Lucene search
K
CisaMost viewed

4188 matches found

CISA
CISA
added 2022/04/11 12:0 a.m.14 views

CISA Adds Eight Known Exploited Vulnerabilities to Catalog

CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly...

1.7AI score
Exploits0References5
CISA
CISA
added 2022/04/06 12:0 a.m.14 views

Citrix Releases Security Updates for Hypervisor

Citrix has released security updates to address a vulnerability in Hypervisor. An attacker could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review Citrix Security Update CTX390511 and apply the necessary updates. This product is...

1.9AI score
Exploits0References1
CISA
CISA
added 2022/03/03 12:0 a.m.14 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users...

7AI score
Exploits0References4
CISA
CISA
added 2022/02/08 12:0 a.m.14 views

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for Firefox...

7.1AI score
Exploits0References3
CISA
CISA
added 2022/02/08 12:0 a.m.14 views

Citrix Releases Security Updates for Hypervisor

Citrix has released security updates to address vulnerabilities in Hypervisor. An attacker could exploit these vulnerabilities to cause a denial-of-service condition. CISA encourages users and administrators to review Citrix Security Update CTX337526 and apply the necessary updates. This product ...

6.8AI score
Exploits0References1
CISA
CISA
added 2022/01/11 12:0 a.m.14 views

CISA, FBI, and NSA Release Cybersecurity Advisory on Russian Cyber Threats to U.S. Critical Infrastructure

CISA, the Federal Bureau of Investigation FBI, and the National Security Agency NSA have released a joint Cybersecurity Advisory CSA that provides an overview of Russian state-sponsored cyber operations, including commonly observed tactics, techniques, and procedures. The CSA also provides...

6.7AI score
Exploits0References4
CISA
CISA
added 2021/12/09 12:0 a.m.14 views

CISA Releases Guidance on Protecting Organization-Run Social Media Accounts

CISA has released Capacity Enhancement Guide CEG: Social Media Account Protection, which details ways to protect the security of organization-run social media accounts. Malicious cyber actors that successfully compromise social media accounts—including accounts used by federal agencies—could spre...

6.8AI score
Exploits0References2
CISA
CISA
added 2021/12/06 12:0 a.m.14 views

CISA Releases Security Advisory on WebHMI Vulnerabilities

CISA has released an Industrial Controls Systems ICS advisory detailing vulnerabilities in Distributed Data Systems WebHMI products. A remote attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review ICS advisory...

7AI score
Exploits0References1
CISA
CISA
added 2021/12/02 12:0 a.m.14 views

NSA and CISA Release Part III of Guidance on Securing 5G Cloud Infrastructures

CISA has announced the joint National Security Agency NSA and CISA publication of the third of a four-part series, Security Guidance for 5G Cloud Infrastructures. Part III: Data Protection examines security during all phases of the data lifecycle—in transit, in use, and at rest. The guidance...

6.4AI score
Exploits0References4
CISA
CISA
added 2021/10/27 12:0 a.m.14 views

FBI Releases Indicators of Compromise Associated with Ranzy Locker Ransomware

The Federal Bureau of Investigation FBI has released a Flash report detailing indicators of compromise IOCs associated with attacks using Ranzy Locker, a ransomware variant first identified targeting victims in the United States in late 2020. CISA encourages users and administrators to review the...

6.7AI score
Exploits0References2
CISA
CISA
added 2021/10/14 12:0 a.m.14 views

Ongoing Cyber Threats to U.S. Water and Wastewater Systems Sector Facilities

CISA, the Federal Bureau of Investigation FBI, the Environmental Protection Agency EPA, and the National Security Agency NSA have released a joint Cybersecurity Advisory CSA that details ongoing cyber threats to U.S. Water and Wastewater Systems WWS Sector. This activity—which includes cyber...

6.6AI score
Exploits0References2
CISA
CISA
added 2021/10/12 12:0 a.m.14 views

Google Releases Security Updates for Chrome

Google has updated the Stable channel to 94.0.4606.81 for Windows, Mac and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release and apply the necessary updates. Thi...

