Lucene search
K
CisaMost viewed

4188 matches found

CISA
CISA
added 2022/06/14 12:0 a.m.13 views

CISA Adds One Known Exploited Vulnerability to Catalog 

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added...

1.7AI score
Exploits0References5
CISA
CISA
added 2022/04/28 12:0 a.m.13 views

CISA and FBI Update Advisory on Destructive Malware Targeting Organizations in Ukraine

CISA and the Federal Bureau of Investigation FBI have updated joint Cybersecurity Advisory AA22-057A: Destructive Malware Targeting Organizations in Ukraine, originally released February 26, 2022. The advisory has been updated to include additional indicators of compromise for WhisperGate and...

0.8AI score
Exploits0References3
CISA
CISA
added 2022/04/21 12:0 a.m.13 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...

0.8AI score
Exploits0References4
CISA
CISA
added 2022/03/31 12:0 a.m.13 views

CISA Releases Security Advisories for Rockwell Automation Products

CISA has released two Industrial Controls Systems Advisories ICSAs detailing vulnerabilities in Rockwell Automation products. An attacker could exploit these vulnerabilities to inject code on affected system. CISA encourages users and administrators to review ICSA-22-090-05: Rockwell Automation...

2.9AI score
Exploits0References2
CISA
CISA
added 2022/02/15 12:0 a.m.13 views

Google Releases Security Updates for Chrome

Google has released Chrome version 98.0.4758.102 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. One of these vulnerabilities has been detected in exploits in the wild. CISA encourages users and administrato...

6.9AI score
Exploits0References1
CISA
CISA
added 2022/02/14 12:0 a.m.13 views

Adobe Releases Security Updates for Commerce and Magento Open Source

Adobe has released security updates to address a vulnerability affecting Adobe Commerce and Magento Open Source. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability has been detected in exploits in the wild. CISA encourages users and administrato...

6.7AI score
Exploits0References1
CISA
CISA
added 2022/01/20 12:0 a.m.13 views

CISA Releases Final Version of Guidance: IPv6 Considerations for TIC 3.0

CISA has released the final version of Internet Protocol version 6 IPv6 Considerations for Trusted Internet Connections TIC 3.0. This guidance supports the federal government-wide deployment and use of the modernized network protocol. The final version includes feedback provided during the public...

6.8AI score
Exploits0References4
CISA
CISA
added 2022/01/20 12:0 a.m.13 views

F5 Releases January 2022 Quarterly Security Notification

F5 has released its January 2022 Quarterly Security Notification addressing vulnerabilities affecting multiple versions of BIG-IP, BIG-IQ, and NGINX Controller API Management. A remote attacker could exploit these vulnerabilities to either deny service to, or take control of, an affected system...

7.1AI score
Exploits0References2
CISA
CISA
added 2022/01/18 12:0 a.m.13 views

CISA Urges Organizations to Implement Immediate Cybersecurity Measures to Protect Against Potential Threats

In response to recent malicious cyber incidents in Ukraine—including the defacement of government websites and the presence of potentially destructive malware on Ukrainian systems—CISA has published CISA Insights: Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats...

6.8AI score
Exploits0References2
CISA
CISA
added 2022/01/13 12:0 a.m.13 views

Apple Releases Security Updates for iOS and iPadOS

Apple has released security updates to address a vulnerability affecting iOS 15.2.1 and iPadOS 15.2.1. An attacker could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review the Apple security page for iOS 15.2.1 and iPadOS 15.2.1 a...

6.5AI score
Exploits0References1
CISA
CISA
added 2022/01/11 12:0 a.m.13 views

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for Firefox...

7.1AI score
Exploits0References3
CISA
CISA
added 2021/11/12 12:0 a.m.13 views

CISA Releases Advisory on Vulnerabilities in Multiple Data Distribution Service Implementations 

CISA has released an Industrial Control Systems Advisory ICSA related to a public report detailing vulnerabilities found in multiple open-source and proprietary Object Management Group OMG Data-Distribution Service DDS implementations. Successful exploitation of these vulnerabilities could result...

7.8AI score
Exploits0References1
CISA
CISA
added 2021/11/12 12:0 a.m.13 views

VMware Releases Security Update for Tanzu Application Service for VMs

VMware has released a security update to address a vulnerability in Tanzu Application Service for VMs. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0026 and apply th...

6.7AI score
Exploits0References1
CISA
CISA
added 2021/11/11 12:0 a.m.13 views

Apple Releases Security Update for iCloud for Windows 13

Apple has released a security update to address multiple vulnerabilities in iCloud for Windows 13. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security page and apply the necessary update. This...

7AI score
Exploits0References1
CISA
CISA
added 2021/11/09 12:0 a.m.13 views

SAP Releases November 2021 Security Updates

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the SAP Security Notes for November 2021 and apply the...

