4188 matches found
Fortinet Releases Security Update for FortiOS
Fortinet has released a security update to address a vulnerability CVE-2023-29182 affecting FortiOS. A remote attacker can exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Fortinet security release FG-IR-23-149link is externa...
Fortinet Releases April 2023 Vulnerability Advisories
Fortinet has released its April 2023 Vulnerability Advisorieslink is external to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Fortinet April...
OpenSSL Releases Security Advisory
OpenSSL has released a security advisory to address multiple vulnerabilities affecting OpenSSL versions 3.0.0, 2.2.2, and 1.0.2. An attacker could exploit some of these vulnerabilities to obtain sensitive information. CISA encourages users and administrators to review the OpenSSL advisory and mak...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and poses a significant risk to the federal enterprise. Note: To view the newly added...
#StopRansomware: Cuba Ransomware
Today, the Federal Bureau of Investigation FBI and CISA released a joint Cybersecurity Advisory CSA StopRansomware: Cuba Ransomware to provide network defenders tactics, techniques, and procedures TTPs and indicators of compromise IOCs associated with Cuba ransomware. FBI investigations identifie...
Mozilla Releases Security Updates for Multiple Products
Mozilla has released security updates to address vulnerabilities in Thunderbird, Firefox ESR, and Firefox. An attacker could exploit these vulnerabilities to cause user confusion or conduct spoofing attacks. CISA encourages users and administrators to review Mozilla’s security advisories for...
CISA Has Added One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added...
CISA Releases RedEye: Red Team Campaign Visualization and Reporting Tool
CISA has released RedEye, an interactive open-source analytic tool to visualize and report Red Team command and control activities. RedEye allows an operator to quickly assess complex data, evaluate mitigation strategies, and enable effective decision making. For more information, CISA encourages...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA...
CISA Releases Three Industrial Control Systems Advisories
CISA has released three 3 Industrial Control Systems ICS advisories on September 27th, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisori...
CISA Releases Five Industrial Control Systems Advisories
CISA released five Industrial Control Systems ICS advisories on September 13, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...
Cisco Releases Security Update for Cisco Secure Web Appliance
Cisco has released security updates to address vulnerabilities in Cisco Secure Web Appliance. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA...
#StopRansomware: Zeppelin Ransomware
CISA and the Federal Bureau of Investigation FBI have released a joint Cybersecurity Advisory CSA, StopRansomware: Zeppelin Ransomware, to provide information on Zeppelin Ransomware. Actors use Zeppelin Ransomware, a ransomware-as-a-service RaaS, against a wide range of businesses and critical...
VMware Releases Security Updates
VMware has released security updates to address multiple vulnerabilities in vRealize Operations. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2022-0022 and appl...
CISA Requests Public Comment on CISA’s TIC 3.0 Cloud Use Case
CISA has released Trusted Internet Connections TIC 3.0 Cloud Use Case for public comment. TIC is a federal cybersecurity initiative intended to secure federal data, networks, and boundaries while providing visibility into agency traffic, including cloud communications. TIC use cases provide...
Drupal Releases Security Updates
Drupal has released security updates to address a Guzzle third-party library vulnerability that does not affect Drupal core but may affect some contributed projects or custom code on Drupal sites. Exploitation of this vulnerability could allow a remote attacker to take control of an affected...
CISA Compiles Free Cybersecurity Services and Tools for Network Defenders
CISA has compiled and published a list of free cybersecurity services and tools to help organizations reduce cybersecurity risk and strengthen resiliency. This non-exhaustive living repository includes services provided by CISA, widely used open source tools, and free tools and services offered b...
Adobe Releases Security Updates for Multiple Products
Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessa...
VMware Releases Security Updates
VMware has released security updates to address multiple vulnerabilities in vCenter Server and Cloud Foundation. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory...
CISA's Annual National Cybersecurity Summit
CISA will host its fourth annual National Cybersecurity Summit on Wednesdays during the month of October. The 2021 Summit will be held as a series of four virtual events bringing stakeholders together in a forum for meaningful conversation: Oct. 6 - Assembly Required: The Pieces of the...
FBI Releases Indicators of Compromise Associated with Hive Ransomware
The Federal Bureau of Investigation FBI has released a Flash report detailing indicators of compromise IOCs and tactics, techniques, and procedures TTPs associated with ransomware attacks by Hive, a likely Ransomware-as-a-Service organization consisting of a number of actors using multiple...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...
Adobe Releases Security Updates for Multiple Products
Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessa...
Adobe Releases Security Updates for Multiple Products
Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Adobe’s Security Bulletins and apply the necessary updates...
CISA Releases Analysis of FY20 Risk and Vulnerability Assessments
CISA has released an analysis and infographic detailing the findings from the Risk and Vulnerability Assessments RVAs conducted in Fiscal Year FY 2020 across multiple sectors. The analysis details a sample attack path a cyber threat actor could take to compromise an organization with weaknesses...
CISA Updates Alert on Pulse Connect Secure
CISA has updated Alert AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities, originally released April 20. This update adds a new Detection section providing information on Impossible Travel and Transport Layer Security TLS Fingerprinting that may be useful in identifying malicious...
CISA Releases Alert on Exploitation of Pulse Connect Secure Vulnerabilities
CISA is aware of ongoing exploitation of Ivanti Pulse Connect Secure vulnerabilities compromising U.S. government agencies, critical infrastructure entities, and private sector organizations. In response, CISA has released Alert AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities, as...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Cisco Advisories and apply the necessary updates: Cisco...
