Lucene search
K
CisaMost viewed

4188 matches found

CISA
CISA
added 2022/07/12 12:0 a.m.19 views

Microsoft Releases July 2022 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s July 2022 Security Update and Deployment Informatio...

1.7AI score
Exploits0References2
CISA
CISA
added 2022/07/06 12:0 a.m.19 views

North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector

CISA, the Federal Bureau of Investigation FBI, and the Department of the Treasury Treasury have released a joint Cybersecurity Advisory CSA, North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector, to provide information on Maui ransomware,...

0.9AI score
Exploits0References5
CISA
CISA
added 2022/04/06 12:0 a.m.19 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly...

1.7AI score
Exploits0References5
CISA
CISA
added 2022/03/17 12:0 a.m.19 views

Strengthening Cybersecurity of SATCOM Network Providers and Customers

CISA and the Federal Bureau of Investigation FBI are aware of possible threats to U.S. and international satellite communications SATCOM networks. Successful intrusions into SATCOM networks could create additional risk for SATCOM network customer environments. In response, CISA and FBI have...

1.7AI score
Exploits0References1
CISA
CISA
added 2022/03/17 12:0 a.m.19 views

Drupal Releases Security Updates

Drupal has released security updates to address vulnerabilities affecting Drupal 9.2 and 9.3. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Drupal Advisory SA-CORE-2022-05 and apply the necessary...

2.7AI score
Exploits0References1
CISA
CISA
added 2022/02/07 12:0 a.m.19 views

FBI Releases Indicators of Compromise Associated with LockBit 2.0 Ransomware

The Federal Bureau of Investigation FBI has released a Flash report detailing indicators of compromise IOCs associated with attacks, using LockBit 2.0, a Ransomware-as-a-Service that employs a wide variety of tactics, techniques, and procedures, creating significant challenges for defense and...

6.8AI score
Exploits0References2
CISA
CISA
added 2021/09/28 12:0 a.m.19 views

CISA and NSA Release Guidance on Selecting and Hardening VPNs

The National Security Agency NSA and CISA have released the cybersecurity information sheet Selecting and Hardening Standards-based Remote Access VPN Solutions to address the potential security risks associated with using Virtual Private Networks VPNs. Remote-access VPN servers allow off-site use...

7.4AI score
Exploits0References2
CISA
CISA
added 2021/08/31 12:0 a.m.19 views

FBI-CISA Advisory on Ransomware Awareness for Holidays and Weekends

Today, the Federal Bureau of Investigation FBI and CISA released a Joint Cybersecurity Advisory CSA to urge organizations to ensure they protect themselves against ransomware attacks during holidays and weekends—when offices are normally closed. Although FBI and CISA do not currently have any...

6.7AI score
Exploits0References8
CISA
CISA
added 2021/08/17 12:0 a.m.19 views

Apple Releases Security Update

Apple has released a security update to address vulnerabilities in iCloud for Windows 12.5. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security update and apply the necessary updates. This...

6.9AI score
Exploits0References1
CISA
CISA
added 2021/07/21 12:0 a.m.19 views

Malware Targeting Pulse Secure Devices

As part of CISA’s ongoing response to Pulse Secure compromises, CISA has analyzed 13 malware samples related to exploited Pulse Secure devices. CISA encourages users and administrators to review the following 13 malware analysis reports MARs for threat actor techniques, tactics, and procedures TT...

6.8AI score
Exploits0References15
CISA
CISA
added 2021/07/13 12:0 a.m.19 views

Mozilla Releases Security Updates for Firefox, Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla Security Advisory for Firefox 90...

7.1AI score
Exploits0References3
CISA
CISA
added 2021/07/13 12:0 a.m.19 views

Citrix Releases Security Updates for Virtual Apps and Desktops

Citrix has released security updates to address a vulnerability in multiple versions of Virtual Apps and Desktops. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Citrix Security Update CTX319750 and apply the...

6.8AI score
Exploits0References1
CISA
CISA
added 2021/07/08 12:0 a.m.19 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...

7AI score
Exploits0References3
CISA
CISA
added 2021/05/26 12:0 a.m.19 views

VMware Releases Security Updates

VMware has released security updates to address multiple vulnerabilities in vCenter Server and Cloud Foundation. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory...

