Lucene search
K
CisaMost viewed

4188 matches found

CISA
CISA
added 2024/09/26 12:0 p.m.7 views

Cisco Releases Security Updates for IOS and IOS XE Software

Cisco released its September 2024 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication to address vulnerabilities in IOS and IOS XE. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and...

7.5AI score
Exploits0References1
CISA
CISA
added 2024/09/25 12:0 p.m.7 views

CISA Warns of Hurricane-Related Scams

As Hurricane Helene approaches, CISA urges users to remain on alert for potential malicious cyber activity. Fraudulent emails and social media messages—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with...

7.1AI score
Exploits0References4
CISA
CISA
added 2024/09/17 12:0 p.m.7 views

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on September 17, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-261-01 Siemens SIMATIC S7-200 SMART Devices ICSA-24-261-02 Millbeck Communications...

7.1AI score
Exploits0References3
CISA
CISA
added 2024/09/16 12:0 p.m.7 views

New CISA Plan Aligns Federal Agencies in Cyber Defense

Today, the Cybersecurity and Infrastructure Security Agency CISA released the Federal Civilian Executive Branch FCEB Operational Cybersecurity Alignment FOCAL Plan. Developed in collaboration with FCEB agencies, this plan provides standard, essential components of enterprise operational...

7.1AI score
Exploits0References2
CISA
CISA
added 2024/09/10 12:0 p.m.7 views

Microsoft Releases September 2024 Security Updates

Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessary updates: Microsoft...

7.6AI score
Exploits0References1
CISA
CISA
added 2024/09/03 12:0 p.m.7 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on September 3, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-247-01 LOYTEC Electronics LINX Series CISA encourages users and administrators to revie...

7AI score
Exploits0References1
CISA
CISA
added 2024/08/29 12:0 p.m.7 views

CISA and Partners Release Advisory on RansomHub Ransomware

Today, CISA—in partnership with the Federal Bureau of Investigation FBI, Multi-State Information Sharing and Analysis Center MS-ISAC, and Department of Health and Human Services HHS—released a joint Cybersecurity Advisory, StopRansomware: RansomHub Ransomware. This advisory provides network...

7AI score
Exploits0References6
CISA
CISA
added 2024/08/08 12:0 p.m.7 views

Best Practices for Cisco Device Configuration

In recent incidents, CISA has seen malicious cyber actors acquire system configuration files by leveraging available protocols or software on devices, such as abusing the legacy Cisco Smart Install feature. CISA recommends organizations disable Smart Install and review NSA’s Smart Install Protoco...

6.8AI score
Exploits0References3
CISA
CISA
added 2024/08/01 12:0 p.m.7 views

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on August 1, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-214-01 Johnson Controls exacqVision Client and exacqVision Server ICSA-24-214-02 Johnso...

7AI score
Exploits0References9
CISA
CISA
added 2024/07/18 12:0 p.m.7 views

Oracle Releases Critical Patch Update Advisory for July 2024

Oracle released its quarterly Critical Patch Update Advisory for July 2024 to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Orac...

7.3AI score
Exploits0References1
CISA
CISA
added 2024/07/12 12:0 p.m.7 views

AT&T Discloses Breach of Customer Data

On July 12, AT&T released a public statement on unauthorized access of customer data from a third-party cloud platform. AT&T also provided recommendations and resources for affected customers. CISA encourages customers to review the following AT&T article for additional information and follow...

6.9AI score
Exploits0References1
CISA
CISA
added 2024/07/08 12:0 p.m.7 views

CISA and Partners join ASD’S ACSC to Release Advisory on PRC State-Sponsored Group, APT 40

CISA has collaborated with the Australian Signals Directorate’s Australian Cyber Security Centre ASD's ACSC to release an advisory, People’s Republic of China PRC Ministry of State Security APT40 Tradecraft in Action outlining a PRC state-sponsored cyber group’s activity. The following...

6.9AI score
Exploits0References3
CISA
CISA
added 2024/06/03 12:0 p.m.7 views

Snowflake Recommends Customers Take Steps to Prevent Unauthorized Access

On June 2, Snowflake indicated a recent increase in cyber threat activity targeting customer accounts on its cloud data platform. Snowflake issued a recommendation for users to query for unusual activity and conduct further analysis to prevent unauthorized user access. Users and administrators ar...

