Lucene search
K
CisaMost viewed

4188 matches found

CISA
CISA
added 2023/08/08 12:0 p.m.15 views

Fortinet Releases Security Update for FortiOS

Fortinet has released a security update to address a vulnerability CVE-2023-29182 affecting FortiOS. A remote attacker can exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Fortinet security release FG-IR-23-149link is externa...

6.7CVSS7.1AI score0.00254EPSS
Exploits0References1
CISA
CISA
added 2023/04/11 12:0 p.m.15 views

Fortinet Releases April 2023 Vulnerability Advisories

Fortinet has released its April 2023 Vulnerability Advisorieslink is external to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Fortinet April...

7.4AI score
Exploits0References2
CISA
CISA
added 2023/02/09 12:0 a.m.15 views

OpenSSL Releases Security Advisory

OpenSSL has released a security advisory to address multiple vulnerabilities affecting OpenSSL versions 3.0.0, 2.2.2, and 1.0.2. An attacker could exploit some of these vulnerabilities to obtain sensitive information. CISA encourages users and administrators to review the OpenSSL advisory and mak...

2.4AI score
Exploits0References1
CISA
CISA
added 2022/12/14 12:0 a.m.15 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and poses a significant risk to the federal enterprise. Note: To view the newly added...

1.7AI score
Exploits0References5
CISA
CISA
added 2022/12/01 12:0 a.m.15 views

#StopRansomware: Cuba Ransomware 

Today, the Federal Bureau of Investigation FBI and CISA released a joint Cybersecurity Advisory CSA StopRansomware: Cuba Ransomware to provide network defenders tactics, techniques, and procedures TTPs and indicators of compromise IOCs associated with Cuba ransomware. FBI investigations identifie...

2.2AI score
Exploits0References3
CISA
CISA
added 2022/11/16 12:0 a.m.15 views

Mozilla Releases Security Updates for Multiple Products

Mozilla has released security updates to address vulnerabilities in Thunderbird, Firefox ESR, and Firefox. An attacker could exploit these vulnerabilities to cause user confusion or conduct spoofing attacks. CISA encourages users and administrators to review Mozilla’s security advisories for...

2.2AI score
Exploits0References3
CISA
CISA
added 2022/10/25 12:0 a.m.15 views

CISA Has Added One Known Exploited Vulnerability to Catalog    

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added...

1.7AI score
Exploits0References5
CISA
CISA
added 2022/10/14 12:0 a.m.15 views

CISA Releases RedEye: Red Team Campaign Visualization and Reporting Tool

CISA has released RedEye, an interactive open-source analytic tool to visualize and report Red Team command and control activities. RedEye allows an operator to quickly assess complex data, evaluate mitigation strategies, and enable effective decision making. For more information, CISA encourages...

1.8AI score
Exploits0References2
CISA
CISA
added 2022/10/06 12:0 a.m.15 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA...

1.6AI score
Exploits0References3
CISA
CISA
added 2022/09/27 12:0 a.m.15 views

CISA Releases Three Industrial Control Systems Advisories

CISA has released three 3 Industrial Control Systems ICS advisories on September 27th, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisori...

2AI score
Exploits0References3
CISA
CISA
added 2022/09/13 12:0 a.m.15 views

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on September 13, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

1AI score
Exploits0References5
CISA
CISA
added 2022/08/18 12:0 a.m.15 views

Cisco Releases Security Update for Cisco Secure Web Appliance

Cisco has released security updates to address vulnerabilities in Cisco Secure Web Appliance. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA...

3.5AI score
Exploits0References2
CISA
CISA
added 2022/08/11 12:0 a.m.15 views

#StopRansomware: Zeppelin Ransomware

CISA and the Federal Bureau of Investigation FBI have released a joint Cybersecurity Advisory CSA, StopRansomware: Zeppelin Ransomware, to provide information on Zeppelin Ransomware. Actors use Zeppelin Ransomware, a ransomware-as-a-service RaaS, against a wide range of businesses and critical...

1.8AI score
Exploits0References3
CISA
CISA
added 2022/08/09 12:0 a.m.15 views

VMware Releases Security Updates

VMware has released security updates to address multiple vulnerabilities in vRealize Operations. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2022-0022 and appl...

