomware deployment. We have confirmed that at least some of the exploits are targeting <a href="https://confluence.atlassian.com/security/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-server-1311473907.html">CVE-2023-22518</a></p>]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2023/11/emergent-threat-banner-1.jpeg" length="0" type="" />

			</item>
		<item>
		<title>CVE-2023-4966: Exploitation of Citrix NetScaler Information Disclosure Vulnerability</title>
		<link>https://noise.getoto.net/2023/10/25/cve-2023-4966-exploitation-of-citrix-netscaler-information-disclosure-vulnerability/</link>
		
		<dc:creator><![CDATA[Rapid7]]></dc:creator>
		<pubDate>Wed, 25 Oct 2023 18:18:15 +0000</pubDate>
				<category><![CDATA[Emergent Threat Response]]></category>
		<category><![CDATA[Vulnerability Risk Management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=066f4b8f954e7b9a9e153a5981a57c98</guid>

					<description><![CDATA[On October 10, 2023, Citrix published an advisory on two vulnerabilities affecting NetScaler ADC and NetScaler Gateway. The more critical of these is CVE-2023-4966, a sensitive information disclosure vulnerability that allows an attacker to read large amounts of memory after the end of a buffer.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2023/10/emergent-threat-banner-2-1.jpeg" length="0" type="" />

			</item>
		<item>
		<title>CVE-2023-20198: Active Exploitation of Cisco IOS XE Zero-Day Vulnerability</title>
		<link>https://noise.getoto.net/2023/10/17/cve-2023-20198-active-exploitation-of-cisco-ios-xe-zero-day-vulnerability/</link>
		
		<dc:creator><![CDATA[Caitlin Condon]]></dc:creator>
		<pubDate>Tue, 17 Oct 2023 19:50:03 +0000</pubDate>
				<category><![CDATA[Emergent Threat Response]]></category>
		<category><![CDATA[Vulnerability Risk Management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=03c5f815ef444693e9663c8d609a26d3</guid>

					<description><![CDATA[On Monday, October 16, Cisco’s Talos group published a blog on an active threat campaign exploiting CVE-2023-20198, a “previously unknown” zero-day vulnerability in the web UI component of Cisco IOS XE software.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2023/10/emergent-threat-banner-2.jpeg" length="0" type="" />

			</item>
		<item>
		<title>CVE-2023-22515: Zero-Day Privilege Escalation in Confluence Server and Data Center</title>
		<link>https://noise.getoto.net/2023/10/04/cve-2023-22515-zero-day-privilege-escalation-in-confluence-server-and-data-center/</link>
		
		<dc:creator><![CDATA[Caitlin Condon]]></dc:creator>
		<pubDate>Wed, 04 Oct 2023 15:28:53 +0000</pubDate>
				<category><![CDATA[Emergent Threat Response]]></category>
		<category><![CDATA[Vulnerability Risk Management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=0020b058392816674afc320d3aea550f</guid>

					<description><![CDATA[On October 4, 2023, Atlassian published a security advisory on CVE-2023-22515, a critical privilege escalation vulnerability affecting on-premises instances of Confluence Server and Confluence Data Center.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2023/10/emergent-threat-banner.jpeg" length="0" type="" />

			</item>
		<item>
		<title>Critical Vulnerabilities in WS_FTP Server</title>
		<link>https://noise.getoto.net/2023/09/29/critical-vulnerabilities-in-ws_ftp-server/</link>
		
		<dc:creator><![CDATA[Caitlin Condon]]></dc:creator>
		<pubDate>Fri, 29 Sep 2023 13:33:05 +0000</pubDate>
				<category><![CDATA[Emergent Threat Response]]></category>
		<category><![CDATA[Vulnerability Risk Management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=7c95eeb2803d4c084da21e4086821121</guid>

					<description><![CDATA[<p>On September 27, 2023, Progress Software published a security advisory on multiple vulnerabilities affecting <a href="https://www.ipswitch.com/ftp-server">WS_FTP Server</a>, a secure file transfer solution. There are a number of vulnerabilities in the advisory, two of which are critical (CVE-2023-40044 and CVE-2023-42657). </p><p>Rapid7 is not aware of any exploitation in the wild as</p>]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2023/09/emergent-threat-banner.jpeg" length="0" type="" />