7.2AI score
Exploits0References1
CISA
CISA
added 2021/04/29 12:0 a.m.19 views

CISA Releases ICS Advisory on Real-Time Operating System Vulnerabilities

CISA has released Industrial Control Systems Advisory ICSA-21-119-04 Multiple RTOS to provide notice of multiple vulnerabilities found in real-time operating systems RTOS and supporting libraries. Successful exploitation of these vulnerabilities could result in unexpected behavior such as a crash...

7.6AI score
Exploits0References1
CISA
CISA
added 2021/04/20 12:0 a.m.19 views

Mozilla Releases Security Update for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla Security Advisories for Firefox 88...

7.1AI score
Exploits0References3
CISA
CISA
added 2021/04/08 12:0 a.m.19 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...

7.6AI score
Exploits0References7
CISA
CISA
added 2021/03/18 12:0 a.m.19 views

Using CHIRP to Detect Post-Compromise Threat Activity in On-Premises Environments

CISA Hunt and Incident Response Program CHIRP is a new forensics collection tool that CISA developed to help network defenders find indicators of compromise IOCs associated with the SolarWinds and Active Directory/M365 Compromise. CHIRP is freely available on the CISA GitHub repository. Similar t...

6.6AI score
Exploits0References9
CISA
CISA
added 2021/02/11 12:0 a.m.19 views

Compromise of U.S. Water Treatment Facility

In response to recent events where unidentified cyber actors obtained unauthorized access to the supervisory control and data acquisition SCADA system at a U.S. drinking water treatment facility, CISA, the Federal Bureau of Investigation, the Environmental Protection Agency, and the Multi-State...

7.1AI score
Exploits0References1
CISA
CISA
added 2021/02/02 12:0 a.m.19 views

Apple Releases Security Updates

Apple has released security updates to address vulnerabilities in macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple...

6.9AI score
Exploits0References1
CISA
CISA
added 2021/01/27 12:0 a.m.19 views

CISA Malware Analysis on Supernova

CISA has released a malware analysis report on Supernova malware affecting unpatched SolarWinds Orion software. The report contains indicators of compromise IOCs and analyzes several malicious artifacts. Supernova is not part of the SolarWinds supply chain attack described in Alert AA20-352A. CIS...

6.6AI score
Exploits0References3
CISA
CISA
added 2021/01/21 12:0 a.m.19 views

Cisco Releases Advisories for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...

7.6AI score
Exploits0References5
CISA
CISA
added 2020/12/03 12:0 a.m.19 views

IBM Releases Report on Cyber Actors Targeting the COVID-19 Vaccine Supply Chain

IBM X-Force has released a report on malicious cyber actors targeting the COVID-19 cold chain—an integral part of delivering and storing a vaccine at safe temperatures. Impersonating a biomedical company, cyber actors are sending phishing and spearphishing emails to executives and global...

6.7AI score
Exploits0References2
CISA
CISA
added 2020/07/16 12:0 a.m.19 views

Malicious Activity Targeting COVID-19 Research, Vaccine Development

In response to malicious activity targeting COVID-19 research and vaccine development in the United States, United Kingdom UK, and Canada, the Cybersecurity and Infrastructure Security Agency CISA, UK’s National Cyber Security Centre NCSC, Canada’s Communications Security Establishment CSE, and t...

6.6AI score
Exploits0References8
CISA
CISA
added 2020/03/04 12:0 a.m.19 views

Google Releases Security Updates for Chrome

Google has released Chrome version 80.0.3987.132 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...

7AI score
Exploits0References1
CISA
CISA
added 2020/01/04 12:0 a.m.19 views

DHS Releases NTAS Bulletin

Today, Acting Secretary of Homeland Security Chad Wolf reissued the NTAS bulletin pertaining to the terror threat to the U.S. homeland. Upfront, you should know that: “At this time there is no specific, credible threat against the homeland.” You can read the new, entire bulletin at National...

6.5AI score
Exploits0References2
CISA
CISA
added 2019/11/06 12:0 a.m.19 views

U.S. Cyber Command Shares Seven New Malware Samples

U.S. Cyber Command has released seven malware samples to the malware aggregation tool and repository, VirusTotal. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review U.S. Cyber Command’s VirusTotal page to view the samples. CISA also recommends...