2.6AI score
Exploits0References1
CISA
CISA
added 2022/06/16 12:0 a.m.15 views

CISA Requests Public Comment on CISA’s TIC 3.0 Cloud Use Case

CISA has released Trusted Internet Connections TIC 3.0 Cloud Use Case for public comment. TIC is a federal cybersecurity initiative intended to secure federal data, networks, and boundaries while providing visibility into agency traffic, including cloud communications. TIC use cases provide...

1.1AI score
Exploits0References3
CISA
CISA
added 2022/06/13 12:0 a.m.15 views

Drupal Releases Security Updates

Drupal has released security updates to address a Guzzle third-party library vulnerability that does not affect Drupal core but may affect some contributed projects or custom code on Drupal sites. Exploitation of this vulnerability could allow a remote attacker to take control of an affected...

3AI score
Exploits0References1
CISA
CISA
added 2022/02/18 12:0 a.m.15 views

CISA Compiles Free Cybersecurity Services and Tools for Network Defenders

CISA has compiled and published a list of free cybersecurity services and tools to help organizations reduce cybersecurity risk and strengthen resiliency. This non-exhaustive living repository includes services provided by CISA, widely used open source tools, and free tools and services offered b...

6.8AI score
Exploits0References7
CISA
CISA
added 2022/02/08 12:0 a.m.15 views

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessa...

7AI score
Exploits0References5
CISA
CISA
added 2021/09/21 12:0 a.m.15 views

VMware Releases Security Updates

VMware has released security updates to address multiple vulnerabilities in vCenter Server and Cloud Foundation. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory...

7.2AI score
Exploits0References1
CISA
CISA
added 2021/09/13 12:0 a.m.15 views

CISA's Annual National Cybersecurity Summit

CISA will host its fourth annual National Cybersecurity Summit on Wednesdays during the month of October. The 2021 Summit will be held as a series of four virtual events bringing stakeholders together in a forum for meaningful conversation: Oct. 6 - Assembly Required: The Pieces of the...

6.7AI score
Exploits0References1
CISA
CISA
added 2021/08/27 12:0 a.m.15 views

FBI Releases Indicators of Compromise Associated with Hive Ransomware

The Federal Bureau of Investigation FBI has released a Flash report detailing indicators of compromise IOCs and tactics, techniques, and procedures TTPs associated with ransomware attacks by Hive, a likely Ransomware-as-a-Service organization consisting of a number of actors using multiple...

6.8AI score
Exploits0References2
CISA
CISA
added 2021/08/26 12:0 a.m.15 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...

7AI score
Exploits0References9
CISA
CISA
added 2021/07/21 12:0 a.m.15 views

Adobe Releases Security Updates for Multiple Products 

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessa...

6.7AI score
Exploits0References8
CISA
CISA
added 2021/07/13 12:0 a.m.15 views

 Adobe Releases Security Updates for Multiple Products 

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Adobe’s Security Bulletins and apply the necessary updates...

7AI score
Exploits0References1
CISA
CISA
added 2021/07/08 12:0 a.m.15 views

CISA Releases Analysis of FY20 Risk and Vulnerability Assessments

CISA has released an analysis and infographic detailing the findings from the Risk and Vulnerability Assessments RVAs conducted in Fiscal Year FY 2020 across multiple sectors. The analysis details a sample attack path a cyber threat actor could take to compromise an organization with weaknesses...

6.6AI score
Exploits0References2
CISA
CISA
added 2021/04/30 12:0 a.m.15 views

CISA Updates Alert on Pulse Connect Secure

CISA has updated Alert AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities, originally released April 20. This update adds a new Detection section providing information on Impossible Travel and Transport Layer Security TLS Fingerprinting that may be useful in identifying malicious...

6.5AI score
Exploits0References3
CISA
CISA
added 2021/04/20 12:0 a.m.15 views

CISA Releases Alert on Exploitation of Pulse Connect Secure Vulnerabilities

CISA is aware of ongoing exploitation of Ivanti Pulse Connect Secure vulnerabilities compromising U.S. government agencies, critical infrastructure entities, and private sector organizations. In response, CISA has released Alert AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities, as...