7.1AI score
Exploits0References1
CISA
CISA
added 2024/05/24 12:0 p.m.7 views

Cisco Releases May 2024 Cisco ASA, FMC, and FTD Software Security Publication

Cisco released a bundled publication for security advisories that address vulnerabilities in Cisco Adaptive Security Appliance ASA, Firepower Management Center FMC, and Firepower Threat Defense FTD software. A cyber threat actor could exploit one of these vulnerabilities to take control of an...

7.6AI score
Exploits0References1
CISA
CISA
added 2024/05/09 12:0 p.m.7 views

ASD’s ACSC, CISA, and Partners Release Secure by Design Guidance on Choosing Secure and Verifiable Technologies

Today, the Australian Signals Directorate’s Australian Cyber Security Centre ASD’s ACSC, together with CISA, the Canadian Centre for Cyber Security CCCS, the United Kingdom’s National Cyber Security Centre NCSC-UK, and the New Zealand National Cyber Security Centre NCSC-NZ are releasing the...

6.9AI score
Exploits0References2
CISA
CISA
added 2024/05/09 12:0 p.m.7 views

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on May 09, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-130-01 Rockwell Automation FactoryTalk Historian SE ICSA-24-130-02 alpitronic Hypercharge...

7AI score
Exploits0References4
CISA
CISA
added 2024/05/07 12:0 p.m.7 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on May 07, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-128-01 PTC Codebeamer ICSA-24-128-02 SUBNET Substation Server CISA encourages users and...

7AI score
Exploits0References2
CISA
CISA
added 2024/04/19 12:0 p.m.7 views

Cisco Releases Security Advisories for Cisco Integrated Management Controller

Cisco has released security advisories for vulnerabilities in the Cisco integrated management controller. A remote cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following advisories and...

8.1AI score
Exploits0References2
CISA
CISA
added 2024/04/18 12:0 p.m.7 views

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on April 18, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-109-01 Unitronics Vision Series PLCs ICSA-21-287-03 Mitsubishi Electric MELSEC iQ-R...

7AI score
Exploits0References3
CISA
CISA
added 2024/04/02 12:0 p.m.7 views

CISA Publishes New Webpage Dedicated to Providing Resources for High-Risk Communities

Today, CISA published a new dedicated High-Risk Communities webpage comprised of cybersecurity resources to support civil society communities at heighted risk of digital security threats, including cyber hygiene guidance, a repository of local cyber volunteer programs, and free or discounted tool...

6.9AI score
Exploits0References6
CISA
CISA
added 2024/03/21 12:0 p.m.7 views

CISA, FBI, and MS-ISAC Release Update to Joint Guidance on Distributed Denial-of-Service Techniques

Today, CISA, the Federal Bureau of Investigation FBI, and the Multi-State Information Sharing and Analysis Center MS-ISAC released an updated joint guide, Understanding and Responding to Distributed Denial-Of-Service Attacks, to address the specific needs and challenges faced by organizations in...

7.3AI score
Exploits0References2
CISA
CISA
added 2024/03/08 12:0 p.m.7 views

Apple Released Security Updates for Multiple Products

Apple released security updates to address vulnerabilities in Safari, macOS, watchOS, tvOS, and visionOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply t...

7.1AI score
Exploits0References7
CISA
CISA
added 2024/03/07 12:0 p.m.7 views

CISA Adds One Known Exploited JetBrains Vulnerability, CVE-2024-27198, to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-27198 JetBrains TeamCity Authentication Bypass Vulnerability CISA urges organizations to review the following JetBrains blog post and apply the necessary updates...

9.8CVSS7.3AI score0.99991EPSS
Exploits25References7
CISA
CISA
added 2024/03/01 12:0 p.m.7 views

Cisco Releases Security Advisories for Cisco NX-OS Software

Cisco released security advisories to address vulnerabilities affecting Cisco NX-OS Software. A cyber threat actor could exploit one of these vulnerabilities to cause a denial-of-service condition. CISA encourages users and administrators to review the following advisories and apply the necessary...

7.4AI score
Exploits0References2
CISA
CISA
added 2024/02/21 12:0 p.m.7 views

CISA, EPA, and FBI Release Top Cyber Actions for Securing Water Systems

Today, CISA, the Environmental Protection Agency EPA, and the Federal Bureau of Investigation FBI released the joint fact sheet Top Cyber Actions for Securing Water Systems. This fact sheet outlines the following practical actions Water and Wastewater Systems WWS Sector entities can take to bette...

7.2AI score
Exploits0References2
CISA
CISA
added 2024/02/13 12:0 p.m.7 views

Microsoft Releases Security Updates for Multiple Products

Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s February Security Update Guidelink is...

