Lucene search
K
CisaMost viewed

4188 matches found

CISA
CISA
added 2023/07/06 12:0 p.m.6 views

CISA and Partners Release Joint Cybersecurity Advisory on Newly Identified Truebot Malware Variants

Today, the Cybersecurity and Infrastructure Security Agency CISA, Federal Bureau of Investigations FBI, the Multi-State Information Sharing and Analysis Center MS-ISAC, and the Canadian Centre for Cyber Security CCCS released a joint Cybersecurity Advisory CSA, Increased Truebot Activity Infects...

9.8CVSS7.1AI score0.36009EPSS
Exploits1References9
CISA
CISA
added 2023/06/22 12:0 p.m.6 views

CISA Adds Six Known Exploited Vulnerabilities to Catalog

CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-20887 VMware Aria Operations for Networks Command Injection Vulnerability CVE-2020-35730 Roundcube Webmail Cross-Site Scripting XSS Vulnerability CVE-2020-1264...

9.8CVSS8.2AI score0.98281EPSS
Exploits24References11
CISA
CISA
added 2023/06/14 12:0 p.m.6 views

CISA and Partners Release Joint Advisory on Understanding Ransomware Threat Actors: LockBit

Today, CISA, the Federal Bureau of Investigation FBI, the Multi-State Information Sharing and Analysis Center MS-ISAC, and international partners released Understanding Ransomware Threat Actors: LockBit, a joint Cybersecurity Advisory CSA to help organizations understand and defend against threat...

7.4AI score
Exploits0References2
CISA
CISA
added 2023/06/13 12:0 p.m.6 views

CISA Issues BOD 23-02: Mitigating the Risk from Internet-Exposed Management Interfaces

Today, CISA issued Binding Operational Directive BOD 23-02: Mitigating the Risk from Internet-Exposed Management Interfaces, requiring Federal Civilian Executive Branch FCEB agencies to reduce risks posed by internet-exposed networked management interfaces on federal information systems. This...

6.8AI score
Exploits0References3
CISA
CISA
added 2023/06/01 12:0 p.m.6 views

Progress Software Releases Security Advisory for MOVEit Transfer

Progress Software has released a security advisorylink is external for a SQL injection vulnerability CVE-2023-34362link is external in MOVEit Transfer—a Managed File Transfer Softwarelink is external. A cyber threat actor could exploit this vulnerability to take over an affected system. CISA urge...

9.8CVSS8.1AI score0.99934EPSS
Exploits15References4
CISA
CISA
added 2023/05/23 12:0 p.m.6 views

CISA and Partners Update the #StopRansomware Guide, Developed through the Joint Ransomware Task Force (JRTF)

Today, CISA, the Federal Bureau of Investigation FBI, the National Security Agency NSA, and the Multi-State Information Sharing and Analysis Center MS-ISAC published an updated version of the StopRansomware Guide, as ransomware actors have accelerated their tactics and techniques since its initia...

6.9AI score
Exploits0References8
CISA
CISA
added 2023/05/12 12:0 p.m.6 views

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-25717 Multiple Ruckus Wireless Products CSRF and RCE Vulnerability CVE-2021-3560 Red Hat Polkit Incorrect Authorization Vulnerability CVE-2014-0196 Linux...

10CVSS7.7AI score0.95326EPSS
Exploits62References12
CISA
CISA
added 2023/04/13 12:0 p.m.6 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-20963 Android Framework Privilege Escalation Vulnerability CVE-2023-29492 Novi Survey Insecure Deserialization Vulnerability These types of vulnerabilities are...

9.8CVSS8.3AI score0.0269EPSS
Exploits0References7
CISA
CISA
added 2023/04/11 12:0 p.m.6 views

Microsoft Releases April 2023 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s April 2023 Security Update Guidelink is external an...

7.5AI score
Exploits0References2
CISA
CISA
added 2023/01/10 12:0 a.m.6 views

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address multiple vulnerabilities in Adobe software. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessa...