			</item>
		<item>
		<title>CVE-2023-42793: Critical Authentication Bypass in JetBrains TeamCity CI/CD Servers</title>
		<link>https://noise.getoto.net/2023/09/25/cve-2023-42793-critical-authentication-bypass-in-jetbrains-teamcity-ci-cd-servers/</link>
		
		<dc:creator><![CDATA[Caitlin Condon]]></dc:creator>
		<pubDate>Mon, 25 Sep 2023 17:32:48 +0000</pubDate>
				<category><![CDATA[Emergent Threat Response]]></category>
		<category><![CDATA[Vulnerability Risk Management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=ae4534b1167aaa21fcdc6efabc8c56a3</guid>

					<description><![CDATA[On September 20, 2023, JetBrains disclosed CVE-2023-42793, a critical authentication bypass vulnerability in on-premises instances of their TeamCity CI/CD server. Successful exploitation could make the vulnerability a potential supply chain attack vector.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2023/09/emergent-threat-banner-1.jpeg" length="0" type="" />

			</item>
		<item>
		<title>Active Exploitation of IBM Aspera Faspex CVE-2022-47986</title>
		<link>https://noise.getoto.net/2023/03/28/active-exploitation-of-ibm-aspera-faspex-cve-2022-47986/</link>
		
		<dc:creator><![CDATA[Caitlin Condon]]></dc:creator>
		<pubDate>Tue, 28 Mar 2023 19:35:19 +0000</pubDate>
				<category><![CDATA[Emergent Threat Response]]></category>
		<category><![CDATA[Vulnerability Risk Management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=a5efbe8d00977077a0261292b66a0cf6</guid>

					<description><![CDATA[Rapid7 is aware of at least one incident where a customer was compromised via CVE-2022-47986. We strongly recommend patching on an emergency basis.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2023/03/GettyImages-1185282377-2.jpg" length="0" type="" />

			</item>
		<item>
		<title>CVE-2023-22501: Critical Broken Authentication Flaw in Jira Service Management Products</title>
		<link>https://noise.getoto.net/2023/02/06/cve-2023-22501-critical-broken-authentication-flaw-in-jira-service-management-products/</link>
		
		<dc:creator><![CDATA[Caitlin Condon]]></dc:creator>
		<pubDate>Mon, 06 Feb 2023 16:46:36 +0000</pubDate>
				<category><![CDATA[Emergent Threat Response]]></category>
		<category><![CDATA[Vulnerability Risk Management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=6da11479928245be17785fc3220680d9</guid>

					<description><![CDATA[Atlassian has published an advisory for CVE-2023-22501, a critical broken authentication vulnerability affecting Jira service management products.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2023/02/GettyImages-1352385622-2.jpg" length="0" type="" />

			</item>
		<item>
		<title>Ransomware Campaign Compromising VMware ESXi Servers</title>
		<link>https://noise.getoto.net/2023/02/06/ransomware-campaign-compromising-vmware-esxi-servers/</link>
		
		<dc:creator><![CDATA[Caitlin Condon]]></dc:creator>
		<pubDate>Mon, 06 Feb 2023 15:00:57 +0000</pubDate>
				<category><![CDATA[Emergent Threat Response]]></category>
		<category><![CDATA[ransomware]]></category>
		<category><![CDATA[Vulnerability Risk Management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=6fb9e493e287f6bdfc3ec2f9d7f4c49d</guid>

					<description><![CDATA[Hosting provider OVH and French CERT has issued a warning about a ransomware campaign that appears to be using CVE-2021-21974 to target VMware ESXi servers.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2023/02/GettyImages-1337611143.jpg" length="0" type="" />

			</item>
		<item>
		<title>Exploitation of GoAnywhere MFT zero-day vulnerability</title>
		<link>https://noise.getoto.net/2023/02/03/exploitation-of-goanywhere-mft-zero-day-vulnerability/</link>
		
		<dc:creator><![CDATA[Caitlin Condon]]></dc:creator>
		<pubDate>Fri, 03 Feb 2023 16:18:21 +0000</pubDate>
				<category><![CDATA[Emergent Threat Response]]></category>
		<category><![CDATA[Vulnerability Risk Management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=be166085f2d8ca8f2b7d82d5ffc3f81d</guid>

					<description><![CDATA[A warning has been issued about an actively exploited zero-day vulnerability affecting on-premise instances of Fortra’s GoAnywhere MFT.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2023/02/GettyImages-1352385622-1.jpg" length="0" type="" />

