Lucene search
K
CisaMost viewed

4188 matches found

CISA
CISA
added 2024/05/24 12:0 p.m.7 views

Cisco Releases May 2024 Cisco ASA, FMC, and FTD Software Security Publication

Cisco released a bundled publication for security advisories that address vulnerabilities in Cisco Adaptive Security Appliance ASA, Firepower Management Center FMC, and Firepower Threat Defense FTD software. A cyber threat actor could exploit one of these vulnerabilities to take control of an...

7.6AI score
Exploits0References1
CISA
CISA
added 2024/05/14 12:0 p.m.7 views

CISA and Partners Release Guidance for Civil Society Organizations on Mitigating Cyber Threats with Limited Resources

CISA, in partnership with the Department of Homeland Security DHS, the Federal Bureau of Investigation FBI and international partners, released Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society. The joint guidance provides civil society organizations and individuals with...

7.1AI score
Exploits0References3
CISA
CISA
added 2024/05/09 12:0 p.m.7 views

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on May 09, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-130-01 Rockwell Automation FactoryTalk Historian SE ICSA-24-130-02 alpitronic Hypercharge...

7AI score
Exploits0References4
CISA
CISA
added 2024/05/01 12:0 p.m.7 views

CISA and Partners Release Fact Sheet on Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity

Today, CISA, in collaboration with U.S. and international partners, published a joint fact sheet, Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity. This fact sheet provides information and mitigations associated with cyber operations conducted by pro-Russia hacktivists who...

6.7AI score
Exploits0References3
CISA
CISA
added 2024/04/19 12:0 p.m.7 views

Cisco Releases Security Advisories for Cisco Integrated Management Controller

Cisco has released security advisories for vulnerabilities in the Cisco integrated management controller. A remote cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following advisories and...

8.1AI score
Exploits0References2
CISA
CISA
added 2024/04/18 12:0 p.m.7 views

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on April 18, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-109-01 Unitronics Vision Series PLCs ICSA-21-287-03 Mitsubishi Electric MELSEC iQ-R...

7AI score
Exploits0References3
CISA
CISA
added 2024/04/02 12:0 p.m.7 views

CISA Publishes New Webpage Dedicated to Providing Resources for High-Risk Communities

Today, CISA published a new dedicated High-Risk Communities webpage comprised of cybersecurity resources to support civil society communities at heighted risk of digital security threats, including cyber hygiene guidance, a repository of local cyber volunteer programs, and free or discounted tool...

6.9AI score
Exploits0References6
CISA
CISA
added 2024/03/07 12:0 p.m.7 views

CISA Adds One Known Exploited JetBrains Vulnerability, CVE-2024-27198, to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-27198 JetBrains TeamCity Authentication Bypass Vulnerability CISA urges organizations to review the following JetBrains blog post and apply the necessary updates...

9.8CVSS7.3AI score0.99991EPSS
Exploits25References7
CISA
CISA
added 2024/02/13 12:0 p.m.7 views

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessa...

7.5AI score
Exploits0References6
CISA
CISA
added 2024/02/06 12:0 p.m.7 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-4762 Google Chromium V8 Type Confusion Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant...

8.8CVSS7.2AI score0.37987EPSS
Exploits2References6
CISA
CISA
added 2024/01/19 12:0 p.m.7 views

CISA Issues Emergency Directive on Ivanti Vulnerabilities

CISA has issued Emergency Directive ED 24-01 Mitigate Ivanti Connect Secure and Ivanti Policy Secure Vulnerabilities in response to active vulnerabilities in the following Ivanti products: Ivanti Connect Secure and Ivanti Policy Secure. ED 24-01 directs all Federal Civilian Executive Branch FCEB...

7.3AI score
Exploits0References2
CISA
CISA
added 2023/12/15 12:0 p.m.7 views

CISA Secure by Design Alert Urges Manufacturers to Eliminate Default Passwords

Today, CISA published guidance on How Manufacturers Can Protect Customers by Eliminating Default Passwords as a part of our new Secure by Design SbD Alert series. This SbD Alert urges technology manufacturers to proactively eliminate the risk of default password exploitation by implementing...