1.8AI score
Exploits0References4
CISA
CISA
added 2020/10/22 12:0 a.m.6 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Cis...

7.1AI score
Exploits0References1
CISA
CISA
added 2020/10/13 12:0 a.m.6 views

Microsoft Releases October 2020 Security Updates

Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review Microsoft’s...

7AI score
Exploits0References2
CISA
CISA
added 2020/10/01 12:0 a.m.6 views

October is National Cybersecurity Awareness Month

October is National Cybersecurity Awareness Month NCSAM, which is a collaborative effort between the Cybersecurity and Infrastructure Security Agency CISA and its public and private partners—including the National Cyber Security Alliance—to ensure every American has the resources they need to sta...

6.8AI score
Exploits0References1
CISA
CISA
added 2020/07/23 12:0 a.m.6 views

Cisco Releases Security Updates for ASA and FTD Software

Cisco has released security updates to address a vulnerability in Adaptive Security Appliance ASA Software and Firepower Threat Defense FTD Software Web Service. A remote attacker could exploit this vulnerability to obtain sensitive information. The Cybersecurity and Infrastructure Security Agenc...

6.4AI score
Exploits0References1
CISA
CISA
added 2020/03/16 12:0 a.m.6 views

VMware Releases Security Updates for Multiple Products

VMware has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review VMware Security...

7.1AI score
Exploits0References2
CISA
CISA
added 2020/01/08 12:0 a.m.6 views

Mozilla Releases Security Updates for Firefox and Firefox ESR

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...

7.2AI score
Exploits0References2
CISA
CISA
added 2019/07/31 12:0 a.m.6 views

Google Releases Security Updates for Chrome

Google has released Chrome version 76.0.3809.87 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to revie...

7.1AI score
Exploits0References1
CISA
CISA
added 2019/07/22 12:0 a.m.6 views

Apple Releases Multiple Security Updates

Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the App...

7AI score
Exploits0References5
CISA
CISA
added 2011/02/08 12:0 a.m.6 views

Microsoft Releases February Security Bulletin

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, and Office as part of the Microsoft Security Bulletin Summary for February 2011. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain...

7.3AI score
Exploits0References1
CISA
CISA
added 2025/09/29 12:0 p.m.5 views

CISA Strengthens Commitment to SLTT Governments

The Cybersecurity and Infrastructure Security Agency CISA announced that it has transitioned to a new model to better equip state, local, tribal, and territorial SLTT governments to strengthen shared responsibility nationwide. CISA is supporting our SLTT partners with access to grant funding,...

6.5AI score
Exploits0References6
CISA
CISA
added 2025/09/25 12:0 p.m.5 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on September 25, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-268-01 Dingtian DT-R002 CISA encourages users and administrators to review newly...

6.6AI score
Exploits0References1
CISA
CISA
added 2025/09/22 12:0 p.m.5 views

SonicWall Releases Advisory for Customers after Security Incident

SonicWall released a security advisory to assist their customers with protecting systems impacted by the MySonicWall cloud backup file incident. SonicWall’s investigation found that a malicious actor performed a series of brute force techniques against their MySonicWall.com web portal to gain...

6.6AI score
Exploits0References3
CISA
CISA
added 2025/09/11 12:0 p.m.5 views

CISA Releases Eleven Industrial Control Systems Advisories

CISA released eleven Industrial Control Systems ICS advisories on September 11, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-254-01 Siemens SIMOTION Tools ICSA-25-254-02 Siemens SIMATIC Virtualization as a...

6.6AI score
Exploits0References11
CISA
CISA
added 2025/09/09 12:0 p.m.5 views

CISA Releases Fourteen Industrial Control Systems Advisories

CISA released fourteen Industrial Control Systems ICS advisories on September 9, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-252-01 Rockwell Automation ThinManager ICSA-25-252-02 ABB Cylon Aspect BMS/BAS...