7.6AI score
Exploits0References1
CISA
CISA
added 2024/02/13 12:0 p.m.7 views

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessa...

7.5AI score
Exploits0References6
CISA
CISA
added 2024/01/19 12:0 p.m.7 views

CISA Issues Emergency Directive on Ivanti Vulnerabilities

CISA has issued Emergency Directive ED 24-01 Mitigate Ivanti Connect Secure and Ivanti Policy Secure Vulnerabilities in response to active vulnerabilities in the following Ivanti products: Ivanti Connect Secure and Ivanti Policy Secure. ED 24-01 directs all Federal Civilian Executive Branch FCEB...

7.3AI score
Exploits0References2
CISA
CISA
added 2024/01/02 12:0 p.m.7 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-7024 Google Chromium WebRTC Heap Buffer Overflow Vulnerability CVE-2023-7101 Spreadsheet::ParseExcel Remote Code Execution Vulnerability These types of...

8.8CVSS8.1AI score0.16832EPSS
Exploits3References7
CISA
CISA
added 2023/11/30 12:0 p.m.7 views

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on November 30, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-334-01 Delta Electronics DOPSoft ICSA-23-334-02 Yokogawa STARDOM ICSA-23-334-03 PTC...

7.1AI score
Exploits0References4
CISA
CISA
added 2023/11/22 12:0 p.m.7 views

Adobe Releases Security Updates for ColdFusion

On Nov. 14, 2023, Adobe released security updates addressing vulnerabilities affecting unpatched ColdFusion software. Exploitation of some of these vulnerabilities may allow a malicious cyber actor to take control of an affected system. CISA urges organizations to review Adobe ColdFusion security...

7.5AI score
Exploits0References5
CISA
CISA
added 2023/11/16 12:0 p.m.7 views

CISA Requests Comment on Draft Secure Software Development Attestation Form

CISA has opened a 30-day Federal Register notice to receive public comment on the draft Secure Software Development Attestation Form. CISA developed this form in coordination with the Office of Management and Budget. With the Secure Software Development Attestation Form, federal departments and...

7AI score
Exploits0References3
CISA
CISA
added 2023/11/13 12:0 p.m.7 views

ASD's ACSC and CISA Release Business Continuity in a Box

Today, the Australian Signals Directorate’s Australian Cyber Security Centre ASD's ACSC and CISA released Business Continuity in a Box. Business Continuity in a Box, developed by ACSC with contributions from CISA, assists organizations with swiftly and securely standing up critical business...

7.4AI score
Exploits0References4
CISA
CISA
added 2023/11/07 12:0 p.m.7 views

FEMA and CISA Release Joint Guidance on Planning Considerations for Cyber Incidents

Today, the Federal Emergency Management Agency FEMA and the Cybersecurity and Infrastructure Security Agency CISA released the joint guide Planning Considerations for Cyber Incidents: Guidance for Emergency Managers to provide state, local, tribal, and territorial SLTT emergency managers with...

7.2AI score
Exploits0References3
CISA
CISA
added 2023/11/03 12:0 p.m.7 views

Cisco Releases Security Advisories for Multiple Products

Cisco released security advisories for vulnerabilities affecting multiple Cisco products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary...

8.2AI score
Exploits0References11
CISA
CISA
added 2023/10/20 12:0 p.m.7 views

CISA Releases Fact Sheet on Effort to Revise the National Cyber Incident Response Plan (NCIRP)

Today, the Cybersecurity and Infrastructure Security Agency CISA released a fact sheet on the effort to revise the National Cyber Incident Response Plan NCIRP. Through the Joint Cyber Defense Collaborative JCDC, CISA will work to ensure that the updated NCIRP addresses significant changes in poli...

7AI score
Exploits0References4
CISA
CISA
added 2023/10/19 12:0 p.m.7 views

CISA, NSA, FBI, and MS-ISAC Release Update to #StopRansomware Guide

Today, the Cybersecurity and Infrastructure Security Agency CISA, the National Security Agency NSA, the Federal Bureau of Investigation FBI, and the Multi-State Information Sharing and Analysis Center MS-ISAC released an updated version of the joint StopRansomware Guide. The update includes new...

7.2AI score
Exploits0References4
CISA
CISA
added 2023/10/12 12:0 p.m.7 views

CISA Releases New Resources Identifying Known Exploited Vulnerabilities and Misconfigurations Linked to Ransomware

Today, as part of the Ransomware Vulnerability Warning Pilot RVWP, CISA launched two new resources for combating ransomware campaigns: A “Known to be Used in Ransomware Campaigns” column in the KEV Catalog that identifies KEVs associated with ransomware campaigns. A “Misconfigurations and...

