4188 matches found
Microsoft Releases July 2022 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s July 2022 Security Update and Deployment Informatio...
North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector
CISA, the Federal Bureau of Investigation FBI, and the Department of the Treasury Treasury have released a joint Cybersecurity Advisory CSA, North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector, to provide information on Maui ransomware,...
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly...
Strengthening Cybersecurity of SATCOM Network Providers and Customers
CISA and the Federal Bureau of Investigation FBI are aware of possible threats to U.S. and international satellite communications SATCOM networks. Successful intrusions into SATCOM networks could create additional risk for SATCOM network customer environments. In response, CISA and FBI have...
Drupal Releases Security Updates
Drupal has released security updates to address vulnerabilities affecting Drupal 9.2 and 9.3. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Drupal Advisory SA-CORE-2022-05 and apply the necessary...
FBI Releases Indicators of Compromise Associated with LockBit 2.0 Ransomware
The Federal Bureau of Investigation FBI has released a Flash report detailing indicators of compromise IOCs associated with attacks, using LockBit 2.0, a Ransomware-as-a-Service that employs a wide variety of tactics, techniques, and procedures, creating significant challenges for defense and...
CISA and NSA Release Guidance on Selecting and Hardening VPNs
The National Security Agency NSA and CISA have released the cybersecurity information sheet Selecting and Hardening Standards-based Remote Access VPN Solutions to address the potential security risks associated with using Virtual Private Networks VPNs. Remote-access VPN servers allow off-site use...
FBI-CISA Advisory on Ransomware Awareness for Holidays and Weekends
Today, the Federal Bureau of Investigation FBI and CISA released a Joint Cybersecurity Advisory CSA to urge organizations to ensure they protect themselves against ransomware attacks during holidays and weekends—when offices are normally closed. Although FBI and CISA do not currently have any...
Apple Releases Security Update
Apple has released a security update to address vulnerabilities in iCloud for Windows 12.5. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security update and apply the necessary updates. This...
Malware Targeting Pulse Secure Devices
As part of CISA’s ongoing response to Pulse Secure compromises, CISA has analyzed 13 malware samples related to exploited Pulse Secure devices. CISA encourages users and administrators to review the following 13 malware analysis reports MARs for threat actor techniques, tactics, and procedures TT...
Mozilla Releases Security Updates for Firefox, Thunderbird
Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla Security Advisory for Firefox 90...
Citrix Releases Security Updates for Virtual Apps and Desktops
Citrix has released security updates to address a vulnerability in multiple versions of Virtual Apps and Desktops. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Citrix Security Update CTX319750 and apply the...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...
VMware Releases Security Updates
VMware has released security updates to address multiple vulnerabilities in vCenter Server and Cloud Foundation. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory...
CISA Releases ICS Advisory on Real-Time Operating System Vulnerabilities
CISA has released Industrial Control Systems Advisory ICSA-21-119-04 Multiple RTOS to provide notice of multiple vulnerabilities found in real-time operating systems RTOS and supporting libraries. Successful exploitation of these vulnerabilities could result in unexpected behavior such as a crash...
Mozilla Releases Security Update for Firefox, Firefox ESR, and Thunderbird
Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla Security Advisories for Firefox 88...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...
Using CHIRP to Detect Post-Compromise Threat Activity in On-Premises Environments
CISA Hunt and Incident Response Program CHIRP is a new forensics collection tool that CISA developed to help network defenders find indicators of compromise IOCs associated with the SolarWinds and Active Directory/M365 Compromise. CHIRP is freely available on the CISA GitHub repository. Similar t...
Compromise of U.S. Water Treatment Facility
In response to recent events where unidentified cyber actors obtained unauthorized access to the supervisory control and data acquisition SCADA system at a U.S. drinking water treatment facility, CISA, the Federal Bureau of Investigation, the Environmental Protection Agency, and the Multi-State...
Apple Releases Security Updates
Apple has released security updates to address vulnerabilities in macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple...
CISA Malware Analysis on Supernova
CISA has released a malware analysis report on Supernova malware affecting unpatched SolarWinds Orion software. The report contains indicators of compromise IOCs and analyzes several malicious artifacts. Supernova is not part of the SolarWinds supply chain attack described in Alert AA20-352A. CIS...
Cisco Releases Advisories for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...
IBM Releases Report on Cyber Actors Targeting the COVID-19 Vaccine Supply Chain
IBM X-Force has released a report on malicious cyber actors targeting the COVID-19 cold chain—an integral part of delivering and storing a vaccine at safe temperatures. Impersonating a biomedical company, cyber actors are sending phishing and spearphishing emails to executives and global...
Malicious Activity Targeting COVID-19 Research, Vaccine Development
In response to malicious activity targeting COVID-19 research and vaccine development in the United States, United Kingdom UK, and Canada, the Cybersecurity and Infrastructure Security Agency CISA, UK’s National Cyber Security Centre NCSC, Canada’s Communications Security Establishment CSE, and t...
Google Releases Security Updates for Chrome
Google has released Chrome version 80.0.3987.132 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
DHS Releases NTAS Bulletin
Today, Acting Secretary of Homeland Security Chad Wolf reissued the NTAS bulletin pertaining to the terror threat to the U.S. homeland. Upfront, you should know that: “At this time there is no specific, credible threat against the homeland.” You can read the new, entire bulletin at National...
U.S. Cyber Command Shares Seven New Malware Samples
U.S. Cyber Command has released seven malware samples to the malware aggregation tool and repository, VirusTotal. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review U.S. Cyber Command’s VirusTotal page to view the samples. CISA also recommends...
