Lucene search
K
CisaMost viewed

4188 matches found

CISA
CISA
added 2025/09/23 12:0 p.m.6 views

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on September 23, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-266-01 AutomationDirect CLICK PLUS ICSA-25-266-02 Mitsubishi Electric MELSEC-Q Serie...

6.6AI score
Exploits0References6
CISA
CISA
added 2025/09/16 12:0 p.m.6 views

CISA Releases Eight Industrial Control Systems Advisories

CISA released eight Industrial Control Systems ICS advisories on September 16, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-259-01 Schneider Electric Altivar Products, ATVdPAC Module, ILC992 InterLink...

6.6AI score
Exploits0References8
CISA
CISA
added 2025/08/26 12:0 p.m.6 views

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on August 26, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-238-01 INVT VT-Designer and HMITool ICSA-25-238-03 Schneider Electric Modicon M340...

7AI score
Exploits0References3
CISA
CISA
added 2025/08/22 12:0 p.m.6 views

CISA Requests Public Comment for Updated Guidance on Software Bill of Materials

CISA released updated guidance for the Minimum Elements for a Software Bill of Materials SBOM for public comment—comment period begins today and concludes on October 3, 2025. These updates build on the 2021 version of the National Telecommunications and Information Administration SBOM Minimum...

7.2AI score
Exploits0References2
CISA
CISA
added 2025/08/18 12:0 p.m.6 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-54948link is external Trend Micro Apex One OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber...

9.8CVSS7.7AI score0.2079EPSS
Exploits0References6
CISA
CISA
added 2025/08/14 12:0 p.m.6 views

CISA Releases Thirty-Two Industrial Control Systems Advisories

CISA released thirty-two Industrial Control Systems ICS advisories on August 14, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-226-01 Siemens SIMATIC RTLS Locating Manager ICSA-25-226-02 Siemens COMOS...

6.9AI score
Exploits0References32
CISA
CISA
added 2025/08/05 12:0 p.m.6 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on August 5, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-217-01 Mitsubishi Electric Iconics Digital Solutions Multiple Products ICSA-25-217-02 Ti...

7.1AI score
Exploits0References2
CISA
CISA
added 2025/07/29 12:0 p.m.6 views

CISA Releases Part One of Zero Trust Microsegmentation Guidance

CISA released Microsegmentation in Zero Trust, Part One: Introduction and Planning as part of its ongoing efforts to support Federal Civilian Executive Branch FCEB agencies implementing zero trust architectures ZTAs. This guidance provides a high-level overview of microsegmentation, focusing on i...

7.1AI score
Exploits0References2
CISA
CISA
added 2025/07/22 12:0 p.m.6 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-49704link is external Microsoft SharePoint Code Injection Vulnerability CVE-2025-49706link is external Microsoft SharePoint Improper Authentication...

8.8CVSS7.8AI score0.99907EPSS
Exploits9References7
CISA
CISA
added 2025/06/16 12:0 p.m.6 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-43200link is external Apple Multiple Products Unspecified Vulnerability CVE-2023-33538link is external TP-Link Multiple Routers Command Injection...

8.8CVSS7.5AI score0.41874EPSS
Exploits3References7
CISA
CISA
added 2025/05/22 12:0 p.m.6 views

Advisory Update on Cyber Threat Activity Targeting Commvault’s SaaS Cloud Application (Metallic)

Commvault is monitoring cyber threat activity targeting their applications hosted in their Microsoft Azure cloud environment. Threat actors may have accessed client secrets for Commvault’s Metallic Microsoft 365 M365 backup software-as-a-service SaaS solution, hosted in Azure. This provided the...

8.8CVSS7.3AI score0.01932EPSS
Exploits0References17
CISA
CISA
added 2025/05/07 12:0 p.m.6 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-6047link is external GeoVision Devices OS Command Injection Vulnerability CVE-2024-11120link is external GeoVision Devices OS Command Injection Vulnerability...

