Lucene search
K
CisaMost viewed

4188 matches found

CISA
CISA
added 2021/05/26 12:0 a.m.16 views

Google Releases Security Updates for Chrome

Google has released Chrome version 91.0.4472.77 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates. Thi...

6.9AI score
Exploits0References1
CISA
CISA
added 2021/05/06 12:0 a.m.16 views

Mozilla Releases Security Updates for Firefox

Mozilla has released security updates to address vulnerabilities in Firefox. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla Security Advisory for Firefox 88.0.1 and apply the necessary updates...

7.1AI score
Exploits0References1
CISA
CISA
added 2021/02/11 12:0 a.m.16 views

Verify Your Valentine

This Valentine’s Day, before you go looking for love in all the wrong chat rooms, CISA reminds users to be wary of internet romance scams. At first, cyber criminals promise the reward of romance after adopting an alias to appear as a potential partner. Once your heart is hooked on hope, they turn...

6.8AI score
Exploits0References3
CISA
CISA
added 2020/12/03 12:0 a.m.16 views

Heightened Awareness for Iranian Cyber Activity

Iranian cyber threat actors have been continuously improving their offensive cyber capabilities. They continue to engage in more conventional offensive cyber activities ranging from website defacement, distributed denial of service DDoS attacks, and theft of personally identifiable information PI...

6.7AI score
Exploits0References7
CISA
CISA
added 2020/06/01 12:0 a.m.16 views

Hurricane-Related Scams

June 1 marks the official start of the 2020 Atlantic hurricane season. The Cybersecurity and Infrastructure Security Agency CISA warns users to remain on alert for malicious cyber activity targeting potential disaster victims and charitable donors following a hurricane. Fraudulent emails—often...

6.8AI score
Exploits0References6
CISA
CISA
added 2020/03/04 12:0 a.m.16 views

ACSC Releases Securing Content Management Systems Guide

The Australian Cyber Security Centre ACSC has released a cybersecurity guide outlining strategies for identifying and minimizing risks to web servers from installed content management systems CMS. This guidance provides effective mitigation strategies organizations can use to better protect their...

6.8AI score
Exploits0References1
CISA
CISA
added 2019/11/06 12:0 a.m.16 views

CISA Launches “Cyber Essentials” for Small Businesses and Small SLTT Governments

The Cybersecurity and Infrastructure Security Agency CISA has launched Cyber Essentials, an effort to assist small organizations in understanding and addressing cybersecurity risks. Developed in partnership with small businesses and small state, local, tribal, and territorial SLTT governments,...

6.7AI score
Exploits0References2
CISA
CISA
added 2019/10/29 12:0 a.m.16 views

Microsoft Reports Global Cyberattacks on Sporting and Anti-Doping Organizations from Russian Espionage Actors

Microsoft publicly released information revealing an uptick in cyberattacks globally targeting anti-doping authorities and sporting organizations. The Microsoft Threat Intelligence Center MSTIC routinely tracks malicious activity originating from the Russian advanced persistent threat APT group 2...

6.9AI score
Exploits0References5
CISA
CISA
added 2019/10/24 12:0 a.m.16 views

FBI Expands Election Security Resources

The Federal Bureau of Investigation FBI has released additional election security resources as part of the Protected Voices initiative. Created in partnership with FBI, the Department of Homeland Security, and the Office of the Director of National Intelligence, Protected Voices is an effort to...

6.8AI score
Exploits0References3
CISA
CISA
added 2019/10/07 12:0 a.m.16 views

NSA Releases Advisory on Mitigating Recent VPN Vulnerabilities

The National Security Agency NSA has released an advisory on advanced persistent threat APT actors exploiting multiple vulnerabilities in Virtual Private Network VPN applications. A remote attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and...

7.1AI score
Exploits0References2
CISA
CISA
added 2019/07/11 12:0 a.m.16 views

Atlassian Releases Security Updates for Jira

Atlassian has released security updates to address a vulnerability affecting Jira Server and Jira Data Center. A remote attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to...

6.9AI score
Exploits0References2
CISA
CISA
added 2019/04/17 12:0 a.m.16 views

ICSJWG Spring Meeting April 23–25

The Industrial Control Systems Joint Working Group ICSJWG—a collaborative and coordinating body operating under the Critical Infrastructure Partnership Advisory Council framework—will hold the 2019 ICSJWG Spring Meeting in Kansas City, MO, April 23–25, 2019. ICSJWG facilitates information sharing...

