Lucene search
K
CisaMost viewed

4188 matches found

CISA
CISA
added 2024/05/23 12:0 p.m.8 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2020-17519 Apache Flink Improper Access Control Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significa...

9.1CVSS7AI score0.97856EPSS
Exploits14References6
CISA
CISA
added 2024/05/14 12:0 p.m.8 views

Apple Releases Security Updates for Multiple Products

Apple has released security updates to address vulnerabilities in Safari, iOS, iPadOS, macOS, watchOS, and tvOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following advisories and...

6.9AI score
Exploits0References8
CISA
CISA
added 2024/05/14 12:0 p.m.8 views

CISA and Partners Release Guidance for Civil Society Organizations on Mitigating Cyber Threats with Limited Resources

CISA, in partnership with the Department of Homeland Security DHS, the Federal Bureau of Investigation FBI and international partners, released Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society. The joint guidance provides civil society organizations and individuals with...

7.1AI score
Exploits0References3
CISA
CISA
added 2024/04/11 12:0 p.m.8 views

CISA Issues Emergency Directive 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System

Today, CISA publicly issued Emergency Directive ED 24-02 to address the recent campaign by Russian state-sponsored cyber actor Midnight Blizzard to exfiltrate email correspondence of Federal Civilian Executive Branch FCEB agencies through a successful compromise of Microsoft corporate email...

7AI score
Exploits0References2
CISA
CISA
added 2024/02/27 12:0 p.m.8 views

CISA, FBI, and HHS Release an Update to #StopRansomware Advisory on ALPHV Blackcat

Today, CISA, the Federal Bureau of Investigation FBI, and the Department of Health and Human Services HHS released an update to the joint advisory StopRansomware: ALPHV Blackcat to provide new indicators of compromise IOCs and tactics, techniques, and procedures TTPs associated with the ALPHV...

7AI score
Exploits0References7
CISA
CISA
added 2024/02/08 12:0 p.m.8 views

Cisco Releases Security Advisory for Vulnerabilities in Cisco Expressway Series

Cisco released a security advisory to address vulnerabilities affecting Cisco Expressway Series. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Cisco Expressway Serieslink is external...

7.5AI score
Exploits0References1
CISA
CISA
added 2024/02/06 12:0 p.m.8 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-4762 Google Chromium V8 Type Confusion Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant...

8.8CVSS7.2AI score0.37987EPSS
Exploits2References6
CISA
CISA
added 2024/02/02 12:0 p.m.8 views

Juniper Networks Releases Security Bulletin for Juniper Secure Analytics

Juniper Networks released a security bulletin to address multiple vulnerabilities affecting Juniper Secure Analytics optional applications. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the...

7.6AI score
Exploits0References1
CISA
CISA
added 2024/01/25 12:0 p.m.8 views

Cisco Releases Security Advisory for Multiple Unified Communications and Contact Center Solutions Products

Cisco released a security advisory to address a vulnerability CVE-2024-20253 affecting multiple Unified Communications Products. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Cisco Unified...

10CVSS7.7AI score0.02057EPSS
Exploits0References1
CISA
CISA
added 2024/01/23 12:0 p.m.8 views

CISA Joins ACSC-led Guidance on How to Use AI Systems Securely

CISA has collaborated with the Australian Signals Directorate’s Australian Cyber Security Centre ASD’s ACSC on Engaging with Artificial Intelligencelink is external—joint guidance, led by ACSC, on how to use AI systems securely. The following organizations also collaborated with ACSC on the...

7.1AI score
Exploits0References3
CISA
CISA
added 2023/11/29 12:0 p.m.8 views

CISA Releases First Secure by Design Alert

Today, CISA published guidance on How Software Manufacturers Can Shield Web Management Interfaces From Malicious Cyber Activity as a part of a new Secure by Design SbD Alert series. This SbD Alert urges software manufacturers to proactively prevent the exploitation of vulnerabilities in web...

7.1AI score
Exploits0References4
CISA
CISA
added 2023/10/27 12:0 p.m.8 views

CISA Announces Launch of Logging Made Easy

Today, CISA announces the launch of a new version of Logging Made Easy LMElink is external, a straightforward log management solution for Windows-based devices that can be downloaded and self-installed for free. CISA’s version reimagines technology developed by the United Kingdom’s National Cyber...

7.3AI score
Exploits0References3
CISA
CISA
added 2023/09/26 12:0 p.m.8 views

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on September 26, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-269-01 Suprema BioStar 2 ICSA-23-269-02 Hitachi Energy Asset Suite 9 ICSA-23-269-03...

7.1AI score
Exploits0References6
CISA
CISA
added 2023/09/12 12:0 p.m.8 views

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities affecting Adobe software. A cyber threat actor can exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the...

7.6AI score
Exploits0References3
CISA
CISA
added 2023/08/29 12:0 p.m.8 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on August 29, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-241-01 PTC CodeBeamer CISA encourages users and administrators to review the newly released...

