Lucene search
K
CisaMost viewed

4188 matches found

CISA
CISA
added 2023/01/12 12:0 a.m.17 views

CISA Releases Twelve Industrial Control Systems Advisories

CISA released twelve Industrial Control Systems ICS advisories on January 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

0.8AI score
Exploits0References12
CISA
CISA
added 2022/09/15 12:0 a.m.17 views

CISA Adds Six Known Exploited Vulnerabilities to Catalog

CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly adde...

1.6AI score
Exploits0References5
CISA
CISA
added 2022/09/14 12:0 a.m.17 views

Iranian Islamic Revolutionary Guard Corps Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations

CISA, Federal Bureau of Investigation FBI, National Security Agency NSA, U.S. Cyber Command USCC - Cyber National Mission Force CNMF, Department of the Treasury, Australian Cyber Security Centre ACSC, Canadian Centre for Cyber Security CCCS, and United Kingdom’s National Cyber Security Centre NCS...

1.2AI score
Exploits0References6
CISA
CISA
added 2022/08/18 12:0 a.m.17 views

CISA releases 5 Industrial Control Systems Advisories

CISA has released 5 Industrial Control Systems ICS advisories on August 18, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

0.8AI score
Exploits0References5
CISA
CISA
added 2022/08/11 12:0 a.m.17 views

Cisco Releases Security Update for Multiple Products

Cisco has released a security update to address a vulnerability affecting Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software. This vulnerability could allow a remote attacker to obtain sensitive information. For updates addressing lower severity vulnerabilities, see...

2.2AI score
Exploits0References2
CISA
CISA
added 2022/08/11 12:0 a.m.17 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog 

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly adde...

1.6AI score
Exploits0References5
CISA
CISA
added 2022/06/07 12:0 a.m.17 views

CISA Provides Criteria and Process for Updates to the KEV Catalog

CISA has updated the Known Exploited Vulnerabilities KEV catalog webpage as well as the FAQs for Binding Operational Directive BOD 22-01, Reducing the Significant Risk of Known Exploited Vulnerabilities, which established the KEV catalog. The updates provide information on the criteria and proces...

3.2AI score
Exploits0References2
CISA
CISA
added 2022/06/03 12:0 a.m.17 views

CISA Releases Security Advisory on Dominion Voting Systems Democracy Suite ImageCast X

CISA has released an Industrial Controls Systems Advisory ICSA detailing vulnerabilities affecting versions of the Dominion Voting Systems Democracy Suite ImageCast X, which is an in-person voting system used to allow voters to mark their ballot. Exploitation of these vulnerabilities would requir...

1.4AI score
Exploits0References1
CISA
CISA
added 2022/04/22 12:0 a.m.17 views

FBI Releases IOCs Associated with BlackCat/ALPHV Ransomware

The Federal Bureau of Investigation FBI has released a Flash report detailing indicators of compromise IOCs associated with attacks involving BlackCat/ALPHV, a Ransomware-as-a-Service that has compromised at least 60 entities worldwide. CISA encourages users and administrators to review the IOCs...

3AI score
Exploits0References2
CISA
CISA
added 2022/04/07 12:0 a.m.17 views

VMware Releases Security Updates

VMware has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory Advisories VMSA-2022-0011 and...

2.4AI score
Exploits0References2
CISA
CISA
added 2022/03/24 12:0 a.m.17 views

VMware Releases Security Updates

VMware has released security updates to address multiple vulnerabilities in VMware Carbon Black App Control software. A remote attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory...

2.9AI score
Exploits0References1
CISA
CISA
added 2022/02/15 12:0 a.m.17 views

FBI and USSS Release Advisory on BlackByte Ransomware

The Federal Bureau of Investigation FBI and the United States Secret Service USSS have released a joint Cybersecurity Advisory CSA identifying indicators of compromise associated with BlackByte ransomware. BlackByte is a Ransomware-as-a-Service group that encrypts files on compromised Windows hos...

6.7AI score
Exploits0References2
CISA
CISA
added 2022/01/07 12:0 a.m.17 views

WordPress Releases Security Update

WordPress versions between 3.7 and 5.8 are affected by multiple vulnerabilities. Exploitation of some of these vulnerabilities could cause a denial of service condition. CISA encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 5.8.3. This product ...