6.7AI score
Exploits0References2
CISA
CISA
added 2019/04/12 12:0 a.m.16 views

Multiple Vulnerabilities in WPA3 Protocol

The CERT Coordination Center CERT/CC has released information on vulnerabilities—referred to as Dragonblood—in WPA3 protocol. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages...

7AI score
Exploits0References1
CISA
CISA
added 2019/03/01 12:0 a.m.16 views

Adobe Releases Security Updates for ColdFusion

Adobe has released security updates to address a vulnerability in ColdFusion. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...

6.7AI score
Exploits0References1
CISA
CISA
added 2018/11/13 12:0 a.m.16 views

Microsoft Releases November 2018 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Microsoft’s November 2018 Security Update Summary and...

7.1AI score
Exploits0References2
CISA
CISA
added 2018/10/09 12:0 a.m.16 views

VMware Releases Security Advisory

VMware has released a security advisory to address a vulnerability in ESXi, Workstation, and Fusion. An attacker could exploit this vulnerability to cause a denial-of-service condition. NCCIC encourages users and administrators to review VMware Security Advisory VMSA-2018-0025 and apply the...

6.6AI score
Exploits0References1
CISA
CISA
added 2018/06/13 12:0 a.m.16 views

Google Releases Security Update for Chrome

Google has released Chrome version 67.0.3396.87 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. NCCIC encourages users and administrators to review the Chrome Release page and apply the necessary update. Thi...

6.8AI score
Exploits0References1
CISA
CISA
added 2017/11/21 12:0 a.m.16 views

Intel Firmware Vulnerability

Intel has released recommendations to address vulnerabilities in the firmware of the following Intel products: Management Engine, Server Platform Services, and Trusted Execution Engine. An attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourag...

7.1AI score
Exploits0References3
CISA
CISA
added 2017/11/15 12:0 a.m.16 views

Cisco Releases Security Update

Cisco has released a security update to address a vulnerability in its Voice Operating System software platform. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Cisco Security Advisor...

6.8AI score
Exploits0References1
CISA
CISA
added 2017/11/01 12:0 a.m.16 views

Cisco Releases Security Updates

Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the...

8.2AI score
Exploits0References8
CISA
CISA
added 2017/05/17 12:0 a.m.16 views

Joomla! Releases Security Update for CMS

Joomla! has released version 3.7.1 of its Content Management System CMS software to address a vulnerability. Exploitation of this vulnerability may allow a remote attacker to take control of an affected website. Users and administrators are encouraged to review the Joomla! Security Release and...

6.9AI score
Exploits0References2
CISA
CISA
added 2017/05/01 12:0 a.m.16 views

Intel Firmware Vulnerability

Intel has released recommendations to address a vulnerability in the firmware of the following Intel products: Active Management Technology, Standard Manageability, and Small Business Technology, firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6. This vulnerability does not affect...

6.7AI score
Exploits0References5
CISA
CISA
added 2017/03/09 12:0 a.m.16 views

Google Releases Security Update for Chrome

Google has released Chrome version 57.0.2987.98 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that, if exploited, may allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review the Chrome Releases page and apply th...

7.1AI score
Exploits0References1
CISA
CISA
added 2017/01/16 12:0 a.m.16 views

SMB Security Best Practices

In response to public reporting of a potential Server Message Block SMB vulnerability, US-CERT is providing known best practices related to SMB. This service is universally available for Windows systems, and legacy versions of SMB protocols could allow a remote attacker to obtain sensitive...

6.3AI score
Exploits0References2
CISA
CISA
added 2016/05/23 12:0 a.m.16 views

Adobe Releases Security Update for Adobe Connect

Adobe has released a security update to address a vulnerability in Adobe Connect for Windows. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Adobe Security Bulletin APSB16-17 and apply the...

6.8AI score
Exploits0References1
CISA
CISA
added 2016/04/26 12:0 a.m.16 views

Mozilla Releases Security Updates

Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 46 Firefox ESR 38.8 Firefox ESR 45.1 Users and...

7.3AI score
Exploits0References2
CISA
CISA
added 2016/04/20 12:0 a.m.16 views

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in multiple products. Exploitation of these vulnerabilities could allow a remote attacker to cause a denial-of-service condition on an affected system. US-CERT encourages users and administrators to review the following Cisco Security...

6.9AI score
Exploits0References5
CISA
CISA
added 2016/03/21 12:0 a.m.16 views

Apple Releases Multiple Security Updates

Apple has released security updates for iOS, watchOS, tvOS, Xcode, OS X El Capitan, OS X Server 5.1, and Safari to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: iOS 9.3...

