Lucene search
+L
CisaMost viewed

4188 matches found

cisa
cisa
added 2022/06/29 12:0 a.m.14 views

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for Firefox...

2.8AI score
Exploits0References3
cisa
cisa
added 2022/05/26 12:0 a.m.14 views

Drupal Releases Security Updates

Drupal has released security updates to address a vulnerability that does not affect Drupal core but may affect some contributed projects or custom code on Drupal sites. Exploitation of this vulnerability could allow a remote attacker to take control of an affected website. CISA encourages users...

3AI score
Exploits0References1
cisa
cisa
added 2022/05/16 12:0 a.m.14 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly adde...

1.6AI score
Exploits0References5
cisa
cisa
added 2022/04/20 12:0 a.m.14 views

Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure

The cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom have released a joint Cybersecurity Advisory CSA to warn organizations that Russia’s invasion of Ukraine could expose organizations both within and beyond the region to increased malicious...

1.3AI score
Exploits0References8
cisa
cisa
added 2022/04/13 12:0 a.m.14 views

APT Actors Target ICS/SCADA Devices

CISA, the Department of Energy DOE, the National Security Agency NSA, and the Federal Bureau of Investigation FBI have released a joint Cybersecurity Advisory CSA, warning that certain advanced persistent threat APT actors have exhibited the capability to gain full system access to multiple...

1.5AI score
Exploits0References2
cisa
cisa
added 2022/03/31 12:0 a.m.14 views

CISA Releases Security Advisories for Rockwell Automation Products

CISA has released two Industrial Controls Systems Advisories ICSAs detailing vulnerabilities in Rockwell Automation products. An attacker could exploit these vulnerabilities to inject code on affected system. CISA encourages users and administrators to review ICSA-22-090-05: Rockwell Automation...

2.9AI score
Exploits0References2
cisa
cisa
added 2022/03/03 12:0 a.m.14 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users...

7AI score
Exploits0References4
cisa
cisa
added 2022/02/14 12:0 a.m.14 views

Adobe Releases Security Updates for Commerce and Magento Open Source

Adobe has released security updates to address a vulnerability affecting Adobe Commerce and Magento Open Source. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability has been detected in exploits in the wild. CISA encourages users and administrato...

6.7AI score
Exploits0References1
cisa
cisa
added 2022/02/08 12:0 a.m.14 views

Citrix Releases Security Updates for Hypervisor

Citrix has released security updates to address vulnerabilities in Hypervisor. An attacker could exploit these vulnerabilities to cause a denial-of-service condition. CISA encourages users and administrators to review Citrix Security Update CTX337526 and apply the necessary updates. This product ...

6.8AI score
Exploits0References1
cisa
cisa
added 2022/02/08 12:0 a.m.14 views

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for Firefox...

7.1AI score
Exploits0References3
cisa
cisa
added 2022/01/13 12:0 a.m.14 views

Apple Releases Security Updates for iOS and iPadOS

Apple has released security updates to address a vulnerability affecting iOS 15.2.1 and iPadOS 15.2.1. An attacker could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review the Apple security page for iOS 15.2.1 and iPadOS 15.2.1 a...

6.5AI score
Exploits0References1
cisa
cisa
added 2022/01/11 12:0 a.m.14 views

CISA, FBI, and NSA Release Cybersecurity Advisory on Russian Cyber Threats to U.S. Critical Infrastructure

CISA, the Federal Bureau of Investigation FBI, and the National Security Agency NSA have released a joint Cybersecurity Advisory CSA that provides an overview of Russian state-sponsored cyber operations, including commonly observed tactics, techniques, and procedures. The CSA also provides...

6.7AI score
Exploits0References4
cisa
cisa
added 2021/12/09 12:0 a.m.14 views

CISA Releases Guidance on Protecting Organization-Run Social Media Accounts

CISA has released Capacity Enhancement Guide CEG: Social Media Account Protection, which details ways to protect the security of organization-run social media accounts. Malicious cyber actors that successfully compromise social media accounts—including accounts used by federal agencies—could spre...

6.8AI score
Exploits0References2
cisa
cisa
added 2021/12/06 12:0 a.m.14 views

CISA Releases Security Advisory on WebHMI Vulnerabilities

CISA has released an Industrial Controls Systems ICS advisory detailing vulnerabilities in Distributed Data Systems WebHMI products. A remote attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review ICS advisory...

7AI score
Exploits0References1
cisa
cisa
added 2021/12/02 12:0 a.m.14 views

NSA and CISA Release Part III of Guidance on Securing 5G Cloud Infrastructures

CISA has announced the joint National Security Agency NSA and CISA publication of the third of a four-part series, Security Guidance for 5G Cloud Infrastructures. Part III: Data Protection examines security during all phases of the data lifecycle—in transit, in use, and at rest. The guidance...

6.4AI score
Exploits0References4
cisa
cisa
added 2021/11/11 12:0 a.m.14 views

Apple Releases Security Update for iCloud for Windows 13

Apple has released a security update to address multiple vulnerabilities in iCloud for Windows 13. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security page and apply the necessary update. This...