7AI score
Exploits0References1
CISA
CISA
added 2021/11/24 12:0 a.m.17 views

VMware Releases Security Updates

VMware has released security updates to address multiple vulnerabilities in vCenter Server and Cloud Foundation. A remote attacker can exploit this vulnerability to obtain access to sensitive information. CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0027 a...

6.9AI score
Exploits0References1
CISA
CISA
added 2021/10/01 12:0 a.m.17 views

Google Releases Security Updates for Chrome

Google has released Chrome version 94.0.4606.71 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update as so...

6.9AI score
Exploits0References1
CISA
CISA
added 2021/09/09 12:0 a.m.17 views

Citrix Releases Security Updates for Hypervisor

Citrix has released security updates to address vulnerabilities in Hypervisor. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Citrix Security Update CTX325319 and apply the necessary updates. This product i...

7AI score
Exploits0References1
CISA
CISA
added 2021/08/27 12:0 a.m.17 views

 ICSJWG 2021 Fall Virtual Meeting

The Industrial Control Systems Joint Working Group ICSJWG will hold the virtual 2021 ICSJWG Fall Meeting, September 21—22, 2021. ICSJWG meetings facilitate relationship building among critical infrastructure stakeholders and owners/operators of industrial control systems, idea exchange regarding...

6.8AI score
Exploits0References3
CISA
CISA
added 2021/07/27 12:0 a.m.17 views

CISA Releases Security Advisory for Geutebruck Devices

CISA has released an Industrial Control Systems ICS advisory detailing multiple vulnerabilities in multiple Geutebruck G-CAM E2 series devices and Encoder G-Code versions. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users an...

7.3AI score
Exploits0References1
CISA
CISA
added 2021/07/22 12:0 a.m.17 views

 Cisco Releases Security Updates

Cisco has released security updates to address multiple vulnerabilities in Intersight Virtual Appliance. An attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA...

7.1AI score
Exploits0References2
CISA
CISA
added 2021/04/29 12:0 a.m.17 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit one of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...

7.5AI score
Exploits0References6
CISA
CISA
added 2021/04/22 12:0 a.m.17 views

CISA Incident Response to SUPERNOVA Malware

CISA has released AR21-112A: CISA Identifies SUPERNOVA Malware During Incident Response to provide analysis of a compromise in an organization’s enterprise network by an advance persistent threat actor. This report provides tactics, techniques, and procedures CISA observed during the incident...

6.8AI score
Exploits0References2
CISA
CISA
added 2021/04/13 12:0 a.m.17 views

Google Releases Security Updates for Chrome

Google has updated the stable channel for Chrome to 89.0.4389.128 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome release and apply the necessary...

7AI score
Exploits0References1
CISA
CISA
added 2021/03/31 12:0 a.m.17 views

CISA Releases Supplemental Direction on Emergency Directive for Microsoft Exchange Server Vulnerabilities

CISA has issued supplemental direction to Emergency Directive ED 21-02: Mitigate Microsoft Exchange On-Premises Product Vulnerabilities providing additional forensic triage and server hardening, requirements for federal agencies. Specifically, this update directs federal departments and agencies ...

6.8AI score
Exploits0References9
CISA
CISA
added 2021/02/24 12:0 a.m.17 views

CISA Releases Joint Cybersecurity Advisory on Exploitation of Accellion File Transfer Appliance

The cybersecurity authorities of Australia, New Zealand, Singapore, the United Kingdom, and the United States have released Joint Cybersecurity Advisory AA21-055A: Exploitation of Accellion File Transfer Appliance. Cyber actors worldwide have exploited vulnerabilities in Accellion File Transfer...

6.8AI score
Exploits0References3
CISA
CISA
added 2021/02/12 12:0 a.m.17 views

VMware Releases Security Update

VMware has released a security update to address a vulnerability in vSphere Replication. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0001 and apply the necessary update...

6.7AI score
Exploits0References1
CISA
CISA
added 2021/01/27 12:0 a.m.17 views

Apple Releases Security Updates

Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users to review the Apple security pages for the following products and apply the necessary...