7AI score
Exploits0References1
CISA
CISA
added 2021/10/07 12:0 a.m.14 views

CISA Releases Guidance: TIC 3.0 Remote User Use Case

In coordination with the Office of Management and Budget OMB, the Federal Chief Information Security Officer Council FCISO Trusted Internet Connections TIC Subcommittee, and the General Services Administration, CISA has released Trusted Internet Connections 3.0 Remote User Use Case. The Remote Us...

6.8AI score
Exploits0References8
CISA
CISA
added 2021/10/07 12:0 a.m.14 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...

7.4AI score
Exploits0References7
CISA
CISA
added 2021/09/22 12:0 a.m.14 views

Google Releases Security Updates for Chrome

Google has released Chrome version 94.0.4606.54 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates. Thi...

6.9AI score
Exploits0References1
CISA
CISA
added 2021/09/16 12:0 a.m.14 views

Drupal Releases Multiple Security Updates

Drupal has released security updates to address multiple vulnerabilities affecting Drupal 8.9, 9.1, and 9.2. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Drupal security advisories a...

7.1AI score
Exploits0References5
CISA
CISA
added 2021/08/24 12:0 a.m.14 views

CISA Releases Five Pulse Secure-Related MARs

As part of CISA’s ongoing response to Pulse Secure compromises, CISA has analyzed five malware samples related to exploited Pulse Secure devices. CISA encourages users and administrators to review the following five malware analysis reports MARs for threat actor tactics, techniques, and procedure...

6.8AI score
Exploits0References7
CISA
CISA
added 2021/08/12 12:0 a.m.14 views

Mozilla Releases Security Updates for Thunderbird

Mozilla has released security updates to address vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 91 and apply the necessa...

7AI score
Exploits0References1
CISA
CISA
added 2021/08/03 12:0 a.m.14 views

CISA Releases Security Advisory for Swisslog Healthcare

CISA has released an Industrial Control Systems ICS advisory detailing multiple vulnerabilities in Swisslog Healthcare Translogic Pneumatic Tube Systems PTS. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to...

7.1AI score
Exploits0References1
CISA
CISA
added 2021/07/15 12:0 a.m.14 views

Ransomware Risk in Unpatched, EOL SonicWall SRA and SMA 8.x Products

CISA is aware of threat actors actively targeting a known, previously patched, vulnerability in SonicWall Secure Mobile Access SMA 100 series and Secure Remote Access SRA products running unpatched and end-of-life EOL 8.x firmware. Threat actors can exploit this vulnerability to initiate a target...

6.9AI score
Exploits0References2
CISA
CISA
added 2021/07/13 12:0 a.m.14 views

SAP Releases July 2021 Security Updates

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the SAP Security Notes for July 2021 and apply the necessary...

6.7AI score
Exploits0References1
CISA
CISA
added 2021/07/12 12:0 a.m.14 views

Kaseya Provides Security Updates for VSA On-Premises Software Vulnerabilities

Kaseya has released VSA version 9.5.7a for their VSA On-Premises software. This version addresses vulnerabilities that enabled the ransomware attacks on Kaseya’s customers. CISA strongly urges Kaseya customers closely follow the instructions detailed in the Kaseya security notice and contact Kase...

6.9AI score
Exploits0References1
CISA
CISA
added 2021/05/27 12:0 a.m.14 views

Updates to Alert on Pulse Connect Secure

CISA has updated Alert AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities to include new threat actor techniques, tactics, and procedures TTPs, indicators of compromise IOCs, and updated mitigations. CISA encourages users and administrators to review AA21-110A and the following...

6.9AI score
Exploits0References6
CISA
CISA
added 2021/05/11 12:0 a.m.14 views

Adobe Releases Security Updates for Multiple Products 

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Adobe’s Security Bulletins and apply the necessary updates...