7AI score
Exploits0References1
CISA
CISA
added 2023/07/18 12:0 p.m.8 views

Citrix Releases Security Updates for NetScaler ADC and Gateway

Citrix has released security updates to address vulnerabilities CVE-2023-3519, CVE-2023-3466, and CVE-2023-3467 affecting NetScaler ADC and NetScaler Gatewaylink is external. An attacker can exploit one of these vulnerabilities to take control of an affected system. According to Citrix,...

9.8CVSS7.6AI score0.99445EPSS
Exploits16References2
CISA
CISA
added 2023/06/22 12:0 p.m.8 views

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on June 22, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-173-02 Advantech R-SeeNet ICSA-23-173-03 SpiderControl SCADAWebServer ICSA-23-026-02...

7AI score
Exploits0References4
CISA
CISA
added 2023/06/13 12:0 p.m.8 views

Fortinet Releases June 2023 Vulnerability Advisories

Fortinet has released its June 2023 Vulnerability Advisories to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Fortinet June 2023 Vulnerabilit...

7.4AI score
Exploits0References1
CISA
CISA
added 2023/06/13 12:0 p.m.8 views

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on June 13, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-164-01 Datalogics Library Third-Party ICSA-23-164-02 Rockwell Automation FactoryTalk...

7AI score
Exploits0References4
CISA
CISA
added 2023/05/19 12:0 p.m.8 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2004-1464 Cisco IOS Denial-of-Service Vulnerability CVE-2016-6415 Cisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability CVE-2023-21492 Samsung...

9CVSS7.2AI score0.99977EPSS
Exploits57References11
CISA
CISA
added 2023/04/13 12:0 p.m.8 views

Juniper Networks Releases Security Updates

Juniper Networks has released security updates to address vulnerabilities affecting Junos OSlink is external, Paragon Active Assurance PAAlink is external, and Juniper Secure Analytics JSA Serieslink is external. An attacker could exploit some of these vulnerabilities to take control of an affect...

9.8CVSS8.5AI score0.99931EPSS
Exploits42References4
CISA
CISA
added 2023/02/14 12:0 a.m.8 views

Microsoft Releases February 2023 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s February 2023 Security Update Guide and Deployment...

1.7AI score
Exploits0References2
CISA
CISA
added 2023/01/11 12:0 a.m.8 views

NCSC-UK Releases Guidance on Using MSP for Administering Cloud Services

The United Kingdom’s National Cyber Security Centre NCSC-UK has released a blog post, Using MSPs to administer your cloud services, that provides organizations security considerations for using a third party, such as a managed service provider MSP, to administer cloud services. Contracting with a...

0.5AI score
Exploits0References1
CISA
CISA
added 2023/01/10 12:0 a.m.8 views

Microsoft Releases January 2023 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s January 2023 Security Update Guide and Deployment...

1.7AI score
Exploits0References2
CISA
CISA
added 2022/12/15 12:0 a.m.8 views

Drupal Releases Security Updates to Address Vulnerabilities in H5P and File (Field) Paths

Drupal has released security updates to address vulnerabilities affecting H5P and the File Field Paths modules for Drupal 7.x. An attacker could exploit these vulnerabilities to access sensitive information and remotely execute code. CISA encourages users and administrators to review Drupal’s...

3AI score
Exploits0References2
CISA
CISA
added 2022/11/15 12:0 a.m.8 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on November 15, 2022. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical...

2.4AI score
Exploits0References1
CISA
CISA
added 2022/11/10 12:0 a.m.8 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA...

1.5AI score
Exploits0References8
CISA
CISA
added 2022/10/20 12:0 a.m.8 views

CISA Releases Three Industrial Control Systems Advisories

CISA has released three 3 Industrial Control Systems ICS advisories on October 20, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories f...

2.1AI score
Exploits0References3
CISA
CISA
added 2022/10/19 12:0 a.m.8 views

CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite

CISA and the Multi-State Information Sharing & Analysis Center MS-ISAC have updated joint Cybersecurity Advisory AA22-228A: Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite, originally released August 16, 2022. The advisory has been updated to reference the addition of a...

1AI score
Exploits0References2
CISA
CISA
added 2022/10/11 12:0 a.m.8 views

CISA Has Added One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added...

1.7AI score
Exploits0References5
CISA
CISA
added 2022/07/21 12:0 a.m.8 views

CNMF Discloses Malware in Ukraine

U.S. Cyber Command’s Cyber National Mission Force CNMF, in close coordination with the Security Service of Ukraine, has released a list of indicators of compromise IOCs of malware seen in Ukraine. According to CNMF, “Ukrainian partners are actively sharing malicious activity they find with us to...

0.8AI score
Exploits0References4
CISA
CISA
added 2022/07/14 12:0 a.m.8 views

Juniper Networks Releases Security Updates for Multiple Products

Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Juniper Networks security advisories page an...