6.9AI score
Exploits0References9
CISA
CISA
added 2021/02/25 12:0 a.m.15 views

Cisco Releases Security Updates 

Cisco has released security updates to address vulnerabilities in Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Cisco Advisories and apply the necessary updates: Cisco...

7AI score
Exploits0References4
CISA
CISA
added 2021/01/08 12:0 a.m.15 views

CISA Releases New Alert on Post-Compromise Threat Activity in Microsoft Cloud Environments and Tools to Help Detect This Activity

CISA has evidence of post-compromise advanced persistent threat APT activity in the cloud environment. Specifically, CISA has seen an APT actor using compromised applications in a victim’s Microsoft 365 M365/Azure environment and using additional credentials and Application Programming Interface...

6.6AI score
Exploits0References4
CISA
CISA
added 2021/01/06 12:0 a.m.15 views

CISA Updates Emergency Directive 21-01 Supplemental Guidance and Activity Alert on SolarWinds Orion Compromise

CISA has released Emergency Directive ED 21-01 Supplemental Guidance version 3: Mitigate SolarWinds Orion Code Compromise, providing guidance that supersedes Required Action 4 of ED 21-01 and Supplemental Guidance versions 1 and 2. Federal agencies without evidence of adversary follow-on activity...

6.8AI score
Exploits0References6
CISA
CISA
added 2020/12/08 12:0 a.m.15 views

Theft of FireEye Red Team Tools

FireEye has released a blog addressing unauthorized access to their Red Team’s tools by a highly sophisticated threat actor. Red Team tools are often used by cybersecurity organizations to evaluate the security posture of enterprise systems. Although the Cybersecurity and Infrastructure Security...

6.8AI score
Exploits0References3
CISA
CISA
added 2020/10/29 12:0 a.m.15 views

CISA and CNMF Identify a New Malware Variant: Zebrocy

Content: The Cybersecurity and Infrastructure Security Agency CISA and the Department of Defense DOD Cyber National Mission Force CNMF have identified a malware variant—referred to as Zebrocy—used by a sophisticated cyber actor. In addition, U.S. Cyber Command has released the malware sample to t...

6.9AI score
Exploits0References2
CISA
CISA
added 2020/10/07 12:0 a.m.15 views

Google Releases Security Updates for Chrome

Google has released Chrome version 86.0.4240.75 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...

7AI score
Exploits0References1
CISA
CISA
added 2020/09/30 12:0 a.m.15 views

CISA Releases Telework Essentials Toolkit

The Cybersecurity and Infrastructure Security Agency CISA has released the Telework Essentials Toolkit, a comprehensive resource of telework best practices. The Toolkit provides three personalized modules for executive leaders, IT professionals, and teleworkers. Each module outlines distinctive...

6.8AI score
Exploits0References3
CISA
CISA
added 2020/09/17 12:0 a.m.15 views

Drupal Releases Security Updates

Drupal has released security updates to address vulnerabilities in Drupal 7.x, 8.8.x, 8.9.x, and 9.0.x. An attacker could exploit some of these vulnerabilities to obtain sensitive information or leverage the way HTML is rendered. The Cybersecurity and Infrastructure Security Agency CISA encourage...

6.4AI score
Exploits0References5
CISA
CISA
added 2020/09/10 12:0 a.m.15 views

CISA Insights: Email-Based Attacks on Elections-Related Entities

The Cybersecurity and Infrastructure Security Agency CISA has released CISA Insights: Actions to Counter Email-Based Attacks on Elections-Related Entities in light of increased sophisticated phishing operations targeting individuals and groups involved in the upcoming U.S. elections. CISA strongl...

7AI score
Exploits0References6
CISA
CISA
added 2020/08/03 12:0 a.m.15 views

Chinese Malicious Cyber Activity

The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Department of Defense DoD have identified a malware variant—referred as TAIDOOR—used by the Chinese government. In addition, U.S. Cyber Command has released the malware sample to the malwar...

