4188 matches found
CISA Adds Eight Known Exploited Vulnerabilities to Catalog
CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly...
Citrix Releases Security Updates for Hypervisor
Citrix has released security updates to address a vulnerability in Hypervisor. An attacker could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review Citrix Security Update CTX390511 and apply the necessary updates. This product is...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users...
Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird
Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for Firefox...
Citrix Releases Security Updates for Hypervisor
Citrix has released security updates to address vulnerabilities in Hypervisor. An attacker could exploit these vulnerabilities to cause a denial-of-service condition. CISA encourages users and administrators to review Citrix Security Update CTX337526 and apply the necessary updates. This product ...
CISA, FBI, and NSA Release Cybersecurity Advisory on Russian Cyber Threats to U.S. Critical Infrastructure
CISA, the Federal Bureau of Investigation FBI, and the National Security Agency NSA have released a joint Cybersecurity Advisory CSA that provides an overview of Russian state-sponsored cyber operations, including commonly observed tactics, techniques, and procedures. The CSA also provides...
CISA Releases Guidance on Protecting Organization-Run Social Media Accounts
CISA has released Capacity Enhancement Guide CEG: Social Media Account Protection, which details ways to protect the security of organization-run social media accounts. Malicious cyber actors that successfully compromise social media accounts—including accounts used by federal agencies—could spre...
CISA Releases Security Advisory on WebHMI Vulnerabilities
CISA has released an Industrial Controls Systems ICS advisory detailing vulnerabilities in Distributed Data Systems WebHMI products. A remote attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review ICS advisory...
NSA and CISA Release Part III of Guidance on Securing 5G Cloud Infrastructures
CISA has announced the joint National Security Agency NSA and CISA publication of the third of a four-part series, Security Guidance for 5G Cloud Infrastructures. Part III: Data Protection examines security during all phases of the data lifecycle—in transit, in use, and at rest. The guidance...
FBI Releases Indicators of Compromise Associated with Ranzy Locker Ransomware
The Federal Bureau of Investigation FBI has released a Flash report detailing indicators of compromise IOCs associated with attacks using Ranzy Locker, a ransomware variant first identified targeting victims in the United States in late 2020. CISA encourages users and administrators to review the...
Ongoing Cyber Threats to U.S. Water and Wastewater Systems Sector Facilities
CISA, the Federal Bureau of Investigation FBI, the Environmental Protection Agency EPA, and the National Security Agency NSA have released a joint Cybersecurity Advisory CSA that details ongoing cyber threats to U.S. Water and Wastewater Systems WWS Sector. This activity—which includes cyber...
Google Releases Security Updates for Chrome
Google has updated the Stable channel to 94.0.4606.81 for Windows, Mac and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release and apply the necessary updates. Thi...
CISA Releases Guidance: TIC 3.0 Remote User Use Case
In coordination with the Office of Management and Budget OMB, the Federal Chief Information Security Officer Council FCISO Trusted Internet Connections TIC Subcommittee, and the General Services Administration, CISA has released Trusted Internet Connections 3.0 Remote User Use Case. The Remote Us...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...
Google Releases Security Updates for Chrome
Google has released Chrome version 94.0.4606.54 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates. Thi...
Drupal Releases Multiple Security Updates
Drupal has released security updates to address multiple vulnerabilities affecting Drupal 8.9, 9.1, and 9.2. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Drupal security advisories a...
CISA Releases Five Pulse Secure-Related MARs
As part of CISA’s ongoing response to Pulse Secure compromises, CISA has analyzed five malware samples related to exploited Pulse Secure devices. CISA encourages users and administrators to review the following five malware analysis reports MARs for threat actor tactics, techniques, and procedure...
Mozilla Releases Security Updates for Thunderbird
Mozilla has released security updates to address vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 91 and apply the necessa...
CISA Releases Security Advisory for Swisslog Healthcare
CISA has released an Industrial Control Systems ICS advisory detailing multiple vulnerabilities in Swisslog Healthcare Translogic Pneumatic Tube Systems PTS. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to...
Ransomware Risk in Unpatched, EOL SonicWall SRA and SMA 8.x Products
CISA is aware of threat actors actively targeting a known, previously patched, vulnerability in SonicWall Secure Mobile Access SMA 100 series and Secure Remote Access SRA products running unpatched and end-of-life EOL 8.x firmware. Threat actors can exploit this vulnerability to initiate a target...
SAP Releases July 2021 Security Updates
SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the SAP Security Notes for July 2021 and apply the necessary...
Kaseya Provides Security Updates for VSA On-Premises Software Vulnerabilities
Kaseya has released VSA version 9.5.7a for their VSA On-Premises software. This version addresses vulnerabilities that enabled the ransomware attacks on Kaseya’s customers. CISA strongly urges Kaseya customers closely follow the instructions detailed in the Kaseya security notice and contact Kase...
Updates to Alert on Pulse Connect Secure
CISA has updated Alert AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities to include new threat actor techniques, tactics, and procedures TTPs, indicators of compromise IOCs, and updated mitigations. CISA encourages users and administrators to review AA21-110A and the following...
Adobe Releases Security Updates for Multiple Products
Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Adobe’s Security Bulletins and apply the necessary updates...