6.5AI score
Exploits0References14
CISA
CISA
added 2025/09/04 12:0 p.m.5 views

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on September 4, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-247-01 Honeywell OneWireless Wireless Device Manager WDM ICSA-25-217-01 Mitsubishi...

6.8AI score
Exploits0References5
CISA
CISA
added 2025/08/21 12:0 p.m.5 views

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on August 21, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-233-01 Mitsubishi Electric Corporation MELSEC iQ-F Series CPU Module ICSA-25-177-01...

7AI score
Exploits0References3
CISA
CISA
added 2025/08/19 12:0 p.m.5 views

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on August 19, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-231-01 Siemens Desigo CC Product Family and SENTRON Powermanager ICSA-25-231-02 Siemen...

7.1AI score
Exploits0References4
CISA
CISA
added 2025/08/05 12:0 p.m.5 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on August 5, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-217-01 Mitsubishi Electric Iconics Digital Solutions Multiple Products ICSA-25-217-02 Ti...

7.1AI score
Exploits0References2
CISA
CISA
added 2025/07/31 12:0 p.m.5 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on July 31, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-212-01 Güralp FMUS Series Seismic Monitoring Devices ICSA-25-212-02 Rockwell Automation...

7AI score
Exploits0References2
CISA
CISA
added 2025/07/31 12:0 p.m.5 views

CISA and USCG Issue Joint Advisory to Strengthen Cyber Hygiene in Critical Infrastructure

CISA, in partnership with the U.S. Coast Guard USCG, released a joint Cybersecurity Advisory aimed at helping critical infrastructure organizations improve their cyber hygiene. This follows a proactive threat hunt engagement conducted at a U.S. critical infrastructure facility. During this...

7.1AI score
Exploits0References1
CISA
CISA
added 2025/07/30 12:0 p.m.5 views

Eviction Strategies Tool Released

Today, CISA released the Eviction Strategies Tool to provide cyber defenders with critical support and assistance during the containment and eviction phases of incident response. This tool includes: Cyber Eviction Strategies Playbook Next Generation Playbook-NG : A web-based application for...

7.4AI score
Exploits0References4
CISA
CISA
added 2025/07/29 12:0 p.m.5 views

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on July 29, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-210-01 National Instruments LabVIEW ICSA-25-210-02 Samsung HVAC DMS ICSA-25-210-03 Delta...

7.1AI score
Exploits0References5
CISA
CISA
added 2025/07/15 12:0 p.m.5 views

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on July 15, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-196-01 Hitachi Energy Asset Suite ICSA-25-196-02 ABB RMC-100 ICSA-25-196-03 LITEON IC48A...

7AI score
Exploits0References6
CISA
CISA
added 2025/07/10 12:0 p.m.5 views

CISA Releases Thirteen Industrial Control Systems Advisories

CISA released thirteen Industrial Control Systems ICS advisories on July 10, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-191-01 Siemens SINEC NMS ICSA-25-191-02 Siemens Solid Edge ICSA-25-191-03 Siemens TI...

7.1AI score
Exploits0References13
CISA
CISA
added 2025/06/24 12:0 p.m.5 views

New Guidance Released for Reducing Memory-Related Vulnerabilities

Today, CISA, in partnership with the National Security Agency NSA, released a joint guide on reducing memory-related vulnerabilities in modern software development. Memory safety vulnerabilities pose serious risks to national security and critical infrastructure. Adopting memory safe languages MS...

7.6AI score
Exploits0References4
CISA
CISA
added 2025/06/05 12:0 p.m.5 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-5419link is external Google Chromium V8 Out-of-Bounds Read and Write Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber...

8.8CVSS7.3AI score0.0645EPSS
Exploits3References6
CISA
CISA
added 2025/05/22 12:0 p.m.5 views

New Best Practices Guide for Securing AI Data Released

Today, CISA, the National Security Agency, the Federal Bureau of Investigation, and international partners released a joint Cybersecurity Information Sheet on AI Data Security: Best Practices for Securing Data Used to Train & Operate AI Systems. This information sheet highlights the critical role...

