4188 matches found
CISA Releases Eight Industrial Control Systems Advisories
CISA released eight Industrial Control Systems ICS advisories on December 3, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-338-01 Ruijie Reyee OS ICSA-24-338-02 Siemens RUGGEDCOM APE1808 ICSA-24-338-03 Open...
USDA Releases Success Story Detailing the Implementation of Phishing-Resistant Multifactor Authentication
Today, the Cybersecurity and Infrastructure Security Agency CISA and the U.S. Department of Agriculture USDA released Phishing-Resistant Multifactor Authentication MFA Success Story: USDA’s FIDO Implementation. This report details how USDA successfully implemented phishing-resistant authenticatio...
CISA and Partners Release Update to BianLian Ransomware Cybersecurity Advisory
Today, CISA, the Federal Bureau of Investigation FBI, and the Australian Signals Directorate’s Australian Cyber Security Centre ASD’s ACSC released updates to StopRansomware: BianLian Ransomware Group on observed tactics, techniques, and procedures TTPs and indicators of compromise attributed to...
2024 CWE Top 25 Most Dangerous Software Weaknesses
The Cybersecurity and Infrastructure Security Agency CISA, in collaboration with the Homeland Security Systems Engineering and Development Institute HSSEDI, operated by MITRE, has released the 2024 CWE Top 25 Most Dangerous Software Weaknesseslink is external. This annual list identifies the most...
Palo Alto Networks Emphasizes Hardening Guidance
Updated November 15, 2024 Palo Alto Networks PAN has updated their informational bulletin, noting they "observed threat activity exploiting an unauthenticated remote command execution vulnerability against a limited number of firewall management interfaces which are exposed to the Internet." CISA...
CISA Releases Nineteen Industrial Control Systems Advisories
CISA released nineteen Industrial Control Systems ICS advisories on November 14, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-319-01 Siemens RUGGEDCOM CROSSBOW ICSA-24-319-02 Siemens SIPORT ICSA-24-319-03...
JCDC’s Collaborative Efforts Enhance Cybersecurity for the 2024 Olympic and Paralympic Games
The Cybersecurity and Infrastructure Security Agency CISA, through the Joint Cyber Defense Collaborative JCDC, enabled proactive coordination and information sharing to bolster cybersecurity ahead of the 2024 Olympic and Paralympic Games in Paris. Recognizing the potential for cyber threats...
Ivanti Releases Security Updates for Multiple Products
Ivanti released security updates to address vulnerabilities in Ivanti Endpoint Manager EPM, Ivanti Avalanche, Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Security Access Client. CISA encourages users and administrators to review the following Ivanti security advisories and apply the...
CISA, FBI, NSA, and International Partners Release Joint Advisory on 2023 Top Routinely Exploited Vulnerabilities
Today, the Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, National Security Agency NSA, and international partners released joint Cybersecurity Advisory, 2023 Top Routinely Exploited Vulnerabilities. This advisory supplies details on the top Common...
Fortinet Releases Security Updates for Multiple Products
Fortinet has released security updates to address vulnerabilities in multiple products, including FortiOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply...
CISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems ICS advisories on October 29, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-303-01 Siemens InterMesh Subscriber Devices ICSA-24-303-02 Solar-Log Base 15...
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems ICS advisories on October 24, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-298-01 VIMESA VHF/FM Transmitter Blue Plus ICSA-24-298-02 iniNet Solutions...
CISA, US, and International Partners Release Joint Guidance to Assist Software Manufacturers with Safe Software Deployment Processes
Today, CISA—along with U.S. and international partners—released joint guidance, Safe Software Deployment: How Software Manufacturers Can Ensure Reliability for Customers. This guide aids software manufacturers in establishing secure software deployment processes to help ensure software is reliabl...
Oracle Releases Quarterly Critical Patch Update Advisory for October 2024
Oracle released its quarterly Critical Patch Update Advisory for October 2024 to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following...