7AI score
Exploits0References5
CISA
CISA
added 2020/12/09 12:0 a.m.17 views

New ACSC Cybersecurity Campaign Begins by Focusing on Ransomware Threats

The Australian Cyber Security Centre ACSC has launched a new cyber security campaign encouraging all Australians to protect themselves against online threats. The initial focus of the campaign is ransomware threats, and the ACSC provides easy-to-follow security advice at cyber.gov.au to help...

6.6AI score
Exploits0References5
CISA
CISA
added 2020/11/19 12:0 a.m.17 views

Drupal Releases Security Updates

Drupal has released security updates to address a critical vulnerability in Drupal 7, 8.8 and earlier, 8.9, and 9.0. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to...

6.8AI score
Exploits0References1
CISA
CISA
added 2020/10/29 12:0 a.m.17 views

CISA, FBI, and CNMF Identify a New Malware Variant: ComRAT

The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Department of Defense Cyber National Mission Force CNMF have identified a malware variant—referred to as ComRAT—used by the Russian-sponsored advanced persistent threat APT actor Turla. In...

6.9AI score
Exploits0References3
CISA
CISA
added 2020/04/30 12:0 a.m.17 views

Cisco Releases Security Updates for IOS XE SD-WAN Solution Software

Cisco has released security updates to address a vulnerability in IOS XE SD-WAN Solution software. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Cisco...

6.7AI score
Exploits0References1
CISA
CISA
added 2020/02/19 12:0 a.m.17 views

VMware Releases Security Updates for vRealize Operations for Horizon Adapter

VMware has released security updates to address multiple vulnerabilities in vRealize Operations for Horizon Adapter. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...

7.2AI score
Exploits0References1
CISA
CISA
added 2019/12/05 12:0 a.m.17 views

ACSC Releases Fundamentals of Cross Domain Solutions

The Australian Cyber Security Centre ACSC has released a cybersecurity guide outlining the fundamentals of cross domain solution CDS technologies. This guidance provides cross domain security principles to enable organizations to share information securely across separated networks. The...

6.5AI score
Exploits0References1
CISA
CISA
added 2019/11/19 12:0 a.m.17 views

NSA Releases Cyber Advisory: Managing Risk from Transport Layer Security Inspection

The National Security Agency NSA has released a Cyber Advisory that addresses managing risk from Transport Layer Security Inspection TLSI. This short, informative document defines TLSI a security process that allows incoming traffic to be decrypted, inspected, and re-encrypted, explains some risk...

6.7AI score
Exploits0References2
CISA
CISA
added 2019/08/22 12:0 a.m.17 views

CISA Strategic Intent: Defend Today, Secure Tomorrow

The Cybersecurity and Infrastructure Security Agency CISA has released the CISA Strategic Intent document, framing the new agency’s mission to protect the Nation’s critical infrastructure from physical and cyber threats. The document details CISA Director Christopher Krebs’ strategic vision and...

6.8AI score
Exploits0References2
CISA
CISA
added 2019/08/06 12:0 a.m.17 views

El Paso and Dayton Tragedy-Related Scams and Malware Campaigns

In the wake of the recent shootings in El Paso, TX, and Dayton, OH, the Cybersecurity and Infrastructure Security Agency CISA advises users to watch out for possible malicious cyber activity seeking to capitalize on these tragic events. Users should exercise caution in handling emails related to...

6.6AI score
Exploits0References4
CISA
CISA
added 2019/04/30 12:0 a.m.17 views

CISA Releases Binding Operational Directive on Vulnerability Remediation

The U.S. Department of Homeland Security DHS Cybersecurity and Infrastructure Security Agency CISA issued Binding Operational Directive BOD 19-02, Vulnerability Remediation Requirements for Internet-Accessible Systems. BOD 19-02 requires federal agencies to ensure effective and timely remediation...

6.9AI score
Exploits0References2
CISA
CISA
added 2019/03/15 12:0 a.m.17 views

New Zealand Tragedy-Related Scams and Malware Campaigns

In the wake of the recent New Zealand mosque shootings, the Cybersecurity and Infrastructure Security Agency CISA advises users to watch out for possible malicious cyber activity seeking to capitalize on this tragic event. Users should exercise caution in handling emails related to the shootings,...