7AI score
Exploits0References7
CISA
CISA
added 2016/03/08 12:0 a.m.16 views

Mozilla Releases Security Updates

Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 45 Firefox ESR 38.7 Users and administrators ar...

7.3AI score
Exploits0References2
CISA
CISA
added 2016/01/28 12:0 a.m.16 views

OpenSSL Releases Security Advisory

OpenSSL versions 1.0.2f and 1.0.1r have been released to address vulnerabilities in prior versions. Exploitation of these vulnerabilities may allow a remote attacker to obtain sensitive information. US-CERT encourages users and administrators to review the OpenSSL Security Advisory and apply the...

6.9AI score
Exploits0References2
CISA
CISA
added 2015/11/18 12:0 a.m.16 views

IC3 Warns of Cyber Attacks Focused on Law Enforcement and Public Officials

The Internet Crime Complaint Center IC3 has issued an alert warning that law enforcement personnel and public officials may be at an increased risk of cyber attacks. In addition to doxing the act of gathering and publishing individuals' personal information without permission, threat actors have...

6.8AI score
Exploits0References2
CISA
CISA
added 2015/11/13 12:0 a.m.16 views

Apache Commons Collections Java Library Vulnerability

US-CERT is aware of a deserialization vulnerability in the Apache Commons Collections ACC Java library. Java applications that either directly use ACC, or contain ACC in their classpath, may be vulnerable to arbitrary code execution. US-CERT encourages users and administrators to review...

7.2AI score
Exploits0References1
CISA
CISA
added 2015/10/01 12:0 a.m.16 views

VMware Releases Security Advisory

VMware has released security updates to address security vulnerabilities in vCenter and ESXi. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review VMware Security Advisory VMSA-2015-0007 a...

7AI score
Exploits0References1
CISA
CISA
added 2015/08/07 12:0 a.m.16 views

Required Group Policy Preference Actions for Microsoft Security Bulletin MS14-025

US-CERT is aware of continued exploitation of insecurely stored passwords in Group Policy Preferences, due to incomplete implementations of Microsoft Security Bulletin MS14-025. Systems may still be vulnerable to exploitation if administrators have not cleared all previously stored passwords from...

6.9AI score
Exploits0References2
CISA
CISA
added 2015/06/11 12:0 a.m.16 views

IC3 Issues Alert on Gift Card Scams

The Internet Crime Complaint Center IC3 has released an alert warning consumers of fraud around the resale of gift cards. The secondary gift card market has grown in recent years, and criminal activity has been identified on sites facilitating such exchanges. When purchasing gift cards, look for...

6.7AI score
Exploits0References2
CISA
CISA
added 2015/06/09 12:0 a.m.16 views

Microsoft Releases June 2015 Security Bulletin

Microsoft has released eight updates to address vulnerabilities in Microsoft Windows. Exploitation of some of these vulnerabilities could allow remote code execution or elevation of privileges. US-CERT encourages users and administrators to review Microsoft Security Bulletins MS15-056 through...

7.8AI score
Exploits0References1
CISA
CISA
added 2015/03/26 12:0 a.m.16 views

Cisco Releases Semiannual IOS Software Security Advisory Bundled Publication

Cisco has released its semiannual Cisco IOS Software Security Advisory Bundled Publication. This publication includes seven Security Advisories that address vulnerabilities in Cisco IOS Software. Exploits of these vulnerabilities could result in a denial of service DoS condition, interface queue...

6.8AI score
Exploits0References1
CISA
CISA
added 2014/12/20 12:0 a.m.16 views

"Misfortune Cookie" Broadband Router Vulnerability

Broadband routers employing the Allegro RomPager firmware prior to versions 4.34 contain a vulnerability in HTTP cookie processing code. Exploitation of this vulnerability could allow a remote attacker to take control of an affected device. Users and administrators are encouraged to review...

6.7AI score
Exploits0References3
CISA
CISA
added 2014/10/20 12:0 a.m.16 views

Apple Releases Security Updates for iOS and Apple TV

Apple has released security updates for iOS devices and Apple TV to address multiple vulnerabilities, one of which could allow an attacker to decrypt data protected by SSL. Updates available include: iOS 8.1 for iPhone 4s and later, iPod touch 5th generation and later, and iPad 2 and later Apple ...