Beware of Stalking Apps
The Federal Trade Commission FTC has released an article warning consumers of “stalking apps”—spyware that secretly monitors smartphones. These apps can share information like call history, text messages, photos, GPS locations, and browser history without the user's knowledge. Although this can b...
ACSC Releases Advisory on Password Spraying Attacks
The Australian Cyber Security Centre ACSC has released an advisory on password spraying attacks. Password spraying is a type of brute-force attack in which a malicious actor uses a single password against targeted user accounts before moving on to attempt a second password, and so on. This...
U.S. Coast Guard Releases Cybersecurity Measures for Commercial Vessels
The U.S. Coast Guard has released a Safety Alert with recommended cybersecurity best practices for commercial vessels. With a dynamic cybersecurity threat landscape and growing reliance on technology to support vessels, the maritime community can help strengthen their defenses by implementing the...
DHS Email Phishing Scam
The Cybersecurity and Infrastructure Security Agency CISA is aware of an email phishing scam that tricks users into clicking on malicious attachments that look like legitimate Department of Homeland Security DHS notifications. The email campaign uses a spoofed email address to appear like a...
FBI Releases Article on Protected Voices Campaign
The Federal Bureau of Investigation FBI has released an article on the Protected Voices initiative designed to mitigate the risk of cyber influence operations targeting U.S. elections. As part of the initiative, FBI offices are coordinating with political campaigns at the local, state, and federa...
IRS Warns Tax Professionals of Phishing Scam
The Internal Revenue Service IRS has issued a news release warning tax professionals to beware of a new phishing email scam. Cyber criminals posing as state accounting and professional associations have been sending emails to entice their targets to reveal login credentials. Tax practitioners...
Apple Releases Multiple Security Updates
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review Apple security pages for the following products and apply...
Oracle Releases Security Alert
Oracle has released a security alert to address multiple vulnerabilities in Oracle Tuxedo. A remote attacker could exploit these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Oracle Security Alert Advisory and apply the necessary...
Google Releases Security Updates for Chrome
Google has released Chrome version 62.0.3202.62 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Chrome Releas...
Increased Risks from Macro-Based Malware
Microsoft Office applications use macros to automate routine tasks. However, macros can contain malicious code that can be used to exploit vulnerable systems. Recently, there has been a resurgence of malware that is spread via macros. Individuals and organizations should proactively secure system...
Mozilla Releases Security Updates
The Mozilla Foundation has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Network Security Services NSS. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 47 Firefox...
Apple Releases Security Update
Apple has released a security update to address a vulnerability in Apple Software Update. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Apple security website for Software Update 2.2...
ISC Releases Security Updates for DHCP Server
Internet Systems Consortium ISC has released security updates to address a vulnerability in versions of ISC Dynamic Host Configuration Protocol DHCP server. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition. Updated versions of ISC DHCP...
Microsoft Releases April 2015 Security Bulletin
Microsoft has released eleven updates to address vulnerabilities in Microsoft Windows. Some of these vulnerabilities could allow elevation of privilege, denial of service, remote code execution, information disclosure, or security feature bypass. US-CERT encourages users and administrators to...
FBI Releases "Ransomware on the Rise"
The FBI has released an article addressing ransomware campaigns that use intimidating messages claiming to be from the FBI or other government agencies. Scam operators use ransomware – a type of malicious software – to infect a computer and restrict access to it until a ransom is paid to unlock i...
oCERT Releases Advisory for Unpatched UnZip Vulnerability
The Open Source Computer Security Incident Response Team oCERT has released an advisory addressing vulnerabilities in all versions of UnZip. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system if a user opens a specially crafted zip file. US-CER...
Microsoft Releases December 2014 Security Bulletin
Microsoft has released updates to address vulnerabilities in Exchange, Windows, Internet Explorer, and Office as part of the Microsoft Security Bulletin Summary for December 2014. Some of these vulnerabilities could allow elevation of privilege, remote code execution, or disclosure of information...
Google Releases Google Chrome 30.0.1599.101
Google has released Google Chrome 30.0.1599.101 for Windows, Mac, Linux and Chrome Frame operating systems to address multiple vulnerabilities. These vulnerabilities could allow a remote attacker to cause a denial-of-service condition or trigger multiple conflicting uses of the same object. US-CE...
Google Releases Google Chrome 29.0.1547.57
Google has released Google Chrome 29.0.1547.57 for Windows, Mac, Linux, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities could allow a remote attacker to cause a denial of service condition, conduct a directory traversal attack, or obtain sensitive information. US-CERT...
Cisco Releases Multiple Security Advisories
Cisco has released three security advisories to address multiple vulnerabilities. These vulnerabilities may allow an attacker to take control of the affected system or allow an authenticated but unprivileged, remote attacker to execute arbitrary code on a vulnerable system and on devices managed ...
Cisco Releases Multiple Security Advisories
Cisco has released three security advisories to address vulnerabilities affecting the following products: Cisco ASA 5500 Series Adaptive Security Appliances ASA Cisco Catalyst 6500 Series ASA Service Module ASASM Cisco Catalyst 6500 Series Firewall Service Module FWSM Cisco Adaptive Security...
Cisco Releases Multiple Security Advisories
Cisco has released six security advisories to address vulnerabilities affecting the following products: Cius Wifi devices running Cius Software Version 9.21 SR1 and prior Cisco Unified Communications Manager Software versions 6.x, 7.x, and 8.x Cisco Business Edition 3000, 5000, and 6000 Cisco Uni...
USAA Phishing Scam and Malware Campaign
US-CERT is aware of public reports of an active spear-phishing attack via email messages directed at United Services Automobile Association USAA members. These messages contain the subject line "Deposit Posted" and contain a randomly generated four-digit number placed in the USAA security zone...