7.3AI score
Exploits0References2
CISA
CISA
added 2023/11/29 12:0 p.m.7 views

CISA Releases First Secure by Design Alert

Today, CISA published guidance on How Software Manufacturers Can Shield Web Management Interfaces From Malicious Cyber Activity as a part of a new Secure by Design SbD Alert series. This SbD Alert urges software manufacturers to proactively prevent the exploitation of vulnerabilities in web...

7.1AI score
Exploits0References4
CISA
CISA
added 2023/11/22 12:0 p.m.7 views

Adobe Releases Security Updates for ColdFusion

On Nov. 14, 2023, Adobe released security updates addressing vulnerabilities affecting unpatched ColdFusion software. Exploitation of some of these vulnerabilities may allow a malicious cyber actor to take control of an affected system. CISA urges organizations to review Adobe ColdFusion security...

7.5AI score
Exploits0References5
CISA
CISA
added 2023/11/03 12:0 p.m.7 views

Cisco Releases Security Advisories for Multiple Products

Cisco released security advisories for vulnerabilities affecting multiple Cisco products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary...

8.2AI score
Exploits0References11
CISA
CISA
added 2023/10/20 12:0 p.m.7 views

CISA Releases Fact Sheet on Effort to Revise the National Cyber Incident Response Plan (NCIRP)

Today, the Cybersecurity and Infrastructure Security Agency CISA released a fact sheet on the effort to revise the National Cyber Incident Response Plan NCIRP. Through the Joint Cyber Defense Collaborative JCDC, CISA will work to ensure that the updated NCIRP addresses significant changes in poli...

7AI score
Exploits0References4
CISA
CISA
added 2023/09/28 12:0 p.m.7 views

Apple Releases Security Updates for Multiple Products

Apple has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary updates...

7.2AI score
Exploits0References2
CISA
CISA
added 2023/09/27 12:0 p.m.7 views

Mozilla Releases Security Advisories for Thunderbird and Firefox

Mozilla has released security updates to address vulnerabilities for Thunderbird 115.3, Firefox ESR 115.3, and Firefox 118. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Mozilla security advisorie...

7.4AI score
Exploits0References3
CISA
CISA
added 2023/09/26 12:0 p.m.7 views

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on September 26, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-269-01 Suprema BioStar 2 ICSA-23-269-02 Hitachi Energy Asset Suite 9 ICSA-23-269-03...

7.1AI score
Exploits0References6
CISA
CISA
added 2023/09/13 12:0 p.m.7 views

Mozilla Releases Security Updates for Multiple Products

Mozilla has released security updates to address a vulnerability affecting Firefox, Firefox ESR, and Thunderbird. A cyber threat actor can exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Mozilla’s advisory MFSA 2023-40link is...

7.3AI score
Exploits0References1
CISA
CISA
added 2023/09/12 12:0 p.m.7 views

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities affecting Adobe software. A cyber threat actor can exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the...

7.6AI score
Exploits0References3
CISA
CISA
added 2023/08/21 12:0 p.m.7 views

CISA, NSA, and NIST Publish Factsheet on Quantum Readiness

Today, the Cybersecurity and Infrastructure Security Agency CISA, National Security Agency NSA and National Institute of Standards and Technology NIST released a joint factsheet, Quantum-Readiness: Migration to Post-Quantum Cryptography PQC, to inform organizations—especially those that support...

7AI score
Exploits0References3
CISA
CISA
added 2023/08/03 12:0 p.m.7 views

CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022 

The U.S. Cybersecurity and Infrastructure Security Agency CISA, National Security Agency NSA, Federal Bureau of Investigation FBI, and international partners are releasing a joint Cybersecurity Advisory CSA, 2022 Top Routinely Exploited Vulnerabilities. This advisory provides details on the top...

