Kaseya Ransomware Attack: Guidance and Resources

CISA has created a webpage to provide information and guidance for the recent ransomware attack against Kaseya customers that include managed service providers MSPs and customers of those MSPs. CISA encourages affected organizations to review Kaseya Ransomware Attack: Guidance for Affected MSPs a...

Mozilla Releases Security Updates for Firefox

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla Security Advisory for Firefox 90 and Firefox E...

Citrix Releases Security Updates for Hypervisor

Citrix has released security updates to address vulnerabilities in Hypervisor. An attacker could exploit these vulnerabilities to cause a denial-of-service condition. CISA encourages users and administrators to review Citrix Security Update CTX316325 and apply the necessary updates. This product ...

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Adobe’s Security Bulletins and apply the necessary updates...

SAP Releases June 2021 Security Updates

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the SAP Security Notes for June 2021 and apply the necessary...

Joint CISA-FBI Cybersecurity Advisory on Sophisticated Spearphishing Campaign

CISA and the Federal Bureau of Investigation FBI are responding to an ongoing spearphishing campaign targeting government organizations, intergovernmental organizations, and non-governmental organizations. A sophisticated cyber threat actor leveraged a compromised end-user account from Constant...

Citrix Releases Security Updates for Workspace App for Windows

Citrix has released security updates to address a vulnerability in Citrix Workspace App for Windows. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Citrix Security Update CTX307794 and apply the necessary...

VMware Releases Security Update

VMware has released a security update to address a vulnerability in VMware vRealize Business for Cloud. A remote attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0007 and apply th...

Codecov Releases New Detections for Supply Chain Compromise

CISA is aware of a compromise of the Codecov software supply chain in which a malicious threat actor made unauthorized alterations of Codecov’s Bash Uploader script, beginning on January 31, 2021. Upon discovering the compromise on April 1, 2021, Codecov immediately remediated the affected script...

Drupal Releases Security Updates

Drupal has released security updates to address a vulnerability affecting Drupal 7, 8.9, 9.0, and 9.1. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Drupal Advisory SA-CORE-2021-002 and apply the necessary...

Adobe Releases Security Updates

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary...

Updates on Microsoft Exchange Server Vulnerabilities

CISA has added two new Malware Analysis Reports MARs to Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities. MAR-10331466-1.v1: China Chopper Webshell identifies a China Chopper webshell observed in post-compromised Microsoft Exchange Servers. After successfully exploiting a...

Apple Releases Security Updates

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security pages for the following products and apply the...

VMware Releases Security Update

VMware has released a security update to address a vulnerability in View Planner. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0003 and apply the necessary update. This...

CISA Releases Free Detection Tool for Azure/M365 Environment

CISA has created a free tool for detecting unusual and potentially malicious activity that threatens users and applications in an Azure/Microsoft O365 environment. The tool is intended for use by incident responders and is narrowly focused on activity that is endemic to the recent identity- and...

SAP Releases December 2020 Security Updates

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. These include a missing authentication check vulnerability affecting SAP NetWeaver AS JAVA P2P Cluster...

NCSC Releases 2020 Annual Review

The United Kingdom UK National Cyber Security Centre NCSC has released its Annual Review 2020, which focuses on its response to evolving and challenging cyber threats. Recognizing cybersecurity as a “team sport,” the publication includes highlights of NCSC’s collaboration with many partners,...

Mozilla Releases Security Update for Thunderbird

Mozilla has released a security update to address a vulnerability in Thunderbird. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Mozilla Security Adviso...

CISA and FBI Release Joint Advisory on Iranian APT Actor Targeting Voter Registration Data

The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have released a joint cybersecurity advisory on an Iranian advanced persistent threat APT actor targeting U.S. state websites, including elections websites, to obtain voter registration data. Joi...

CISA and FBI Release Joint Advisories Regarding Russian and Iranian APT Actors

The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have released two joint cybersecurity advisories on widespread advanced persistent threat APT activity. Joint Cybersecurity Advisory: AA20-296A Russian State-Sponsored Advanced Persistent Threat...

VMware Releases Security Updates for Multiple Products

VMware has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review...

Juniper Networks Releases Security Updates for Multiple Products

Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to...

CISA and FBI Release Joint Advisory Regarding APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations

The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have released a joint cybersecurity advisory regarding advanced persistent threat APT actors chaining vulnerabilities—a commonly used tactic exploiting multiple vulnerabilities in the course of a...

Apple Releases Security Updates

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Apple...

Google Releases Security Updates for Chrome

Google has updated the stable channel for Chrome to 85.0.4183.121 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators...