1.8AI score
Exploits0References1
CISA
CISA
added 2022/06/16 12:0 a.m.8 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...

2.6AI score
Exploits0References4
CISA
CISA
added 2022/06/14 12:0 a.m.8 views

Microsoft Releases June 2022 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s June 2022 Security Update Summary and Deployment...

1.8AI score
Exploits0References2
CISA
CISA
added 2022/06/01 12:0 a.m.8 views

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for Firefox...

2.8AI score
Exploits0References3
CISA
CISA
added 2022/05/25 12:0 a.m.8 views

CISA Adds 34 Known Exploited Vulnerabilities to Catalog

CISA has added 34 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added...

1.7AI score
Exploits0References5
CISA
CISA
added 2022/05/23 12:0 a.m.8 views

Mozilla Releases Security Products for Multiple Firefox Products

Mozilla has released security updates to address vulnerabilities in Firefox 100.0.2, Firefox for Android 100.3.0, and Firefox ESR 91.9.1. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Mozilla security...

2.6AI score
Exploits0References1
CISA
CISA
added 2022/05/16 12:0 a.m.8 views

Apache Releases Security Advisory for Tomcat

The Apache Software Foundation has released a security advisory to address a vulnerability in multiple versions of Tomcat. An attacker could exploit this vulnerability to obtain sensitive information. CISA encourages users and administrators to review Apache’s security advisory and apply the...

2AI score
Exploits0References2
CISA
CISA
added 2022/05/11 12:0 a.m.8 views

Google Releases Security Updates for Chrome

Google has released Chrome version 101.0.4951.64 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update. Thi...

2.2AI score
Exploits0References1
CISA
CISA
added 2022/04/28 12:0 a.m.8 views

Google Releases Security Updates for Chrome

Google has released Chrome version 101.0.4951.41 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates. Th...

2.2AI score
Exploits0References1
CISA
CISA
added 2022/04/19 12:0 a.m.8 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly...

1.7AI score
Exploits0References5
CISA
CISA
added 2022/04/14 12:0 a.m.8 views

Juniper Networks Releases Security Updates for Multiple Products

Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Juniper Networks security advisories page an...

1.8AI score
Exploits0References1
CISA
CISA
added 2022/03/31 12:0 a.m.8 views

FBI Releases PIN on Ransomware Straining Local Governments and Public Services

The Federal Bureau of Investigation FBI has released a Private Industry Notification PIN to inform U.S. Government Facilities Sector partners of cyber actors conducting ransomware attacks on local government agencies that have resulted in disrupted operational services, risks to public safety, an...

3.3AI score
Exploits0References1
CISA
CISA
added 2022/03/22 12:0 a.m.8 views

Drupal Releases Security Updates

Drupal has released security updates to address a vulnerability affecting Drupal 9.2 and 9.3. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Drupal Security Advisory SA-CORE-006 and apply the necessary update...

2.7AI score
Exploits0References1
CISA
CISA
added 2022/03/16 12:0 a.m.8 views

Google Releases Security Updates for Chrome

Google has released Chrome version 99.0.4844.74 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates. Thi...

2.2AI score
Exploits0References1
CISA
CISA
added 2022/03/08 12:0 a.m.8 views

FBI Releases Indicators of Compromise for RagnarLocker Ransomware

The Federal Bureau of Investigation FBI has released a Flash report detailing indicators of compromise IOCs associated with ransomware attacks by RagnarLocker, a group of a ransomware actors targeting critical infrastructure sectors. CISA encourages users and administrators to review the IOCs and...

6.8AI score
Exploits0References2
CISA
CISA
added 2022/02/18 12:0 a.m.8 views

NCSC-NZ Releases Advisory on Cyber Threats Related to Russia-Ukraine Tensions

The New Zealand National Cyber Security Centre NCSC-NZ has released a General Security Advisory GSA on preparing for cyber threats relating to tensions between Russia and Ukraine. The advisory recommends organizations review their security posture and monitor for cyber incidents and provides...

6.8AI score
Exploits0References2
CISA
CISA
added 2022/02/08 12:0 a.m.8 views

Microsoft Releases February 2022 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s February 2022 Security Update Summary and...

7.1AI score
Exploits0References2
CISA
CISA
added 2022/01/27 12:0 a.m.8 views

Apple Releases Security Updates for Multiple Products

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security pages for the following products and apply the...

6.9AI score
Exploits0References6
CISA
CISA
added 2022/01/13 12:0 a.m.8 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address a vulnerability affecting Cisco Unified Contact Center Management Portal Unified CCMP and Cisco Unified Contact Center Domain Manager Unified CCDM. A remote attacker could exploit this vulnerability to take control of an affected system. CISCA...

6.9AI score
Exploits0References1
Total number of security vulnerabilities4188