7AI score
Exploits0References1
cisa
cisa
added 2021/10/27 12:0 a.m.14 views

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Adobe’s Security Bulletins and apply the necessary updates...

7AI score
Exploits0References1
cisa
cisa
added 2021/10/27 12:0 a.m.14 views

FBI Releases Indicators of Compromise Associated with Ranzy Locker Ransomware

The Federal Bureau of Investigation FBI has released a Flash report detailing indicators of compromise IOCs associated with attacks using Ranzy Locker, a ransomware variant first identified targeting victims in the United States in late 2020. CISA encourages users and administrators to review the...

6.7AI score
Exploits0References2
cisa
cisa
added 2021/10/14 12:0 a.m.14 views

Ongoing Cyber Threats to U.S. Water and Wastewater Systems Sector Facilities

CISA, the Federal Bureau of Investigation FBI, the Environmental Protection Agency EPA, and the National Security Agency NSA have released a joint Cybersecurity Advisory CSA that details ongoing cyber threats to U.S. Water and Wastewater Systems WWS Sector. This activity—which includes cyber...

6.6AI score
Exploits0References2
cisa
cisa
added 2021/10/12 12:0 a.m.14 views

Google Releases Security Updates for Chrome

Google has updated the Stable channel to 94.0.4606.81 for Windows, Mac and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release and apply the necessary updates. Thi...

7AI score
Exploits0References1
cisa
cisa
added 2021/10/07 12:0 a.m.14 views

CISA Releases Guidance: TIC 3.0 Remote User Use Case

In coordination with the Office of Management and Budget OMB, the Federal Chief Information Security Officer Council FCISO Trusted Internet Connections TIC Subcommittee, and the General Services Administration, CISA has released Trusted Internet Connections 3.0 Remote User Use Case. The Remote Us...

6.8AI score
Exploits0References8
cisa
cisa
added 2021/10/07 12:0 a.m.14 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...

7.4AI score
Exploits0References7
cisa
cisa
added 2021/09/22 12:0 a.m.14 views

Google Releases Security Updates for Chrome

Google has released Chrome version 94.0.4606.54 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates. Thi...

6.9AI score
Exploits0References1
cisa
cisa
added 2021/09/16 12:0 a.m.14 views

Drupal Releases Multiple Security Updates

Drupal has released security updates to address multiple vulnerabilities affecting Drupal 8.9, 9.1, and 9.2. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Drupal security advisories a...

7.1AI score
Exploits0References5
cisa
cisa
added 2021/09/14 12:0 a.m.14 views

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Adobe’s Security Bulletins and apply the necessary updates...

7AI score
Exploits0References1
cisa
cisa
added 2021/08/12 12:0 a.m.14 views

Mozilla Releases Security Updates for Thunderbird

Mozilla has released security updates to address vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 91 and apply the necessa...

7AI score
Exploits0References1
cisa
cisa
added 2021/08/03 12:0 a.m.14 views

CISA Releases Security Advisory for Swisslog Healthcare

CISA has released an Industrial Control Systems ICS advisory detailing multiple vulnerabilities in Swisslog Healthcare Translogic Pneumatic Tube Systems PTS. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to...

7.1AI score
Exploits0References1
cisa
cisa
added 2021/07/27 12:0 a.m.14 views

Apple Releases Security Updates

Apple has released security updates to address a vulnerability in multiple products. An attacker could exploit this vulnerability to take control of an affected device. CISA encourages users and administrators to review the security update page for the following products and apply the necessary...

6.7AI score
Exploits0References2
cisa
cisa
added 2021/07/15 12:0 a.m.14 views

Ransomware Risk in Unpatched, EOL SonicWall SRA and SMA 8.x Products

CISA is aware of threat actors actively targeting a known, previously patched, vulnerability in SonicWall Secure Mobile Access SMA 100 series and Secure Remote Access SRA products running unpatched and end-of-life EOL 8.x firmware. Threat actors can exploit this vulnerability to initiate a target...

6.9AI score
Exploits0References2
cisa
cisa
added 2021/07/13 12:0 a.m.14 views

SAP Releases July 2021 Security Updates

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the SAP Security Notes for July 2021 and apply the necessary...

6.7AI score
Exploits0References1
cisa
cisa
added 2021/07/13 12:0 a.m.14 views

Kaseya Ransomware Attack: Guidance and Resources

CISA has created a webpage to provide information and guidance for the recent ransomware attack against Kaseya customers that include managed service providers MSPs and customers of those MSPs. CISA encourages affected organizations to review Kaseya Ransomware Attack: Guidance for Affected MSPs a...

6.6AI score
Exploits0References2
cisa
cisa
added 2021/05/27 12:0 a.m.14 views

Updates to Alert on Pulse Connect Secure

CISA has updated Alert AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities to include new threat actor techniques, tactics, and procedures TTPs, indicators of compromise IOCs, and updated mitigations. CISA encourages users and administrators to review AA21-110A and the following...

6.9AI score
Exploits0References6
cisa
cisa
added 2021/05/11 12:0 a.m.14 views

Adobe Releases Security Updates for Multiple Products 

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Adobe’s Security Bulletins and apply the necessary updates...