9.8CVSS7.8AI score0.28554EPSS
Exploits2References7
CISA
CISA
added 2025/05/02 12:0 p.m.6 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-34028link is external Commvault Command Center Path Traversal Vulnerability CVE-2024-58136link is external Yiiframework Yii Improper Protection of Alternate Pa...

10CVSS7.4AI score0.97292EPSS
Exploits6References7
CISA
CISA
added 2025/03/28 12:0 p.m.6 views

CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure

CISA has published a Malware Analysis Report MAR with analysis and associated detection signatures on a new malware variant CISA has identified as RESURGE. RESURGE contains capabilities of the SPAWNCHIMERA1link is external malware variant, including surviving reboots; however, RESURGE contains...

9CVSS7.6AI score0.99971EPSS
Exploits13References11
CISA
CISA
added 2025/03/27 12:0 p.m.6 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on March 27, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-037-01 Schneider Electric EcoStruxure Power Monitoring Expert PME Update A CISA encourages...

7AI score
Exploits0References1
CISA
CISA
added 2025/03/20 12:0 p.m.6 views

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on March 20, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-079-01 Schneider Electric EcoStruxure™ ICSA-25-079-02 Schneider Electric Enerlin’X IFE...

7AI score
Exploits0References5
CISA
CISA
added 2025/02/18 12:0 p.m.6 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-0108link is external Palo Alto PAN-OS Authentication Bypass Vulnerability CVE-2024-53704link is external SonicWall SonicOS SSLVPN Improper Authentication...

9.8CVSS7.4AI score0.98417EPSS
Exploits8References7
CISA
CISA
added 2025/01/21 12:0 p.m.6 views

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on January 21, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-021-01 Traffic Alert and Collision Avoidance System TCAS II ICSA-25-021-02 Siemens...

7.1AI score
Exploits0References3
CISA
CISA
added 2025/01/13 12:0 p.m.6 views

CISA and US and International Partners Publish Guidance on Priority Considerations in Product Selection for OT Owners and Operators

Today, CISA—along with U.S. and international partners—released joint guidance Secure by Demand: Priority Considerations for Operational Technology Owners and Operators when Selecting Digital Products. As part of CISA’s Secure by Demand series, this guidance focuses on helping customers identify...

6.9AI score
Exploits0References3
CISA
CISA
added 2024/12/10 12:0 p.m.6 views

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven Industrial Control Systems ICS advisories on December 10, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-345-01 MOBATIME Network Master Clock ICSA-24-345-02 Schneider Electric EcoStruxure...

7.1AI score
Exploits0References7
CISA
CISA
added 2024/12/10 12:0 p.m.6 views

Adobe Releases Security Updates for Multiple Products

Adobe released security updates to address vulnerabilities in multiple Adobe software products including Adobe Acrobat, Adobe Illustrator, and Adobe InDesign. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and...

7.6AI score
Exploits0References1
CISA
CISA
added 2024/11/20 12:0 p.m.6 views

Apple Releases Security Updates for Multiple Products

Apple released security updates to address vulnerabilities in multiple Apple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply necessary updates: i...

6.9AI score
Exploits0References5
CISA
CISA
added 2024/11/20 12:0 p.m.6 views

USDA Releases Success Story Detailing the Implementation of Phishing-Resistant Multi-Factor Authentication

Today, the Cybersecurity and Infrastructure Security Agency CISA and the U.S. Department of Agriculture USDA released Phishing-Resistant Multi-Factor Authentication MFA Success Story: USDA’s FIDO Implementation. This report details how USDA successfully implemented phishing-resistant authenticati...

7.2AI score
Exploits0References3
CISA
CISA
added 2024/11/12 12:0 p.m.6 views

Fortinet Releases Security Updates for Multiple Products

Fortinet has released security updates to address vulnerabilities in multiple products, including FortiOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply...

7.7AI score
Exploits0References4
CISA
CISA
added 2024/11/12 12:0 p.m.6 views

Ivanti Releases Security Updates for Multiple Products

Ivanti released security updates to address vulnerabilities in Ivanti Endpoint Manager EPM, Ivanti Avalanche, Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Security Access Client. CISA encourages users and administrators to review the following Ivanti security advisories and apply the...