7AI score
Exploits0References1
CISA
CISA
added 2021/05/07 12:0 a.m.14 views

Joint NCSC-CISA-FBI-NSA Cybersecurity Advisory on Russian SVR Activity

CISA has joined with the United Kingdom's National Cyber Security Centre NCSC, the Federal Bureau of Investigation FBI, and the National Security Agency NSA, in releasing a Joint Cybersecurity Advisory on Russian Foreign Intelligence Service SVR tactics, techniques, and procedures. Further TTPs...

6.8AI score
Exploits0References6
CISA
CISA
added 2021/04/20 12:0 a.m.14 views

CISA Issues Emergency Directive on Pulse Connect Secure

CISA has issued Emergency Directive ED 21-03, as well as Alert AA21-110A, to address the exploitation of vulnerabilities affecting Pulse Connect Secure PCS software. An attacker could exploit these vulnerabilities to gain persistent system access and take control of the enterprise network operati...

7.3AI score
Exploits0References5
CISA
CISA
added 2021/04/15 12:0 a.m.14 views

NAME:WRECK DNS Vulnerabilities

Cybersecurity researchers from Forescout and JSOF have released a report on a set of nine vulnerabilities—referred to as NAME:WRECK—affecting Domain Name System DNS implementations. NAME:WRECK affects at least four common TCP/IP stacks—FreeBSD, IPNet, NetX, and Nucleus NET—that are used in Intern...

6.9AI score
Exploits0References3
CISA
CISA
added 2021/03/24 12:0 a.m.14 views

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for...

7.1AI score
Exploits0References3
CISA
CISA
added 2021/03/17 12:0 a.m.14 views

TTP Table for Detecting APT Activity Related to SolarWinds and Active Directory/M365 Compromise

CISA has released a table of tactics, techniques, and procedures TTPs used by the advanced persistent threat APT actor involved with the recent SolarWinds and Active Directory/M365 compromise. The table uses the MITRE ATT&CK framework to identify APT TTPs and includes detection recommendations...

6.7AI score
Exploits0References7
CISA
CISA
added 2021/03/08 12:0 a.m.14 views

CISA Strongly Urges All Organizations to Immediately Address Microsoft Exchange Vulnerabilities

CISA has published a Remediating Microsoft Exchange Vulnerabilities web page that strongly urges all organizations to immediately address the recent Microsoft Exchange Server product vulnerabilities. As exploitation of these vulnerabilities is widespread and indiscriminate, CISA strongly advises...

6.9AI score
Exploits0References1
CISA
CISA
added 2021/03/03 12:0 a.m.14 views

CISA Issues Emergency Directive and Alert on Microsoft Exchange Vulnerabilities

CISA has issued Emergency Directive ED 21-02 and Alert AA21-062A addressing critical vulnerabilities in Microsoft Exchange products. Successful exploitation of these vulnerabilities allows an attacker to access on-premises Exchange servers, enabling them to gain persistent system access and contr...

7.3AI score
Exploits0References3
CISA
CISA
added 2021/01/14 12:0 a.m.14 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories page. CISA encourages user...

7.7AI score
Exploits0References5
CISA
CISA
added 2021/01/12 12:0 a.m.14 views

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessa...

6.7AI score
Exploits0References7
CISA
CISA
added 2021/01/05 12:0 a.m.14 views

NSA Releases Guidance on Eliminating Obsolete TLS Protocol Configurations

The National Security Agency NSA has released a Cybersecurity Information CSI sheet on eliminating obsolete Transport Layer Security TLS configurations. The information sheet identifies strategies to detect obsolete cipher suites and key exchange mechanisms, discusses recommended TLS...

6.6AI score
Exploits0References1
CISA
CISA
added 2020/12/17 12:0 a.m.14 views

NSA Releases Cybersecurity Advisory on Detecting Abuse of Authentication Mechanisms

The National Security Agency NSA has released a cybersecurity advisory on detecting abuse of authentication mechanisms. This advisory describes tactics, techniques, and procedures used by malicious cyber actors to access protected data in the cloud and provides guidance on defending against and...