6.6AI score
Exploits0References4
CISA
CISA
added 2018/12/11 12:0 a.m.17 views

Mozilla Releases Security Updates for Firefox

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and...

7.3AI score
Exploits0References2
CISA
CISA
added 2018/11/20 12:0 a.m.17 views

Securing Mobile Devices During Holiday Travel

As the holiday season begins, many people will travel with their mobile devices. Although these devices—such as smart phones, tablets, and laptops—offer a range of conveniences, users should be mindful of potential threats and vulnerabilities while traveling with them. The Cybersecurity and...

7AI score
Exploits0References2
CISA
CISA
added 2018/08/22 12:0 a.m.17 views

FTC Issues Alert on Bitcoin Blackmail Scams

The Federal Trade Commission has released an alert on Bitcoin blackmail scams. In these schemes, scammers threaten victims with public disclosure of their "secret" unless they send a payment in Bitcoin. NCCIC encourages users and administrators to refer to the FTC Alert and a related FBI press...

6.8AI score
Exploits0References3
CISA
CISA
added 2018/07/12 12:0 a.m.17 views

ISC Releases Security Advisory for Kea DHCP

The Internet Systems Consortium ISC has released a security advisory that addresses a memory leak vulnerability in Kea DHCP 1.4.0. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. NCCIC encourages users and administrators to review ISC Knowledge Base...

6.6AI score
Exploits0References1
CISA
CISA
added 2018/04/10 12:0 a.m.17 views

Microsoft Releases April 2018 Security Updates

Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Microsoft's April 2018 Security Update Summary and Deployment...

7AI score
Exploits0References2
CISA
CISA
added 2018/03/27 12:0 a.m.17 views

Mozilla Releases Security Updates for Firefox

Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to cause a denial-of-service condition. NCCIC/US-CERT encourages users and administrators to review the Mozilla Security Advisory for Firefox 59.0.2 and Firefo...

6.9AI score
Exploits0References1
CISA
CISA
added 2018/01/23 12:0 a.m.17 views

Mozilla Releases Security Updates

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review the Mozilla Security Advisory for Firefox E...

7.3AI score
Exploits0References2
CISA
CISA
added 2017/12/06 12:0 a.m.17 views

Google Releases Security Update for Chrome

Google has released Chrome version 63.0.3239.84 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary update...

7AI score
Exploits0References1
CISA
CISA
added 2015/12/15 12:0 a.m.17 views

Mozilla Releases Security Updates for Firefox and Firefox ESR

The Mozilla Foundation has released security updates to address vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 43 Firefox ESR 38.5 US-CERT encourages...

7.2AI score
Exploits0References2
CISA
CISA
added 2015/08/11 12:0 a.m.17 views

Microsoft Releases August 2015 Security Bulletin

Microsoft has released 14 updates to address vulnerabilities in Microsoft Windows. Exploitation of some of these vulnerabilities could allow remote code execution or elevation of privileges and information disclosure. US-CERT encourages users and administrators to review Microsoft Security...

7.7AI score
Exploits0References1
CISA
CISA
added 2015/06/23 12:0 a.m.17 views

IC3 Issues Alert on CryptoWall Ransomware

The Internet Crime Complaint Center IC3 has issued an alert warning that U.S. individuals and businesses are still at risk of CryptoWall ransomware fraud. Scam operators use ransomware—a type of malicious software—to infect a device and restrict access until a ransom fee is paid­­. Individuals an...

6.6AI score
Exploits0References2
CISA
CISA
added 2015/06/09 12:0 a.m.17 views

VMWare Releases Security Updates for Multiple Products

VMWare has released four updates to address vulnerabilities in VMWare Workstation, Player, Fusion, and Horizon Client. Exploitation of some of these vulnerabilities could allow denial-of-service condition or remote code execution on the Windows OS running these programs. Users and administrators...

7.9AI score
Exploits0References1
CISA
CISA
added 2014/10/16 12:0 a.m.17 views

Ebola Phishing Scams and Malware Campaigns

US-CERT reminds users to protect against email scams and cyber campaigns using the Ebola virus disease EVD as a theme. Phishing emails may contain links that direct users to websites which collect personal information such as login credentials, or contain malicious attachments that can infect a...

6.6AI score
Exploits0References2
Total number of security vulnerabilities4188