7.4AI score
Exploits0References3
CISA
CISA
added 2024/11/12 12:0 p.m.6 views

Microsoft Releases November 2024 Security Updates

Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessary updates: Microsoft...

7.6AI score
Exploits0References1
CISA
CISA
added 2024/10/16 12:0 p.m.6 views

CISA and FBI Release Joint Guidance on Product Security Bad Practices for Public Comment

Today, the Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI released joint guidance on Product Security Bad Practices, a part of CISA’s Secure by Design initiative. This joint guidance supplies an overview of exceptionally risky product security ba...

7AI score
Exploits0References4
CISA
CISA
added 2024/09/26 12:0 p.m.6 views

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on September 26, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-270-01 Advantech ADAM-5550 ICSA-24-270-02 Advantech ADAM-5630 ICSA-24-270-03 Atelmo...

7AI score
Exploits0References5
CISA
CISA
added 2024/09/25 12:0 p.m.6 views

Threat Actors Continue to Exploit OT/ICS through Unsophisticated Means

CISA continues to respond to active exploitation of internet-accessible operational technology OT and industrial control systems ICS devices, including those in the Water and Wastewater Systems WWS Sector. Exposed and vulnerable OT/ICS systems may allow cyber threat actors to use default...

7AI score
Exploits0References4
CISA
CISA
added 2024/09/19 12:0 p.m.6 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-8963link is external Ivanti Cloud Services Appliance CSA Path Traversal Vulnerability These types of vulnerabilities are frequent attack vectors for malicious...

9.4CVSS7.3AI score0.98557EPSS
Exploits2References6
CISA
CISA
added 2024/09/12 12:0 p.m.6 views

Cisco Releases Security Updates for IOS XR Software

Cisco released security updates to address vulnerabilities in Cisco ISO XR software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary updates:...

7.5AI score
Exploits0References1
CISA
CISA
added 2024/09/05 12:0 p.m.6 views

FBI, CISA, NSA, and US and International Partners Release Advisory on Russian Military Cyber Actors Targeting US and Global Critical Infrastructure

Today, the Federal Bureau of Investigation FBI—in partnership with CISA, the National Security Agency NSA, and other U.S. and international partners—released a joint Cybersecurity Advisory Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure. This advisory provides...

6.9AI score
Exploits0References5
CISA
CISA
added 2024/08/21 12:0 p.m.6 views

ASD’s ACSC, CISA, FBI, and NSA, with the support of International Partners Release Best Practices for Event Logging and Threat Detection

Today, the Australian Signals Directorate’s Australian Cyber Security Centre ASD’s ACSC, CISA, FBI, NSA, and international partners are releasing Best Practices for Event Logging and Threat Detectionlink is external. This guide will assist organizations in defining a baseline for event logging to...

6.9AI score
Exploits0References6
CISA
CISA
added 2024/08/15 12:0 p.m.6 views

CISA Releases Eleven Industrial Control Systems Advisories

CISA released eleven Industrial Control Systems ICS advisories on August 15, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-228-01 Siemens SCALANCE M-800, RUGGEDCOM RM1224 ICSA-24-228-02 Siemens INTRALOG WMS...

7AI score
Exploits0References11
CISA
CISA
added 2024/08/14 12:0 p.m.6 views

Adobe Releases Security Updates for Multiple Products

Adobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the...

7.6AI score
Exploits0References11
CISA
CISA
added 2024/08/07 12:0 p.m.6 views

Royal Ransomware Actors Rebrand as “BlackSuit,” FBI and CISA Release Update to Advisory

Today, CISA—in partnership with the Federal Bureau of Investigation FBI—released an update to joint Cybersecurity Advisory StopRansomware: Royal Ransomware, StopRansomware: BlackSuit Royal Ransomware. The updated advisory provides network defenders with recent and historically observed tactics,...