6.9AI score
Exploits0References2
CISA
CISA
added 2020/12/11 12:0 a.m.14 views

Cisco Releases Security Updates for Jabber Desktop and Mobile Client Software

Cisco has released security updates to address vulnerabilities in Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA...

7.1AI score
Exploits0References1
CISA
CISA
added 2020/12/08 12:0 a.m.14 views

SAP Releases December 2020 Security Updates

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. These include a missing authentication check vulnerability affecting SAP NetWeaver AS JAVA P2P Cluster...

6.8AI score
Exploits0References1
CISA
CISA
added 2020/11/19 12:0 a.m.14 views

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators t...

7.1AI score
Exploits0References3
CISA
CISA
added 2020/11/19 12:0 a.m.14 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...

8.2AI score
Exploits0References7
CISA
CISA
added 2020/11/10 12:0 a.m.14 views

Cisco Releases Security Update for IOS XR Software

Cisco has released a security update to address a vulnerability in IOS XR Software for ASR 9000 Series Aggregation Services Routers. An unauthenticated, remote attacker could exploit this vulnerability to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency CI...

6.7AI score
Exploits0References1
CISA
CISA
added 2020/10/30 12:0 a.m.14 views

CISA and FBI Release Joint Advisory on Iranian APT Actor Targeting Voter Registration Data

The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have released a joint cybersecurity advisory on an Iranian advanced persistent threat APT actor targeting U.S. state websites, including elections websites, to obtain voter registration data. Joi...

6.7AI score
Exploits0References1
CISA
CISA
added 2020/10/21 12:0 a.m.14 views

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators t...

7.1AI score
Exploits0References3
CISA
CISA
added 2020/10/14 12:0 a.m.14 views

Adobe Releases Security Updates for Flash Player

Adobe has released security updates to address a vulnerability affecting Flash Player. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review Adobe Security Bulleti...

6.8AI score
Exploits0References1
CISA
CISA
added 2020/10/09 12:0 a.m.14 views

CISA and FBI Release Joint Advisory Regarding APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations

The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have released a joint cybersecurity advisory regarding advanced persistent threat APT actors chaining vulnerabilities—a commonly used tactic exploiting multiple vulnerabilities in the course of a...

6.8AI score
Exploits0References1
CISA
CISA
added 2020/10/07 12:0 a.m.14 views

CISA Releases FY2019 Risk Vulnerability Assessment Infographic

The Cybersecurity and Information Security Agency CISA has released an infographic mapping analysis of 44 of its Risk and Vulnerability Assessments RVAs conducted in Fiscal Year 2019 to the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT&CK Framework. The infographic identifies...

6.7AI score
Exploits0References4
CISA
CISA
added 2020/10/01 12:0 a.m.14 views

CISA and CNMF Identify a New Malware Variant

The Cybersecurity and Infrastructure Security Agency CISA and the Department of Defense DOD Cyber National Mission Force CNMF have identified a malware variant—referred to as SLOTHFULMEDIA—used by a sophisticated cyber actor. In addition, U.S. Cyber Command has released the malware sample to the...

6.9AI score
Exploits0References2
CISA
CISA
added 2020/09/03 12:0 a.m.14 views

September is National Preparedness Month

September is National Preparedness Month, which promotes family and community disaster planning. This year’s theme is “Disasters Don’t Wait. Make Your Plan Today.” The Cybersecurity and Infrastructure Security Agency CISA recommends users and administrators use this month as an opportunity to...

6.8AI score
Exploits0References6
CISA
CISA
added 2020/08/26 12:0 a.m.14 views

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators t...

7AI score
Exploits0References5
CISA
CISA
added 2020/08/06 12:0 a.m.14 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit one of these vulnerabilities to take obtain sensitive information. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...

6.8AI score
Exploits0References5
CISA
CISA
added 2020/07/10 12:0 a.m.14 views

VMware Releases Security Updates for Multiple Products

VMware has released security updates to address a vulnerability in VMware Fusion, Remote Console, and Horizon Client. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators t...

6.9AI score
Exploits0References1
Total number of security vulnerabilities4188