CISA Releases Final Binding Operational Directive on Developing a Vulnerability Disclosure Policy

The Cybersecurity and Infrastructure Security Agency CISA has released Binding Operational Directive BOD 20-01, Develop and Publish a Vulnerability Disclosure Policy VDP. BOD 20-01 requires each federal agency to publish a VDP. Publication of agency VDPs will make it easier for users to report...

CISA Releases Joint Advisory on Approaches to Uncovering and Remediating Malicious Activity

The Cybersecurity and Infrastructure Security Agency CISA—in collaboration with the cybersecurity authorities of Australia, Canada, New Zealand, and the United Kingdom—has released a joint Cybersecurity Advisory that highlights technical approaches to uncovering malicious activity. This Advisory...

Apple Releases Security Updates for iCloud for Windows

Apple has released security updates to address vulnerabilities in iCloud for Windows 7.20 for Windows 7 and later and 11.3 for Windows 10 and later. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency...

NSA Releases Guidance on Limiting Location Data Exposure

The National Security Agency NSA has released an information sheet with guidance on how to limit location data exposure for National Security System NSS / Department of Defense DoD system users, as well as the general public. NSA outlines mobile device geolocation services and provides...

FBI Reports Increase in Online Shopping Scams

The Federal Bureau of Investigation FBI Internet Crime Complaint Center IC3 has released an alert on a recent increase in online shopping scams. The scams direct victims to fraudulent websites via ads on social media platforms and popular online search engines’ shopping pages. The Cybersecurity a...

Adobe Releases Security Updates

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities affecting multiple products. An unauthenticated, remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...

Google Releases Security Updates for Chrome

Google has released Chrome version 84.0.4147.89 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...

Google Releases Security Updates for Chrome

Google has released Chrome version 83.0.4103.97 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...

Microsoft Releases Security Updates for Multiple Products

Microsoft has released security updates to address multiple vulnerabilities in products that use the Autodesk FBX library. These include Office 2016, Office 2019, Office 365 ProPlus, and Paint 3D. A remote attacker can exploit these vulnerabilities to take control of an affected system. The...

Intel Releases Security Updates

Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain escalation of privileges. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the following Inte...

Mozilla Releases Security Updates for Firefox, Firefox ESR

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review Mozil...

Point-to-Point Protocol Daemon Vulnerability

The CERT Coordination Center CERT/CC has released information on a vulnerability affecting Point-to-Point Protocol Daemon versions 2.4.2 through 2.4.8. A remote attacker can exploit this vulnerability to take control of an affected system. Point-to-Point Protocol Daemon is used to establish...

OpenSMTPD Releases Version 6.6.4p1 to Address a Critical Vulnerability

OpenSMTPD has released version 6.6.4p1 to address a critical vulnerability. A remote attacker could exploit this vulnerability to take control of an affected server. OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol SMTP that is part of the OpenBSD Projec...

FBI Releases IC3 2019 Internet Crime Report

The Federal Bureau of Investigation FBI Internet Crime Complaint Center IC3 has released the 2019 Internet Crime Report, which includes statistics based on data reported by the public through the IC3 website. The top three crimes types reported by victims in 2019 were...

Google Releases Security Updates for Chrome

Google has released Chrome version 79.0.3945.130 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...

Adobe Releases Security Updates

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...

Black Friday Shopping: Protect Your Identity

Black Friday is one of the most lucrative shopping days of the year for retailers in brick-and-mortar shops and online, but shoppers aren't the only ones looking for deals. Malicious people may be able to obtain personal information such as credit card numbers, phone numbers, account numbers, and...

National Tax Security Awareness Week is December 2–6

The Internal Revenue Service IRS has released an article announcing that National Tax Security Awareness Week will be held December 2–6. The annual recognition event will feature a series of resources and tips to help taxpayers and tax professionals protect their data and identities against...

Microsoft Releases November 2019 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review...

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories webpage. The Cybersecurity...

Mozilla Releases Security Updates for Firefox and Firefox ESR

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...

Juniper Networks Releases Security Updates

Juniper Networks has released security updates to address multiple vulnerabilities in various Juniper products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...

NCSC Releases Fact Sheet on DNS Monitoring

The Dutch National Cyber Security Centre NCSC has released a fact sheet on the increasing difficulty of Domain Name System DNS monitoring. NCSC warns that although modernization of transport protocols is helpful, it also makes it more difficult to monitor or modify DNS requests. These changes cou...

MS-ISAC Releases Advisory on PHP Vulnerability

The Multi-State Information Sharing & Analysis Center MS-ISAC has released an advisory on a vulnerability in Hypertext Preprocessor PHP. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users a...