6.9AI score
Exploits0References2
CISA
CISA
added 2019/10/23 12:0 a.m.19 views

Beware of Stalking Apps

The Federal Trade Commission FTC has released an article warning consumers of “stalking apps”—spyware that secretly monitors smartphones. These apps can share information like call history, text messages, photos, GPS locations, and browser history without the user's knowledge. Although this can b...

6.7AI score
Exploits0References2
CISA
CISA
added 2019/08/08 12:0 a.m.19 views

ACSC Releases Advisory on Password Spraying Attacks

The Australian Cyber Security Centre ACSC has released an advisory on password spraying attacks. Password spraying is a type of brute-force attack in which a malicious actor uses a single password against targeted user accounts before moving on to attempt a second password, and so on. This...

7AI score
Exploits0References4
CISA
CISA
added 2019/07/08 12:0 a.m.19 views

U.S. Coast Guard Releases Cybersecurity Measures for Commercial Vessels

The U.S. Coast Guard has released a Safety Alert with recommended cybersecurity best practices for commercial vessels. With a dynamic cybersecurity threat landscape and growing reliance on technology to support vessels, the maritime community can help strengthen their defenses by implementing the...

6.8AI score
Exploits0References2
CISA
CISA
added 2019/06/18 12:0 a.m.19 views

DHS Email Phishing Scam

The Cybersecurity and Infrastructure Security Agency CISA is aware of an email phishing scam that tricks users into clicking on malicious attachments that look like legitimate Department of Homeland Security DHS notifications. The email campaign uses a spoofed email address to appear like a...

6.6AI score
Exploits0References2
CISA
CISA
added 2019/06/06 12:0 a.m.19 views

FBI Releases Article on Protected Voices Campaign

The Federal Bureau of Investigation FBI has released an article on the Protected Voices initiative designed to mitigate the risk of cyber influence operations targeting U.S. elections. As part of the initiative, FBI offices are coordinating with political campaigns at the local, state, and federa...

6.6AI score
Exploits0References4
CISA
CISA
added 2018/05/24 12:0 a.m.19 views

IRS Warns Tax Professionals of Phishing Scam

The Internal Revenue Service IRS has issued a news release warning tax professionals to beware of a new phishing email scam. Cyber criminals posing as state accounting and professional associations have been sending emails to entice their targets to reveal login credentials. Tax practitioners...

6.9AI score
Exploits0References3
CISA
CISA
added 2018/03/29 12:0 a.m.19 views

Apple Releases Multiple Security Updates

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review Apple security pages for the following products and apply...

6.9AI score
Exploits0References8
CISA
CISA
added 2017/11/16 12:0 a.m.19 views

Oracle Releases Security Alert

Oracle has released a security alert to address multiple vulnerabilities in Oracle Tuxedo. A remote attacker could exploit these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Oracle Security Alert Advisory and apply the necessary...

7.5CVSS9.1AI score0.02142EPSS
Exploits0References1
CISA
CISA
added 2017/10/18 12:0 a.m.19 views

Google Releases Security Updates for Chrome

Google has released Chrome version 62.0.3202.62 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Chrome Releas...

7.1AI score
Exploits0References1
CISA
CISA
added 2016/06/09 12:0 a.m.19 views

Increased Risks from Macro-Based Malware

Microsoft Office applications use macros to automate routine tasks. However, macros can contain malicious code that can be used to exploit vulnerable systems. Recently, there has been a resurgence of malware that is spread via macros. Individuals and organizations should proactively secure system...

6.9AI score
Exploits0References2
CISA
CISA
added 2016/06/07 12:0 a.m.19 views

Mozilla Releases Security Updates

The Mozilla Foundation has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Network Security Services NSS. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 47 Firefox...

7.1AI score
Exploits0References3
CISA
CISA
added 2016/03/09 12:0 a.m.19 views

Apple Releases Security Update

Apple has released a security update to address a vulnerability in Apple Software Update. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Apple security website for Software Update 2.2...

6.8AI score
Exploits0References1
CISA
CISA
added 2016/03/07 12:0 a.m.19 views

ISC Releases Security Updates for DHCP Server

Internet Systems Consortium ISC has released security updates to address a vulnerability in versions of ISC Dynamic Host Configuration Protocol DHCP server. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition. Updated versions of ISC DHCP...