6.9AI score
Exploits0References4
CISA
CISA
added 2020/07/14 12:0 a.m.15 views

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...

7AI score
Exploits0References5
CISA
CISA
added 2020/06/02 12:0 a.m.15 views

Cisco Releases Security Updates for NX-OS Software

Cisco has released security updates to address a vulnerability in NX-OS Software. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Cisco Security...

6.7AI score
Exploits0References1
CISA
CISA
added 2020/05/21 12:0 a.m.15 views

Drupal Releases Security Updates

Drupal has released security updates to address vulnerabilities affecting Drupal 7, 8.7, and 8.8. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to...

7AI score
Exploits0References2
CISA
CISA
added 2020/04/03 12:0 a.m.15 views

Mozilla Patches Critical Vulnerabilities in Firefox, Firefox ESR

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit these vulnerabilities to take control of an affected system. These vulnerabilities have been detected in exploits in the wild. The Cybersecurity and Infrastructure Security Agenc...

7.4AI score
Exploits0References1
CISA
CISA
added 2020/02/05 12:0 a.m.15 views

Google Releases Security Updates for Chrome

Google has released Chrome 80 version 80.0.3987.87 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...

7AI score
Exploits0References1
CISA
CISA
added 2020/01/14 12:0 a.m.15 views

Adobe Releases Security Updates

Adobe has released security updates to address vulnerabilities in Illustrator CC and Experience Manager. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to...

7AI score
Exploits0References2
CISA
CISA
added 2020/01/07 12:0 a.m.15 views

Cisco Releases Security Updates

Cisco has released security updates to address multiple vulnerabilities in Data Center Network Manager DCNM. A remote attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories webpage...

8.1AI score
Exploits0References5
CISA
CISA
added 2019/12/31 12:0 a.m.15 views

Secure New Internet-Connected Devices

During the holidays, internet-connected devices—also known as Internet of Things IoT devices—are popular gifts. These include smart cameras, smart TVs, watches, toys, phones, and tablets. Although this technology provides added convenience to our lives, it often requires that we share personal an...

7.1AI score
Exploits0References8
CISA
CISA
added 2019/11/19 12:0 a.m.15 views

FTC Provides Tips on Safeguarding Data Before Upgrading Mobile Phones

The Federal Trade Commission FTC has released an article with tips on how to protect personal information before trading in a mobile phone for a newer model. FTC recommends the following four steps to safeguard these devices: Back up data. Remove SIM and SD cards. Erase personal information. Veri...

6.6AI score
Exploits0References2
CISA
CISA
added 2019/10/04 12:0 a.m.15 views

Vulnerabilities Exploited in Multiple VPN Applications

The United Kingdom UK National Cyber Security Centre NCSC has released an alert on advanced persistent threat APT actors exploiting vulnerabilities in Virtual Private Network VPN applications. A remote attacker could exploit these vulnerabilities to take control of an affected system. The...

6.9AI score
Exploits0References6
CISA
CISA
added 2019/09/10 12:0 a.m.15 views

MS-ISAC Releases Security Event Primer on Malware

The Multi-State Information Sharing & Analysis Center MS-ISAC has released a Security Event Primer on Malware. The white paper outlines general malware operations and includes common malware event types and best practice recommendations. An attacker can use malware to gain access to a network,...

6.9AI score
Exploits0References2
CISA
CISA
added 2019/08/28 12:0 a.m.15 views

September is National Preparedness Month: Be Prepared, Not Scared

National Preparedness Month NPM promotes family and community disaster and emergency planning. This year’s theme is “Prepared, Not Scared.” Although most people understand that being prepared is essential to getting through an emergency such as a natural disaster, there is less awareness about th...

6.7AI score
Exploits0References6
CISA
CISA
added 2019/07/17 12:0 a.m.15 views

WaterISAC Releases Cybersecurity Fundamentals

The Water Information Sharing and Analysis Center WaterISAC recently released an updated cybersecurity fundamentals guide for water and wastewater utilities. The guide includes cybersecurity best practices, grouped into 15 categories, to help sector utilities reduce exploitable weaknesses and...

6.9AI score
Exploits0References1
Total number of security vulnerabilities4188