6.7AI score
Exploits0References2
CISA
CISA
added 2014/10/16 12:0 a.m.16 views

Google Releases Security Updates for Chrome and Chrome OS

Google has released security updates to address multiple vulnerabilities in Chrome and Chrome OS, one of which could potentially allow an attacker to take control of the affected system. Updates available include: Chrome 38.0.2125.104 for Windows, Mac and Linux Chrome OS 38.0.2125.108 for all...

7AI score
Exploits0References2
CISA
CISA
added 2014/09/30 12:0 a.m.16 views

Apple Releases OS X bash Update 1.0

Apple has released OS X bash Update 1.0 to address vulnerabilities found in the Bourne-again Shell bash which could allow a remote attacker to execute arbitrary shell commands. US-CERT recommends users and administrators review Apple Security Update HT6495, TA14-268A, Vulnerability Note VU252743...

7.4AI score
Exploits0References4
CISA
CISA
added 2014/07/22 12:0 a.m.16 views

CPNI Releases Paper on Improving Defenses Against Targeted Attack

The United Kingdom's Centre for the Protection of National Infrastructure CPNI has released a report on its “Improving Defenses Against Targeted Attack" iDATA cyber research program. The report contains descriptions and outcomes from a number of projects aimed at addressing threats posed by natio...

6.8AI score
Exploits0References1
CISA
CISA
added 2014/07/10 12:0 a.m.16 views

Microsoft Releases Security Advisory for Improperly Issued Digital Certificates

Microsoft has released a security advisory to address improperly issued SSL certificates that could be used in attempts to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This issue affects all supported releases of Microsoft Windows. Users and administrators are...

6.4AI score
Exploits0References1
CISA
CISA
added 2014/07/08 12:0 a.m.16 views

Adobe Releases Security Updates for Flash Player and Air

Adobe has released security updates to address multiple vulnerabilities in Flash Player and Air. Exploitation of these vulnerabilities could potentially allow an attacker to take control of the affected system. The following updates are available: Adobe Flash Player 14.0.0.145 for Windows,...

7AI score
Exploits0References1
CISA
CISA
added 2014/06/05 12:0 a.m.16 views

OpenSSL Releases Security Advisory

OpenSSL has released updates patching 6 vulnerabilities, which may allow an attacker to decrypt or modify traffic between a vulnerable client and server, cause a denial of service condition, or remotely execute arbitrary code. The following updates are available: OpenSSL 0.9.8 SSL/TLS users shoul...

7.2AI score
Exploits0References2
CISA
CISA
added 2014/04/29 12:0 a.m.16 views

Mozilla Releases Security Updates for Firefox, Thunderbird, and Seamonkey

The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox, Thunderbird, and Seamonkey. Exploitation of these vulnerabilities may allow an attacker to obtain sensitive information, cause a denial-of-service condition, execute arbitrary code, conduct phishi...

7.5AI score
Exploits0References4
CISA
CISA
added 2014/02/21 12:0 a.m.16 views

Apple Releases Security Updates for iOS devices and Apple TV

Apple has released updates for iOS and Apple TV devices to address a vulnerability that allows an attacker with a privileged network position to capture or modify data in protected SSL/TLS sessions. Updates are available: iOS 6.1.6 for iPhone 3GS and iPod touch 4th generation. iOS 7.0.6 for iPhon...

6.5AI score
Exploits0References3
CISA
CISA
added 2014/02/20 12:0 a.m.16 views

Security Updates Available for Adobe Flash Player

Adobe has released security updates to address a vulnerability in Adobe Flash Player 12.0.0.44 or earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.336 or earlier versions for Linux. Exploitation of this vulnerability could allow an attacker to take control of an affected...

6.7AI score
Exploits0References1
CISA
CISA
added 2013/10/18 12:0 a.m.16 views

Reports of D-Link Router Backdoor

US-CERT is aware of reports that the firmware for various D-Link routers contains a backdoor that allows unauthenticated remote users to bypass the routers' password authentication mechanism. An unauthenticated remote attacker can take any action as an administrator using the remote management we...

7.4AI score
Exploits0References2
CISA
CISA
added 2013/10/03 12:0 a.m.16 views

Microsoft Releases Advance Notification for October Security Bulletin

Microsoft has issued a Security Bulletin Advance Notification indicating that its October release will contain eight bulletins. These bulletins will have the severity rating of critical and important and will be for Microsoft Windows, Internet Explorer, .NET Framework, Office, Server Software, an...

6.7AI score
Exploits0References1
Total number of security vulnerabilities4188