6.6AI score
Exploits0References1
CISA
CISA
added 2015/04/14 12:0 a.m.19 views

Microsoft Releases April 2015 Security Bulletin

Microsoft has released eleven updates to address vulnerabilities in Microsoft Windows. Some of these vulnerabilities could allow elevation of privilege, denial of service, remote code execution, information disclosure, or security feature bypass. US-CERT encourages users and administrators to...

7.4AI score
Exploits0References1
CISA
CISA
added 2015/01/23 12:0 a.m.19 views

FBI Releases "Ransomware on the Rise"

The FBI has released an article addressing ransomware campaigns that use intimidating messages claiming to be from the FBI or other government agencies. Scam operators use ransomware – a type of malicious software – to infect a computer and restrict access to it until a ransom is paid to unlock i...

6.6AI score
Exploits0References2
CISA
CISA
added 2014/12/22 12:0 a.m.19 views

oCERT Releases Advisory for Unpatched UnZip Vulnerability

The Open Source Computer Security Incident Response Team oCERT has released an advisory addressing vulnerabilities in all versions of UnZip. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system if a user opens a specially crafted zip file. US-CER...

7AI score
Exploits0References1
CISA
CISA
added 2014/12/09 12:0 a.m.19 views

Microsoft Releases December 2014 Security Bulletin

Microsoft has released updates to address vulnerabilities in Exchange, Windows, Internet Explorer, and Office as part of the Microsoft Security Bulletin Summary for December 2014. Some of these vulnerabilities could allow elevation of privilege, remote code execution, or disclosure of information...

7.3AI score
Exploits0References1
CISA
CISA
added 2013/10/17 12:0 a.m.19 views

Google Releases Google Chrome 30.0.1599.101

Google has released Google Chrome 30.0.1599.101 for Windows, Mac, Linux and Chrome Frame operating systems to address multiple vulnerabilities. These vulnerabilities could allow a remote attacker to cause a denial-of-service condition or trigger multiple conflicting uses of the same object. US-CE...

6.9AI score
Exploits0References1
CISA
CISA
added 2013/08/21 12:0 a.m.19 views

Google Releases Google Chrome 29.0.1547.57

Google has released Google Chrome 29.0.1547.57 for Windows, Mac, Linux, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities could allow a remote attacker to cause a denial of service condition, conduct a directory traversal attack, or obtain sensitive information. US-CERT...

6.9AI score
Exploits0References1
CISA
CISA
added 2013/08/05 12:0 a.m.19 views

Cisco Releases Multiple Security Advisories

Cisco has released three security advisories to address multiple vulnerabilities. These vulnerabilities may allow an attacker to take control of the affected system or allow an authenticated but unprivileged, remote attacker to execute arbitrary code on a vulnerable system and on devices managed ...

8.7AI score
Exploits0References3
CISA
CISA
added 2012/03/14 12:0 a.m.19 views

Cisco Releases Multiple Security Advisories

Cisco has released three security advisories to address vulnerabilities affecting the following products: Cisco ASA 5500 Series Adaptive Security Appliances ASA Cisco Catalyst 6500 Series ASA Service Module ASASM Cisco Catalyst 6500 Series Firewall Service Module FWSM Cisco Adaptive Security...

9.3CVSS7.1AI score0.06181EPSS
Exploits0References4
CISA
CISA
added 2012/02/29 12:0 a.m.19 views

Cisco Releases Multiple Security Advisories

Cisco has released six security advisories to address vulnerabilities affecting the following products: Cius Wifi devices running Cius Software Version 9.21 SR1 and prior Cisco Unified Communications Manager Software versions 6.x, 7.x, and 8.x Cisco Business Edition 3000, 5000, and 6000 Cisco Uni...

7.7AI score
Exploits0References6
CISA
CISA
added 2011/12/20 12:0 a.m.19 views

USAA Phishing Scam and Malware Campaign

US-CERT is aware of public reports of an active spear-phishing attack via email messages directed at United Services Automobile Association USAA members. These messages contain the subject line "Deposit Posted" and contain a randomly generated four-digit number placed in the USAA security zone...

6.5AI score
Exploits0References3
Total number of security vulnerabilities4188