7.1AI score
Exploits0References2
CISA
CISA
added 2025/05/21 12:0 p.m.5 views

Threat Actors Target U.S. Critical Infrastructure with LummaC2 Malware

Today, CISA and the Federal Bureau of Investigation released a joint Cybersecurity Advisory, LummaC2 Malware Targeting U.S. Critical Infrastructure Sectors. This advisory details the tactics, techniques, and procedures, and indicators of compromise IOCs linked to threat actors deploying LummaC2...

7.2AI score
Exploits0References1
CISA
CISA
added 2025/05/20 12:0 p.m.5 views

CISA Releases Thirteen Industrial Control Systems Advisories

CISA released thirteen Industrial Control Systems ICS advisories on May 20, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-140-01 ABUP IoT Cloud Platform ICSA-25-140-02 National Instruments Circuit Design Sui...

7AI score
Exploits0References13
CISA
CISA
added 2025/05/06 12:0 p.m.5 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-27363link is external FreeType Out-of-Bounds Write Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

8.1CVSS7.3AI score0.26049EPSS
Exploits1References6
CISA
CISA
added 2025/04/22 12:0 p.m.5 views

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on April 22, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-112-01 Siemens TeleControl Server Basic SQL ICSA-25-112-02 Siemens TeleControl Server...

7AI score
Exploits0References5
CISA
CISA
added 2025/04/16 12:0 p.m.5 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2021-20035link is external SonicWall SMA100 Appliances OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyb...

6.8CVSS7.8AI score0.0389EPSS
Exploits0References6
CISA
CISA
added 2025/04/09 12:0 p.m.5 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-53197link is external Linux Kernel Out-of-Bounds Access Vulnerability CVE-2024-53150link is external Linux Kernel Out-of-Bounds Read Vulnerability These types ...

7.8CVSS7.3AI score0.03558EPSS
Exploits0References7
CISA
CISA
added 2025/03/24 12:0 p.m.5 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-30154link is external reviewdog action-setup GitHub Action Embedded Malicious Code Vulnerability These types of vulnerabilities are frequent attack vectors for...

8.6CVSS7.5AI score0.02296EPSS
Exploits2References6
CISA
CISA
added 2025/03/18 12:0 p.m.5 views

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven Industrial Control Systems ICS advisories on March 18, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-077-01 Schneider Electric EcoStruxure Power Automation System User Interface EPAS-UI...

7.1AI score
Exploits0References7
CISA
CISA
added 2025/03/13 12:0 p.m.5 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-24201link is external Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability CVE-2025-21590link is external Juniper Junos OS Improper Isolation or...

10CVSS7.2AI score0.0424EPSS
Exploits4References7
CISA
CISA
added 2025/03/10 12:0 p.m.5 views

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-25181link is external Advantive VeraCore SQL Injection Vulnerability CVE-2024-57968link is external Advantive VeraCore Unrestricted File Upload Vulnerability...

9.9CVSS8.6AI score0.99762EPSS
Exploits5References10
CISA
CISA
added 2025/02/13 12:0 p.m.5 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-57727link is external SimpleHelp Path Traversal Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

9.1CVSS7.3AI score0.95151EPSS
Exploits2References6
CISA
CISA
added 2025/02/13 12:0 p.m.5 views

CISA Releases Twenty Industrial Control Systems Advisories

CISA released twenty Industrial Control Systems ICS advisories on February 13, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-044-01 Siemens SIMATIC S7-1200 CPU Family ICSA-25-044-02 Siemens SIMATIC...

6.9AI score
Exploits0References20
CISA
CISA
added 2025/02/07 12:0 p.m.5 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-0994link is external Trimble Cityworks Deserialization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

8.8CVSS7.3AI score0.28261EPSS
Exploits0References6
Total number of security vulnerabilities4188