Joint NCSC-CISA-FBI-NSA Cybersecurity Advisory on Russian SVR Activity
CISA has joined with the United Kingdom's National Cyber Security Centre NCSC, the Federal Bureau of Investigation FBI, and the National Security Agency NSA, in releasing a Joint Cybersecurity Advisory on Russian Foreign Intelligence Service SVR tactics, techniques, and procedures. Further TTPs...
CISA Issues Emergency Directive on Pulse Connect Secure
CISA has issued Emergency Directive ED 21-03, as well as Alert AA21-110A, to address the exploitation of vulnerabilities affecting Pulse Connect Secure PCS software. An attacker could exploit these vulnerabilities to gain persistent system access and take control of the enterprise network operati...
NAME:WRECK DNS Vulnerabilities
Cybersecurity researchers from Forescout and JSOF have released a report on a set of nine vulnerabilities—referred to as NAME:WRECK—affecting Domain Name System DNS implementations. NAME:WRECK affects at least four common TCP/IP stacks—FreeBSD, IPNet, NetX, and Nucleus NET—that are used in Intern...
Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird
Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for...
TTP Table for Detecting APT Activity Related to SolarWinds and Active Directory/M365 Compromise
CISA has released a table of tactics, techniques, and procedures TTPs used by the advanced persistent threat APT actor involved with the recent SolarWinds and Active Directory/M365 compromise. The table uses the MITRE ATT&CK framework to identify APT TTPs and includes detection recommendations...
CISA Strongly Urges All Organizations to Immediately Address Microsoft Exchange Vulnerabilities
CISA has published a Remediating Microsoft Exchange Vulnerabilities web page that strongly urges all organizations to immediately address the recent Microsoft Exchange Server product vulnerabilities. As exploitation of these vulnerabilities is widespread and indiscriminate, CISA strongly advises...
CISA Issues Emergency Directive and Alert on Microsoft Exchange Vulnerabilities
CISA has issued Emergency Directive ED 21-02 and Alert AA21-062A addressing critical vulnerabilities in Microsoft Exchange products. Successful exploitation of these vulnerabilities allows an attacker to access on-premises Exchange servers, enabling them to gain persistent system access and contr...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories page. CISA encourages user...
Adobe Releases Security Updates for Multiple Products
Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessa...
NSA Releases Guidance on Eliminating Obsolete TLS Protocol Configurations
The National Security Agency NSA has released a Cybersecurity Information CSI sheet on eliminating obsolete Transport Layer Security TLS configurations. The information sheet identifies strategies to detect obsolete cipher suites and key exchange mechanisms, discusses recommended TLS...
NSA Releases Cybersecurity Advisory on Detecting Abuse of Authentication Mechanisms
The National Security Agency NSA has released a cybersecurity advisory on detecting abuse of authentication mechanisms. This advisory describes tactics, techniques, and procedures used by malicious cyber actors to access protected data in the cloud and provides guidance on defending against and...
Cisco Releases Security Updates for Jabber Desktop and Mobile Client Software
Cisco has released security updates to address vulnerabilities in Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA...
SAP Releases December 2020 Security Updates
SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. These include a missing authentication check vulnerability affecting SAP NetWeaver AS JAVA P2P Cluster...
Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird
Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators t...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
Cisco Releases Security Update for IOS XR Software
Cisco has released a security update to address a vulnerability in IOS XR Software for ASR 9000 Series Aggregation Services Routers. An unauthenticated, remote attacker could exploit this vulnerability to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency CI...
CISA and FBI Release Joint Advisory on Iranian APT Actor Targeting Voter Registration Data
The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have released a joint cybersecurity advisory on an Iranian advanced persistent threat APT actor targeting U.S. state websites, including elections websites, to obtain voter registration data. Joi...
Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird
Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators t...
Adobe Releases Security Updates for Flash Player
Adobe has released security updates to address a vulnerability affecting Flash Player. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review Adobe Security Bulleti...
CISA and FBI Release Joint Advisory Regarding APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations
The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have released a joint cybersecurity advisory regarding advanced persistent threat APT actors chaining vulnerabilities—a commonly used tactic exploiting multiple vulnerabilities in the course of a...
CISA Releases FY2019 Risk Vulnerability Assessment Infographic
The Cybersecurity and Information Security Agency CISA has released an infographic mapping analysis of 44 of its Risk and Vulnerability Assessments RVAs conducted in Fiscal Year 2019 to the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT&CK Framework. The infographic identifies...
CISA and CNMF Identify a New Malware Variant
The Cybersecurity and Infrastructure Security Agency CISA and the Department of Defense DOD Cyber National Mission Force CNMF have identified a malware variant—referred to as SLOTHFULMEDIA—used by a sophisticated cyber actor. In addition, U.S. Cyber Command has released the malware sample to the...
September is National Preparedness Month
September is National Preparedness Month, which promotes family and community disaster planning. This year’s theme is “Disasters Don’t Wait. Make Your Plan Today.” The Cybersecurity and Infrastructure Security Agency CISA recommends users and administrators use this month as an opportunity to...
Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird
Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators t...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit one of these vulnerabilities to take obtain sensitive information. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
VMware Releases Security Updates for Multiple Products
VMware has released security updates to address a vulnerability in VMware Fusion, Remote Console, and Horizon Client. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators t...