			</item>
		<item>
		<title>Rapid7 Added to Carahsoft GSA Schedule Contract</title>
		<link>https://noise.getoto.net/2023/01/24/rapid7-added-to-carahsoft-gsa-schedule-contract/</link>
		
		<dc:creator><![CDATA[Rapid7]]></dc:creator>
		<pubDate>Tue, 24 Jan 2023 15:00:00 +0000</pubDate>
				<category><![CDATA[Detection and Response]]></category>
		<category><![CDATA[Government]]></category>
		<category><![CDATA[Vulnerability Risk Management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=46fe4abb21ef693f68b4334c2b0a591b</guid>

					<description><![CDATA[We are happy to announce that Rapid7 has been added to Carahsoft’s GSA Schedule contract, making our suite of comprehensive security solutions widely available to Federal, State, and Local agencies through Carahsoft and its reseller partners.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2023/01/GettyImages-1216713090-2.jpg" length="0" type="" />

			</item>
		<item>
		<title>CVE-2022-3786 and CVE-2022-3602: Two High-Severity Buffer Overflow Vulnerabilities in OpenSSL Fixed</title>
		<link>https://noise.getoto.net/2022/11/01/cve-2022-3786-and-cve-2022-3602-two-high-severity-buffer-overflow-vulnerabilities-in-openssl-fixed/</link>
		
		<dc:creator><![CDATA[Rapid7]]></dc:creator>
		<pubDate>Tue, 01 Nov 2022 16:38:53 +0000</pubDate>
				<category><![CDATA[Emergent Threat Response]]></category>
		<category><![CDATA[Vulnerability Risk Management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=07f49a20105de2c65f9c354b1eff0250</guid>

					<description><![CDATA[<!--kg-card-begin: markdown--><p><em>The Rapid7 research team will update this blog post as we learn more details about this vulnerability and its attack surface area. We expect to update this page next by 3 PM EDT on November 1, 2022.</em></p>
<p>The <a href="https://www.openssl.org/">OpenSSL</a> project <a href="https://www.openssl.org/news/cl30.txt">released</a> version 3.0.7 on November 1, 2022, to</p>]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2022/10/GettyImages-1354192776-1.jpg" length="0" type="" />

			</item>
		<item>
		<title>CVE-2021-39144: VMware Cloud Foundation Unauthenticated Remote Code Execution</title>
		<link>https://noise.getoto.net/2022/10/27/cve-2021-39144-vmware-cloud-foundation-unauthenticated-remote-code-execution/</link>
		
		<dc:creator><![CDATA[Caitlin Condon]]></dc:creator>
		<pubDate>Thu, 27 Oct 2022 15:22:09 +0000</pubDate>
				<category><![CDATA[Emergent Threat Response]]></category>
		<category><![CDATA[Vulnerability Risk Management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=cb5ae4c9c1dc52b0aa46e0f184e87a6d</guid>

					<description><![CDATA[On October 25, 2022, VMware published VMSA-2022-0027 on two vulnerabilities in its Cloud Foundation solution. By far the more severe of these is CVE-2021-39144, an unauthenticated remote code execution vulnerability with a CVSSv3 score of 9.8.]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2022/10/emergent-threats-series-hero-background.jpg" length="0" type="" />

			</item>
		<item>
		<title>CVE-2022-42889: Keep Calm and Stop Saying &#8220;4Shell&#8221;</title>
		<link>https://noise.getoto.net/2022/10/17/cve-2022-42889-keep-calm-and-stop-saying-4shell/</link>
		
		<dc:creator><![CDATA[Erick Galinkin]]></dc:creator>
		<pubDate>Mon, 17 Oct 2022 20:36:16 +0000</pubDate>
				<category><![CDATA[Emergent Threat Response]]></category>
		<category><![CDATA[Vulnerability Risk Management]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=f7ba3352d40fae34a5ec64e58595ed85</guid>

					<description><![CDATA[<p>CVE-2022-42889, which some have begun calling “Text4Shell,” is a vulnerability in the popular Apache Commons Text library that can result in code execution when processing malicious input. The vulnerability was announced on October 13, 2022 on the <a href="https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om">Apache dev list</a>. CVE-2022-42889 arises from insecure implementation of Commons Text’s variable</p>]]></description>
		
		
		<enclosure url="https://blog.rapid7.com/content/images/2022/10/hero-art-blog.jpeg" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 30/261 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2025-12-05 19:23:22 by W3 Total Cache
-->