6.7AI score
Exploits0References1
CISA
CISA
added 2021/11/03 12:0 a.m.13 views

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for Firefox...

7.1AI score
Exploits0References3
CISA
CISA
added 2021/10/29 12:0 a.m.13 views

Google Releases Security Updates for Chrome

Google has released Chrome version 95.0.4638.69 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. Some of these vulnerabilities have been detected in exploits in the wild. CISA encourages users and...

7.1AI score
Exploits0References1
CISA
CISA
added 2021/10/27 12:0 a.m.13 views

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Adobe’s Security Bulletins and apply the necessary updates...

7AI score
Exploits0References1
CISA
CISA
added 2021/10/21 12:0 a.m.13 views

GPS Daemon (GPSD) Rollover Bug

Critical Infrastructure CI owners and operators, and other users who obtain Coordinated Universal Time UTC from Global Positioning System GPS devices, should be aware of a GPS Daemon GPSD bug in GPSD versions 3.20 released December 31, 2019 through 3.22 released January 8, 2021. On October 24,...

6.5AI score
Exploits0References4
CISA
CISA
added 2021/10/14 12:0 a.m.13 views

Juniper Networks Releases Security Updates for Multiple Products

Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Juniper Networks security advisories page an...

7.1AI score
Exploits0References1
CISA
CISA
added 2021/10/12 12:0 a.m.13 views

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessa...

6.7AI score
Exploits0References7
CISA
CISA
added 2021/09/14 12:0 a.m.13 views

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Adobe’s Security Bulletins and apply the necessary updates...

7AI score
Exploits0References1
CISA
CISA
added 2021/09/14 12:0 a.m.13 views

SAP Releases September 2021 Security Updates 

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the SAP Security Notes for September 2021 and apply the...

6.7AI score
Exploits0References1
CISA
CISA
added 2021/09/08 12:0 a.m.13 views

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for Firefox...

7.1AI score
Exploits0References3
CISA
CISA
added 2021/08/25 12:0 a.m.13 views

VMware Releases Security Updates for Multiple Products 

VMware has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0018 and apply the necessary...

7.1AI score
Exploits0References1
CISA
CISA
added 2021/08/21 12:0 a.m.13 views

Hurricane-Related Scams

CISA warns users to remain on alert for malicious cyber activity targeting potential disaster victims and charitable donors following a hurricane. Fraudulent emails—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with...

6.8AI score
Exploits0References6
CISA
CISA
added 2021/08/12 12:0 a.m.13 views

Drupal Releases Security Updates

Drupal has released security updates to address vulnerabilities that could affect versions 8.9, 9.1, and 9.2. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Drupal Security Advisory SA-CORE-2021-005 and app...

7AI score
Exploits0References1
CISA
CISA
added 2021/08/05 12:0 a.m.13 views

CISA Releases Security Advisory for InterNiche Products

CISA has released an Industrial Control Systems ICS advisory detailing multiple vulnerabilities in InterNiche products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the ICS Advisory ICSA-21-217-01...

7.1AI score
Exploits0References1
CISA
CISA
added 2021/07/27 12:0 a.m.13 views

Apple Releases Security Updates

Apple has released security updates to address a vulnerability in multiple products. An attacker could exploit this vulnerability to take control of an affected device. CISA encourages users and administrators to review the security update page for the following products and apply the necessary...

6.7AI score
Exploits0References2
CISA
CISA
added 2021/07/15 12:0 a.m.13 views

Juniper Networks Releases Security Updates for Multiple Products

Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Juniper Networks security advisories page an...

7.1AI score
Exploits0References1
CISA
CISA
added 2021/07/13 12:0 a.m.13 views

Kaseya Ransomware Attack: Guidance and Resources

CISA has created a webpage to provide information and guidance for the recent ransomware attack against Kaseya customers that include managed service providers MSPs and customers of those MSPs. CISA encourages affected organizations to review Kaseya Ransomware Attack: Guidance for Affected MSPs a...

6.6AI score
Exploits0References2
CISA
CISA
added 2021/07/13 12:0 a.m.13 views

Mozilla Releases Security Updates for Firefox

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla Security Advisory for Firefox 90 and Firefox E...

7.2AI score
Exploits0References2
CISA
CISA
added 2021/06/25 12:0 a.m.13 views

Citrix Releases Security Updates for Hypervisor

Citrix has released security updates to address vulnerabilities in Hypervisor. An attacker could exploit these vulnerabilities to cause a denial-of-service condition. CISA encourages users and administrators to review Citrix Security Update CTX316325 and apply the necessary updates. This product ...

6.8AI score
Exploits0References1
CISA
CISA
added 2021/06/08 12:0 a.m.13 views

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Adobe’s Security Bulletins and apply the necessary updates...