7.1AI score
Exploits0References6
CISA
CISA
added 2024/07/25 12:0 p.m.6 views

FBI, CISA, and Partners Release Advisory Highlighting North Korean Cyber Espionage Activity

Today, CISA—in partnership with the Federal Bureau of Investigation FBI—released a joint Cybersecurity Advisory,North Korea State-Sponsored Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs. The advisory was coauthored with the following organization...

6.8AI score
Exploits0References4
CISA
CISA
added 2024/07/25 12:0 p.m.6 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on July 25, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-207-01 Siemens SICAM Products ICSA-24-207-02 Positron Broadcast Signal Processor CISA...

7.1AI score
Exploits0References2
CISA
CISA
added 2024/07/23 12:0 p.m.6 views

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on July 23, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-205-01 National Instruments IO Trace ICSA-24-205-02 Hitachi Energy AFS/AFR Series Produc...

7AI score
Exploits0References4
CISA
CISA
added 2024/07/18 12:0 p.m.6 views

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on July 18, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-200-01 Mitsubishi Electric MELSOFT MaiLab ICSA-24-200-02 Subnet Solutions PowerSYSTEM...

7AI score
Exploits0References3
CISA
CISA
added 2024/07/09 12:0 p.m.6 views

Adobe Releases Security Updates for Multiple Products

Adobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply...

7.7AI score
Exploits0References3
CISA
CISA
added 2024/07/02 12:0 p.m.6 views

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven Industrial Control Systems ICS advisories on July 2, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-184-01 Johnson Controls Kantech Door Controllers ICSA-24-184-02 mySCADA myPRO...

7AI score
Exploits0References7
CISA
CISA
added 2024/06/20 12:0 p.m.6 views

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on June 20, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-172-01 Yokogawa CENTUM ICSA-24-172-02 CAREL Boss-Mini ICSA-24-172-03 Westermo L210-F2G...

7AI score
Exploits0References3
CISA
CISA
added 2024/06/18 12:0 p.m.6 views

Phone Scammers Impersonating CISA Employees

Impersonation scams are on the rise and often use the names and titles of government employees. The Cybersecurity and Infrastructure Security Agency CISA is aware of recent impersonation scammers claiming to represent the agency. As a reminder, although CISA staff will occasionally contact...

7.1AI score
Exploits0
CISA
CISA
added 2024/06/13 12:0 p.m.6 views

CISA Releases Twenty Industrial Control Systems Advisories

CISA released twenty Industrial Control Systems ICS advisories on June 13, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-165-01 Siemens Mendix Applications ICSA-24-165-02 Siemens SIMATIC S7-200 SMART Devices...

7AI score
Exploits0References20
CISA
CISA
added 2024/06/11 12:0 p.m.6 views

Microsoft Releases June 2024 Security Updates

Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following advisory and apply the necessary updates...

7.6AI score
Exploits0References1
CISA
CISA
added 2024/06/04 12:0 p.m.6 views

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on June 4, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-156-01 Uniview NVR301-04S2-P4 ICSA-23-278-03 Mitsubishi Electric CC-Link IE TSN Industria...

7AI score
Exploits0References4
CISA
CISA
added 2024/05/21 12:0 p.m.6 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on May 21, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-142-01 LCDS LAquis SCADA CISA encourages users and administrators to review newly released I...

7AI score
Exploits0References1
CISA
CISA
added 2024/05/21 12:0 p.m.6 views

Rockwell Automation Encourages Customers to Assess and Secure Public-Internet-Exposed Assets

Rockwell Automation has released guidance encouraging users to remove connectivity on all Industrial Control Systems ICS devices connected to the public-facing internet to reduce exposure to unauthorized or malicious cyber activity. Users and administrators are encouraged review the following...

7.4AI score
Exploits0References1
CISA
CISA
added 2024/05/01 12:0 p.m.6 views

CERT/CC Reports R Programming Language Vulnerability

CERT Coordination Center CERT/CC has released information on a vulnerability in R programming language implementations CVE-2024-27322link is external. A cyber threat actor could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review the...

8.8CVSS8.7AI score0.23618EPSS
Exploits0References4
Total number of security vulnerabilities4188