7AI score
Exploits0References4
CISA
CISA
added 2023/08/02 12:0 p.m.7 views

Ivanti Releases Security Updates for EPMM to address CVE-2023-35081

Ivanti has identified and released patches for a directory traversal vulnerabilitylink is external CVE-2023-35081, CWE-22link is external in Ivanti Endpoint Manager Mobile EPMM. This vulnerability allows an authenticated attacker to write arbitrary files with the operating system privileges of th...

10CVSS7.3AI score0.99999EPSS
Exploits14References5
CISA
CISA
added 2023/07/26 12:0 p.m.7 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-38606 Apple Multiple Products Kernel Unspecified Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

5.5CVSS7AI score0.01002EPSS
Exploits1References4
CISA
CISA
added 2023/07/18 12:0 p.m.7 views

Citrix Releases Security Updates for NetScaler ADC and Gateway

Citrix has released security updates to address vulnerabilities CVE-2023-3519, CVE-2023-3466, and CVE-2023-3467 affecting NetScaler ADC and NetScaler Gatewaylink is external. An attacker can exploit one of these vulnerabilities to take control of an affected system. According to Citrix,...

9.8CVSS7.6AI score0.99445EPSS
Exploits16References2
CISA
CISA
added 2023/07/18 12:0 p.m.7 views

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven Industrial Control Systems ICS advisories on July 18, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-199-01 Rockwell Automation Kinetix 5700 DC Bus Power Supply Series A ICSA-23-199-02...

7AI score
Exploits0References7
CISA
CISA
added 2023/07/11 12:0 p.m.7 views

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on July 11, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-192-01 Rockwell Automation Enhanced HIM ICSA-23-192-02 Sensormatic Electronics iSTAR...

7AI score
Exploits0References4
CISA
CISA
added 2023/06/28 12:0 p.m.7 views

CISA and NSA Release Joint Guidance on Defending Continuous Integration/Continuous Delivery (CI/CD) Environments

Today, CISA, together with the National Security Agency NSA, released a Cybersecurity Information Sheet CSI to provide recommendations and best practices for organizations to strengthen the security of their CI/CD pipelines against the threat of malicious cyber actors MCAs. Recognizing the variou...

7.2AI score
Exploits0References3
CISA
CISA
added 2023/06/13 12:0 p.m.7 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-27997 Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

9.8CVSS7.3AI score0.85689EPSS
Exploits10References6
CISA
CISA
added 2023/06/12 12:0 p.m.7 views

Fortinet Releases Security Updates for FortiOS and FortiProxy

Fortinet has released security updates to address a heap-based buffer overflow vulnerability CVE-2023-27997 in FortiOS and FortiProxy. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Fortinet security advisory...

9.8CVSS7.8AI score0.85689EPSS
Exploits10References2
CISA
CISA
added 2023/04/13 12:0 p.m.7 views

Juniper Networks Releases Security Updates

Juniper Networks has released security updates to address vulnerabilities affecting Junos OSlink is external, Paragon Active Assurance PAAlink is external, and Juniper Secure Analytics JSA Serieslink is external. An attacker could exploit some of these vulnerabilities to take control of an affect...

9.8CVSS8.5AI score0.99931EPSS
Exploits41References4
CISA
CISA
added 2023/02/02 12:0 a.m.7 views

Cisco Releases Security Advisories for Multiple Products

Cisco released security updates for vulnerabilities affecting multiple products. A remote attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Cisco Security Advisories page and apply the necessary updates. This...

2.3AI score
Exploits0References1
CISA
CISA
added 2023/01/31 12:0 a.m.7 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on January 31, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical...

2.6AI score
Exploits0References1
CISA
CISA
added 2022/11/09 12:0 a.m.7 views

VMware Releases Security Updates

VMware has released security updates to address multiple vulnerabilities in VMware Workspace ONE Assist. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2022-0028 a...

2.9AI score
Exploits0References1
CISA
CISA
added 2022/10/26 12:0 a.m.7 views

Apple Releases Security Updates for Multiple Products 

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the Apple security updates page for the following products and app...