CISA and FBI Release Joint Guidance on Product Security Bad Practices for Public Comment
Today, the Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI released joint guidance on Product Security Bad Practices, a part of CISA’s Secure by Design initiative. This joint guidance supplies an overview of exceptionally risky product security ba...
CISA Releases Twenty-One Industrial Control Systems Advisories
CISA released twenty-one Industrial Control Systems ICS advisories on October 10, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-284-01 Siemens SIMATIC S7-1500 and S7-1200 CPUs ICSA-24-284-02 Siemens Simcente...
Adobe Releases Security Updates for Multiple Products
Adobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the...
Microsoft Releases October 2024 Security Updates
Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessary updates: Microsoft...
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems ICS advisories on October 1, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-275-01 Optigo Networks ONS-S8 Spectra Aggregation Switch ICSA-24-275-02 Mitsubishi...
Cisco Releases Security Updates for IOS and IOS XE Software
Cisco released its September 2024 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication to address vulnerabilities in IOS and IOS XE. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and...
CISA Releases Five Industrial Control Systems Advisories
CISA released five Industrial Control Systems ICS advisories on September 26, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-270-01 Advantech ADAM-5550 ICSA-24-270-02 Advantech ADAM-5630 ICSA-24-270-03 Atelmo...
Cisco Releases Security Updates for IOS XR Software
Cisco released security updates to address vulnerabilities in Cisco ISO XR software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary updates:...
Adobe Releases Security Updates for Multiple Products
Adobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the...
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems ICS advisory on September 10, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-254-01 Viessmann Climate Solutions SE Vitogate 300 ICSA-24-254-02 iniNet Solutions...
FBI, CISA, NSA, and US and International Partners Release Advisory on Russian Military Cyber Actors Targeting US and Global Critical Infrastructure
Today, the Federal Bureau of Investigation FBI—in partnership with CISA, the National Security Agency NSA, and other U.S. and international partners—released a joint Cybersecurity Advisory Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure. This advisory provides...
CISA Releases Five Industrial Control Systems Advisories
CISA released five Industrial Control Systems ICS advisories on August 22, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-235-01 Rockwell Automation Emulate3D ICSA-24-235-02 Rockwell Automation 5015 – AENFTXT...
ASD’s ACSC, CISA, FBI, and NSA, with the support of International Partners Release Best Practices for Event Logging and Threat Detection
Today, the Australian Signals Directorate’s Australian Cyber Security Centre ASD’s ACSC, CISA, FBI, NSA, and international partners are releasing Best Practices for Event Logging and Threat Detectionlink is external. This guide will assist organizations in defining a baseline for event logging to...
CISA Releases Ten Industrial Control Systems Advisories
CISA released ten Industrial Control Systems ICS advisories on August 13, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-226-01 AVEVA SuiteLink Server ICSA-24-226-02 Rockwell Automation AADvance Standalone...
CISA Releases Nine Industrial Control Systems Advisories
CISA released nine Industrial Control Systems ICS advisories on August 1, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-214-01 Johnson Controls exacqVision Client and exacqVision Server ICSA-24-214-02 Johnso...
DigiCert Certificate Revocations
Update 9:00 a.m., EDT, July 31, 2024: DigiCert has provided updated information and revocation timelines which can be found by visiting: https://status.digicert.com/link is external CISA encourages customers to contact DigiCert if unable to reissue/rekey certificates by the updated revocation...
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems ICS advisories on July 25, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-207-01 Siemens SICAM Products ICSA-24-207-02 Positron Broadcast Signal Processor CISA...
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems ICS advisories on July 23, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-205-01 National Instruments IO Trace ICSA-24-205-02 Hitachi Energy AFS/AFR Series Produc...
CISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems ICS advisories on July 18, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-200-01 Mitsubishi Electric MELSOFT MaiLab ICSA-24-200-02 Subnet Solutions PowerSYSTEM...
CISA Releases One Industrial Control Systems Advisory
CISA released one Industrial Control Systems ICS advisory on July 16, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-198-01 Rockwell Automation Pavilion 8 CISA encourages users and administrators to review th...