7AI score
Exploits0References1
cisa
cisa
added 2021/05/11 12:0 a.m.14 views

Google Releases Security Updates for Chrome

Google has released Chrome version 90.0.4430.212 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates. Th...

6.9AI score
Exploits0References1
cisa
cisa
added 2021/05/07 12:0 a.m.14 views

Joint NCSC-CISA-FBI-NSA Cybersecurity Advisory on Russian SVR Activity

CISA has joined with the United Kingdom's National Cyber Security Centre NCSC, the Federal Bureau of Investigation FBI, and the National Security Agency NSA, in releasing a Joint Cybersecurity Advisory on Russian Foreign Intelligence Service SVR tactics, techniques, and procedures. Further TTPs...

6.8AI score
Exploits0References6
cisa
cisa
added 2021/04/20 12:0 a.m.14 views

CISA Issues Emergency Directive on Pulse Connect Secure

CISA has issued Emergency Directive ED 21-03, as well as Alert AA21-110A, to address the exploitation of vulnerabilities affecting Pulse Connect Secure PCS software. An attacker could exploit these vulnerabilities to gain persistent system access and take control of the enterprise network operati...

7.3AI score
Exploits0References5
cisa
cisa
added 2021/04/15 12:0 a.m.14 views

NAME:WRECK DNS Vulnerabilities

Cybersecurity researchers from Forescout and JSOF have released a report on a set of nine vulnerabilities—referred to as NAME:WRECK—affecting Domain Name System DNS implementations. NAME:WRECK affects at least four common TCP/IP stacks—FreeBSD, IPNet, NetX, and Nucleus NET—that are used in Intern...

6.9AI score
Exploits0References3
cisa
cisa
added 2021/04/13 12:0 a.m.14 views

Adobe Releases Security Updates

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary...

6.7AI score
Exploits0References4
cisa
cisa
added 2021/03/24 12:0 a.m.14 views

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for...

7.1AI score
Exploits0References3
cisa
cisa
added 2021/03/17 12:0 a.m.14 views

TTP Table for Detecting APT Activity Related to SolarWinds and Active Directory/M365 Compromise

CISA has released a table of tactics, techniques, and procedures TTPs used by the advanced persistent threat APT actor involved with the recent SolarWinds and Active Directory/M365 compromise. The table uses the MITRE ATT&CK framework to identify APT TTPs and includes detection recommendations...

6.7AI score
Exploits0References7
cisa
cisa
added 2021/03/08 12:0 a.m.14 views

CISA Strongly Urges All Organizations to Immediately Address Microsoft Exchange Vulnerabilities

CISA has published a Remediating Microsoft Exchange Vulnerabilities web page that strongly urges all organizations to immediately address the recent Microsoft Exchange Server product vulnerabilities. As exploitation of these vulnerabilities is widespread and indiscriminate, CISA strongly advises...

6.9AI score
Exploits0References1
cisa
cisa
added 2021/01/14 12:0 a.m.14 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories page. CISA encourages user...

7.7AI score
Exploits0References5
cisa
cisa
added 2021/01/12 12:0 a.m.14 views

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessa...

6.7AI score
Exploits0References7
cisa
cisa
added 2021/01/05 12:0 a.m.14 views

NSA Releases Guidance on Eliminating Obsolete TLS Protocol Configurations

The National Security Agency NSA has released a Cybersecurity Information CSI sheet on eliminating obsolete Transport Layer Security TLS configurations. The information sheet identifies strategies to detect obsolete cipher suites and key exchange mechanisms, discusses recommended TLS...

6.6AI score
Exploits0References1
cisa
cisa
added 2020/12/11 12:0 a.m.14 views

Cisco Releases Security Updates for Jabber Desktop and Mobile Client Software

Cisco has released security updates to address vulnerabilities in Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA...

7.1AI score
Exploits0References1
cisa
cisa
added 2020/12/08 12:0 a.m.14 views

SAP Releases December 2020 Security Updates

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. These include a missing authentication check vulnerability affecting SAP NetWeaver AS JAVA P2P Cluster...

6.8AI score
Exploits0References1
cisa
cisa
added 2020/11/19 12:0 a.m.14 views

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators t...

7.1AI score
Exploits0References3
cisa
cisa
added 2020/11/10 12:0 a.m.14 views

Cisco Releases Security Update for IOS XR Software

Cisco has released a security update to address a vulnerability in IOS XR Software for ASR 9000 Series Aggregation Services Routers. An unauthenticated, remote attacker could exploit this vulnerability to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency CI...

6.7AI score
Exploits0References1
cisa
cisa
added 2020/10/30 12:0 a.m.14 views

CISA and FBI Release Joint Advisory on Iranian APT Actor Targeting Voter Registration Data

The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have released a joint cybersecurity advisory on an Iranian advanced persistent threat APT actor targeting U.S. state websites, including elections websites, to obtain voter registration data. Joi...

6.7AI score
Exploits0References1
cisa
cisa
added 2020/10/21 12:0 a.m.14 views

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators t...

7.1AI score
Exploits0References3
Total number of security vulnerabilities4188