7AI score
Exploits0References1
CISA
CISA
added 2021/06/08 12:0 a.m.13 views

SAP Releases June 2021 Security Updates

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the SAP Security Notes for June 2021 and apply the necessary...

6.7AI score
Exploits0References1
CISA
CISA
added 2021/05/28 12:0 a.m.13 views

Joint CISA-FBI Cybersecurity Advisory on Sophisticated Spearphishing Campaign

CISA and the Federal Bureau of Investigation FBI are responding to an ongoing spearphishing campaign targeting government organizations, intergovernmental organizations, and non-governmental organizations. A sophisticated cyber threat actor leveraged a compromised end-user account from Constant...

6.8AI score
Exploits0References4
CISA
CISA
added 2021/05/11 12:0 a.m.13 views

Citrix Releases Security Updates for Workspace App for Windows

Citrix has released security updates to address a vulnerability in Citrix Workspace App for Windows. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Citrix Security Update CTX307794 and apply the necessary...

6.7AI score
Exploits0References1
CISA
CISA
added 2021/05/06 12:0 a.m.13 views

VMware Releases Security Update

VMware has released a security update to address a vulnerability in VMware vRealize Business for Cloud. A remote attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0007 and apply th...

6.8AI score
Exploits0References1
CISA
CISA
added 2021/04/30 12:0 a.m.13 views

Codecov Releases New Detections for Supply Chain Compromise

CISA is aware of a compromise of the Codecov software supply chain in which a malicious threat actor made unauthorized alterations of Codecov’s Bash Uploader script, beginning on January 31, 2021. Upon discovering the compromise on April 1, 2021, Codecov immediately remediated the affected script...

6.7AI score
Exploits0References2
CISA
CISA
added 2021/04/22 12:0 a.m.13 views

Drupal Releases Security Updates

Drupal has released security updates to address a vulnerability affecting Drupal 7, 8.9, 9.0, and 9.1. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Drupal Advisory SA-CORE-2021-002 and apply the necessary...

6.8AI score
Exploits0References1
CISA
CISA
added 2021/04/13 12:0 a.m.13 views

Adobe Releases Security Updates

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary...

6.7AI score
Exploits0References4
CISA
CISA
added 2021/04/12 12:0 a.m.13 views

Updates on Microsoft Exchange Server Vulnerabilities

CISA has added two new Malware Analysis Reports MARs to Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities. MAR-10331466-1.v1: China Chopper Webshell identifies a China Chopper webshell observed in post-compromised Microsoft Exchange Servers. After successfully exploiting a...

6.8AI score
Exploits0References6
CISA
CISA
added 2021/03/09 12:0 a.m.13 views

Apple Releases Security Updates

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security pages for the following products and apply the...

6.9AI score
Exploits0References4
CISA
CISA
added 2021/03/04 12:0 a.m.13 views

VMware Releases Security Update

VMware has released a security update to address a vulnerability in View Planner. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0003 and apply the necessary update. This...

6.7AI score
Exploits0References1
CISA
CISA
added 2020/12/24 12:0 a.m.13 views

CISA Releases Free Detection Tool for Azure/M365 Environment

CISA has created a free tool for detecting unusual and potentially malicious activity that threatens users and applications in an Azure/Microsoft O365 environment. The tool is intended for use by incident responders and is narrowly focused on activity that is endemic to the recent identity- and...

6.7AI score
Exploits0References1
CISA
CISA
added 2020/12/03 12:0 a.m.13 views

NCSC Releases 2020 Annual Review

The United Kingdom UK National Cyber Security Centre NCSC has released its Annual Review 2020, which focuses on its response to evolving and challenging cyber threats. Recognizing cybersecurity as a “team sport,” the publication includes highlights of NCSC’s collaboration with many partners,...

6.9AI score
Exploits0References5
CISA
CISA
added 2020/12/02 12:0 a.m.13 views

Mozilla Releases Security Update for Thunderbird

Mozilla has released a security update to address a vulnerability in Thunderbird. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Mozilla Security Adviso...

6.8AI score
Exploits0References1
CISA
CISA
added 2020/10/22 12:0 a.m.13 views

CISA and FBI Release Joint Advisories Regarding Russian and Iranian APT Actors

The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have released two joint cybersecurity advisories on widespread advanced persistent threat APT activity. Joint Cybersecurity Advisory: AA20-296A Russian State-Sponsored Advanced Persistent Threat...

6.6AI score
Exploits0References3
CISA
CISA
added 2020/10/20 12:0 a.m.13 views

VMware Releases Security Updates for Multiple Products

VMware has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review...

7.2AI score
Exploits0References1
CISA
CISA
added 2020/10/15 12:0 a.m.13 views

Juniper Networks Releases Security Updates for Multiple Products

Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to...

7.1AI score
Exploits0References1
Total number of security vulnerabilities4188