2.1AI score
Exploits0References8
CISA
CISA
added 2022/10/20 12:0 a.m.7 views

Mozilla Releases Security Updates for Firefox

Mozilla has released security updates to address vulnerabilities in Firefox ESR and Firefox. An attacker could exploit these vulnerabilities to cause denial-of-service conditions. CISA encourages users and administrators to review Mozilla’s security advisories for Firefox ESR 102.4 and Firefox 10...

2.7AI score
Exploits0References2
CISA
CISA
added 2022/10/19 12:0 a.m.7 views

CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite

CISA and the Multi-State Information Sharing & Analysis Center MS-ISAC have updated joint Cybersecurity Advisory AA22-228A: Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite, originally released August 16, 2022. The advisory has been updated to reference the addition of a...

1AI score
Exploits0References2
CISA
CISA
added 2022/10/06 12:0 a.m.7 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two 2 Industrial Control Systems ICS advisories on October 06, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

1.7AI score
Exploits0References2
CISA
CISA
added 2022/10/03 12:0 a.m.7 views

CISA Issues Binding Operational Directive 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks

CISA has issued Binding Operational Directive BOD 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks, which seeks improve asset visibility and vulnerability enumeration across the federal enterprise. Although BOD 23-01 is only applicable to federal civilian executiv...

2.1AI score
Exploits0References1
CISA
CISA
added 2022/09/06 12:0 a.m.7 views

#StopRansomware: Vice Society

CISA, the Federal Bureau of Investigation FBI, and the Multi-State Information Sharing and Analysis Center MS-ISAC have released a joint Cybersecurity Advisory CSA, StopRansomware: Vice Society, to disseminate tactics, techniques, and procedures TTPs and indicators of compromise IOCs associated...

2.3AI score
Exploits0References3
CISA
CISA
added 2022/08/22 12:0 a.m.7 views

CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite

CISA and the Multi-State Information Sharing & Analysis Center MS-ISAC have updated joint Cybersecurity Advisory AA22-228A: Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite, originally released August 16, 2022. The advisory has been updated to include additional detection...

1.4AI score
Exploits0References2
CISA
CISA
added 2022/08/22 12:0 a.m.7 views

CISA releases 7 Industrial Control Systems Advisories

CISA has released 7 Industrial Control Systems ICS advisories on August 23, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

1.4AI score
Exploits0References7
CISA
CISA
added 2022/08/22 12:0 a.m.7 views

CISA Adds One Known Exploited Vulnerabilities to Catalog

CISA has added a new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added...

1.7AI score
Exploits0References5
CISA
CISA
added 2022/08/18 12:0 a.m.7 views

Apple Releases Security Updates for Multiple Products

Apple has released security updates to address vulnerabilities in macOS Monterey, iOS and iPadOS, and Safari. An attacker could exploit one of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the Apple security updates page for the...

2AI score
Exploits0References4
CISA
CISA
added 2022/08/18 12:0 a.m.7 views

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly...

1.7AI score
Exploits0References5
CISA
CISA
added 2022/08/09 12:0 a.m.7 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog 

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly adde...

1.6AI score
Exploits0References5
CISA
CISA
added 2022/07/21 12:0 a.m.7 views

Drupal Releases Security Update 

Drupal has released security updates to address vulnerabilities affecting Drupal 9.3 and 9.4. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Drupal security advisory SA-CORE-2022-015 and apply the...

2.7AI score
Exploits0References1
CISA
CISA
added 2022/07/06 12:0 a.m.7 views

OpenSSL Releases Security Update

OpenSSL has released a security update to address a vulnerability affecting OpenSSL 3.0.4. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the OpenSSL advisory and upgrade to the appropriate version. This produ...

2.8AI score
Exploits0References1
CISA
CISA
added 2022/06/14 12:0 a.m.7 views

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary...

1.7AI score
Exploits0References6
Total number of security vulnerabilities4188