7AI score
Exploits0References7
CISA
CISA
added 2023/10/10 12:0 p.m.7 views

Microsoft Releases October 2023 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s October 2023 Security Update Guidelink is...

7.5AI score
Exploits0References1
CISA
CISA
added 2023/10/04 12:0 p.m.7 views

CISA and NSA Release New Guidance on Identity and Access Management

Today, CISA and the National Security Agency NSA published Identity and Access Management: Developer and Vendor Challenges, authored by the Enduring Security Framework ESF, a CISA- and NSA-led working panel that includes a public-private cross-sector partnership. ESF aims to address risks that...

7.4AI score
Exploits0References2
CISA
CISA
added 2023/09/29 12:0 p.m.7 views

Mozilla Releases Security Updates for Multiple Products

Mozilla has released security updates to address a vulnerability affecting Firefox, Firefox ESR, Firefox Focus for Android, and Firefox for Android. A cyber threat actor can exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review...

7.3AI score
Exploits0References1
CISA
CISA
added 2023/09/28 12:0 p.m.7 views

Apple Releases Security Updates for Multiple Products

Apple has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary updates...

7.2AI score
Exploits0References2
CISA
CISA
added 2023/09/27 12:0 p.m.7 views

Mozilla Releases Security Advisories for Thunderbird and Firefox

Mozilla has released security updates to address vulnerabilities for Thunderbird 115.3, Firefox ESR 115.3, and Firefox 118. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Mozilla security advisorie...

7.4AI score
Exploits0References3
CISA
CISA
added 2023/09/27 12:0 p.m.7 views

NSA, FBI, CISA, and Japanese Partners Release Advisory on PRC-Linked Cyber Actors

Today, the U.S. National Security Agency NSA, Federal Bureau of Investigation FBI, and Cybersecurity and Infrastructure Security Agency CISA, along with the Japan National Police Agency NPA and the Japan National Center of Incident Readiness and Strategy for Cybersecurity NISC released joint...

7.3AI score
Exploits0References4
CISA
CISA
added 2023/09/14 12:0 p.m.7 views

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven Industrial Control Systems ICS advisories on September 14, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-257-01 Siemens SIMATIC, SIPLUS Products ICSA-23-257-02 Siemens Parasolid...

6.9AI score
Exploits0References7
CISA
CISA
added 2023/09/13 12:0 p.m.7 views

Mozilla Releases Security Updates for Multiple Products

Mozilla has released security updates to address a vulnerability affecting Firefox, Firefox ESR, and Thunderbird. A cyber threat actor can exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Mozilla’s advisory MFSA 2023-40link is...

7.3AI score
Exploits0References1
CISA
CISA
added 2023/09/12 12:0 p.m.7 views

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities affecting Adobe software. A cyber threat actor can exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the...

7.6AI score
Exploits0References3
CISA
CISA
added 2023/08/31 12:0 p.m.7 views

CISA and International Partners Release Malware Analysis Report on Infamous Chisel Mobile Malware

Today, the United Kingdom’s National Cyber Security Centre NCSC-UK, the United States’ Cybersecurity and Infrastructure Security Agency CISA, National Security Agency NSA, and Federal Bureau of Investigation FBI, New Zealand’s National Cyber Security Centre NCSC-NZ, the Canadian Centre for Cyber...

6.7AI score
Exploits0References5
CISA
CISA
added 2023/08/31 12:0 p.m.7 views

CISA Warns of Hurricane-Related Scams

CISA urges users to remain on alert for malicious cyber activity following natural disasters, such as hurricanes, as attackers target disaster victims and concerned citizens by leveraging social engineering tactics, techniques, and procedures TTPs. Social engineering TTPs include phishing, in whi...

6.9AI score
Exploits0References5
CISA
CISA
added 2023/08/21 12:0 p.m.7 views

CISA, NSA, and NIST Publish Factsheet on Quantum Readiness

Today, the Cybersecurity and Infrastructure Security Agency CISA, National Security Agency NSA and National Institute of Standards and Technology NIST released a joint factsheet, Quantum-Readiness: Migration to Post-Quantum Cryptography PQC, to inform organizations—especially those that support...

7AI score
Exploits0References3
Total number of security vulnerabilities4188