CISA Releases Twenty-one Industrial Control Systems Advisories
CISA released twenty-one Industrial Control Systems ICS advisories on July 11, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-193-01 Siemens Remote Connect Server ICSA-24-193-02 Siemens RUGGEDCOM APE 1808...
CISA and Partners Release Guidance for Exploring Memory Safety in Critical Open Source Projects
Today, CISA, in partnership with the Federal Bureau of Investigation, Australian Signals Directorate’s Australian Cyber Security Centre, and Canadian Cyber Security Center, released Exploring Memory Safety in Critical Open Source Projects. This guidance was crafted to provide organizations with...
CISA Releases Guidance on Single Sign-On (SSO) Adoption for Small and Medium-Sized Businesses: (SMBs)
Today, CISA released Barriers to Single Sign-On SSO Adoption for Small and Medium-Sized Businesses: Identifying Challenges and Opportunities, a detailed report exploring challenges to SSO adoption by small and medium-sized businesses SMBs. The report also identifies potential ways to overcome the...
CISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems ICS advisories on June 20, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-172-01 Yokogawa CENTUM ICSA-24-172-02 CAREL Boss-Mini ICSA-24-172-03 Westermo L210-F2G...
CISA Releases Twenty Industrial Control Systems Advisories
CISA released twenty Industrial Control Systems ICS advisories on June 13, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-165-01 Siemens Mendix Applications ICSA-24-165-02 Siemens SIMATIC S7-200 SMART Devices...
Fortinet Releases Security Updates for FortiOS
Fortinet has released security updates to address a vulnerability in FortiOS. A cyber threat actor could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review the following Fortinet Security Bulletin and apply the necessary updates:...
Microsoft Releases June 2024 Security Updates
Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following advisory and apply the necessary updates...
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems ICS advisories on June 4, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-156-01 Uniview NVR301-04S2-P4 ICSA-23-278-03 Mitsubishi Electric CC-Link IE TSN Industria...
CISA Releases Seven Industrial Control Systems Advisories
CISA released seven Industrial Control Systems ICS advisories on May 30, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-151-01 LenelS2 NetBox ICSA-24-151-02 Fuji Electric Monitouch V-SFT ICSA-24-151-03 Inosof...
CISA Releases One Industrial Control Systems Advisory
CISA released one Industrial Control Systems ICS advisory on May 21, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-142-01 LCDS LAquis SCADA CISA encourages users and administrators to review newly released I...
CISA Releases Seventeen Industrial Control Systems Advisories
CISA released seventeen Industrial Control Systems ICS advisories on May 16, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-137-01 Siemens Parasolid ICSA-24-137-02 Siemens SICAM Products ICSA-24-137-03 Siemen...
Adobe Releases Security Updates for Multiple Products
Adobe has released security updates to address vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following Adobe Security Bulletins and apply necessary...
ASD’s ACSC, CISA, and Partners Release Secure by Design Guidance on Choosing Secure and Verifiable Technologies
Today, the Australian Signals Directorate’s Australian Cyber Security Centre ASD’s ACSC, together with CISA, the Canadian Centre for Cyber Security CCCS, the United Kingdom’s National Cyber Security Centre NCSC-UK, and the New Zealand National Cyber Security Centre NCSC-NZ are releasing the...
CISA Releases Eight Industrial Control Systems Advisories
CISA released eight Industrial Control Systems ICS advisories on April 25, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-116-01 Multiple Vulnerabilities in Hitachi Energy RTU500 Series ICSA-24-116-02 Hitachi...
CISA and Partners Release Advisory on Akira Ransomware
Today, CISA, the Federal Bureau of Investigation FBI, Europol’s European Cybercrime Centre EC3, and the Netherlands’ National Cyber Security Centre NCSC-NL released a joint Cybersecurity Advisory CSA, StopRansomware: Akira Ransomware, to disseminate known Akira ransomware tactics, techniques, and...
Oracle Releases Critical Patch Update Advisory for April 2024
Oracle released its quarterly Critical Patch Update Advisory for April 2024 to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following...