CISA Releases New Alert on Post-Compromise Threat Activity in Microsoft Cloud Environments and Tools to Help Detect This Activity
CISA has evidence of post-compromise advanced persistent threat APT activity in the cloud environment. Specifically, CISA has seen an APT actor using compromised applications in a victim’s Microsoft 365 M365/Azure environment and using additional credentials and Application Programming Interface...
CISA Updates Emergency Directive 21-01 Supplemental Guidance and Activity Alert on SolarWinds Orion Compromise
CISA has released Emergency Directive ED 21-01 Supplemental Guidance version 3: Mitigate SolarWinds Orion Code Compromise, providing guidance that supersedes Required Action 4 of ED 21-01 and Supplemental Guidance versions 1 and 2. Federal agencies without evidence of adversary follow-on activity...
Theft of FireEye Red Team Tools
FireEye has released a blog addressing unauthorized access to their Red Team’s tools by a highly sophisticated threat actor. Red Team tools are often used by cybersecurity organizations to evaluate the security posture of enterprise systems. Although the Cybersecurity and Infrastructure Security...
CISA and CNMF Identify a New Malware Variant: Zebrocy
Content: The Cybersecurity and Infrastructure Security Agency CISA and the Department of Defense DOD Cyber National Mission Force CNMF have identified a malware variant—referred to as Zebrocy—used by a sophisticated cyber actor. In addition, U.S. Cyber Command has released the malware sample to t...
Google Releases Security Updates for Chrome
Google has released Chrome version 86.0.4240.75 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
CISA Releases Telework Essentials Toolkit
The Cybersecurity and Infrastructure Security Agency CISA has released the Telework Essentials Toolkit, a comprehensive resource of telework best practices. The Toolkit provides three personalized modules for executive leaders, IT professionals, and teleworkers. Each module outlines distinctive...
Drupal Releases Security Updates
Drupal has released security updates to address vulnerabilities in Drupal 7.x, 8.8.x, 8.9.x, and 9.0.x. An attacker could exploit some of these vulnerabilities to obtain sensitive information or leverage the way HTML is rendered. The Cybersecurity and Infrastructure Security Agency CISA encourage...
CISA Insights: Email-Based Attacks on Elections-Related Entities
The Cybersecurity and Infrastructure Security Agency CISA has released CISA Insights: Actions to Counter Email-Based Attacks on Elections-Related Entities in light of increased sophisticated phishing operations targeting individuals and groups involved in the upcoming U.S. elections. CISA strongl...
Chinese Malicious Cyber Activity
The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Department of Defense DoD have identified a malware variant—referred as TAIDOOR—used by the Chinese government. In addition, U.S. Cyber Command has released the malware sample to the malwar...
Adobe Releases Security Updates for Multiple Products
Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
Cisco Releases Security Updates for NX-OS Software
Cisco has released security updates to address a vulnerability in NX-OS Software. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Cisco Security...
Drupal Releases Security Updates
Drupal has released security updates to address vulnerabilities affecting Drupal 7, 8.7, and 8.8. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to...
Mozilla Patches Critical Vulnerabilities in Firefox, Firefox ESR
Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit these vulnerabilities to take control of an affected system. These vulnerabilities have been detected in exploits in the wild. The Cybersecurity and Infrastructure Security Agenc...
Google Releases Security Updates for Chrome
Google has released Chrome 80 version 80.0.3987.87 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Illustrator CC and Experience Manager. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to...
Cisco Releases Security Updates
Cisco has released security updates to address multiple vulnerabilities in Data Center Network Manager DCNM. A remote attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories webpage...
Secure New Internet-Connected Devices
During the holidays, internet-connected devices—also known as Internet of Things IoT devices—are popular gifts. These include smart cameras, smart TVs, watches, toys, phones, and tablets. Although this technology provides added convenience to our lives, it often requires that we share personal an...
FTC Provides Tips on Safeguarding Data Before Upgrading Mobile Phones
The Federal Trade Commission FTC has released an article with tips on how to protect personal information before trading in a mobile phone for a newer model. FTC recommends the following four steps to safeguard these devices: Back up data. Remove SIM and SD cards. Erase personal information. Veri...
Vulnerabilities Exploited in Multiple VPN Applications
The United Kingdom UK National Cyber Security Centre NCSC has released an alert on advanced persistent threat APT actors exploiting vulnerabilities in Virtual Private Network VPN applications. A remote attacker could exploit these vulnerabilities to take control of an affected system. The...
MS-ISAC Releases Security Event Primer on Malware
The Multi-State Information Sharing & Analysis Center MS-ISAC has released a Security Event Primer on Malware. The white paper outlines general malware operations and includes common malware event types and best practice recommendations. An attacker can use malware to gain access to a network,...
September is National Preparedness Month: Be Prepared, Not Scared
National Preparedness Month NPM promotes family and community disaster and emergency planning. This year’s theme is “Prepared, Not Scared.” Although most people understand that being prepared is essential to getting through an emergency such as a natural disaster, there is less awareness about th...
WaterISAC Releases Cybersecurity Fundamentals
The Water Information Sharing and Analysis Center WaterISAC recently released an updated cybersecurity fundamentals guide for water and wastewater utilities. The guide includes cybersecurity best practices, grouped into 15 categories, to help sector utilities reduce exploitable weaknesses and...