Lucene search
K
CisaMost viewed

4188 matches found

CISA
CISA
added 2023/09/15 12:0 p.m.5 views

CISA Releases Continuous Diagnostics and Mitigation Program: Identity, Credential, and Access Management (ICAM) Reference Architecture

Today, CISA released the Continuous Diagnostics and Mitigation Program: Identity, Credential, and Access Management ICAM Reference Architecture to help federal civilian departments and agencies integrate their identity and access management IDAM capabilities into their ICAM architectures. Prior t...

6.9AI score
Exploits0References3
CISA
CISA
added 2023/09/14 12:0 p.m.5 views

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven Industrial Control Systems ICS advisories on September 14, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-257-01 Siemens SIMATIC, SIPLUS Products ICSA-23-257-02 Siemens Parasolid...

6.9AI score
Exploits0References7
CISA
CISA
added 2023/09/12 12:0 p.m.5 views

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on September 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-255-01 Hitachi Energy Lumada APM Edge ICSA-23-255-02 Fujitsu Software Infrastructu...

7AI score
Exploits0References3
CISA
CISA
added 2023/09/05 12:0 p.m.5 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on September 5, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-248-01 Fujitsu Limited Real-time Video Transmission Gear IP series ICSMA-23-248-01...

7AI score
Exploits0References2
CISA
CISA
added 2023/09/01 12:0 p.m.5 views

VMware Releases Security Update for Tools

VMware has released a security update to address a vulnerability in VMware Tools. A cyber threat actor can exploit this vulnerability to obtain sensitive information. CISA encourages users and administrators to review VMware Security Advisory VMSA-2023-0019link is external and apply the necessary...

7AI score
Exploits0References1
CISA
CISA
added 2023/08/31 12:0 p.m.5 views

CISA Warns of Hurricane-Related Scams

CISA urges users to remain on alert for malicious cyber activity following natural disasters, such as hurricanes, as attackers target disaster victims and concerned citizens by leveraging social engineering tactics, techniques, and procedures TTPs. Social engineering TTPs include phishing, in whi...

6.9AI score
Exploits0References5
CISA
CISA
added 2023/08/31 12:0 p.m.5 views

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on August 31, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-243-01 ARDEREG Sistemas SCADA ICSA-23-243-02 GE Digital CIMPLICITY ICSA-23-243-03 PTC...

7.1AI score
Exploits0References4
CISA
CISA
added 2023/08/30 12:0 p.m.5 views

CISA and FBI Publish Joint Advisory on QakBot Infrastructure

Today, the Cybersecurity and Infrastructure Security Agency CISA and Federal Bureau of Investigation FBI released a joint Cybersecurity Advisory CSA, Identification and Disruption of QakBot Infrastructure, to help organizations detect and protect against newly identified QakBot-related activity a...

7.1AI score
Exploits0References8
CISA
CISA
added 2023/08/29 12:0 p.m.5 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on August 29, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-241-01 PTC CodeBeamer CISA encourages users and administrators to review the newly released...

7AI score
Exploits0References1
CISA
CISA
added 2023/08/24 12:0 p.m.5 views

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on August 24, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-236-01 KNX Protocol ICSA-23-236-02 Opto 22 SNAP PAC S1 ICSA-23-236-03 CODESYS Developme...

7AI score
Exploits0References6
CISA
CISA
added 2023/08/17 12:0 p.m.5 views

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on August 17, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-229-01 ICONICS and Mitsubishi Electric Products ICSA-23-229-03 Schnieder Electric...

7AI score
Exploits0References3
CISA
CISA
added 2023/08/10 12:0 p.m.5 views

CISA Releases Twelve Industrial Control Systems Advisories

CISA released twelve Industrial Control Systems ICS advisories on August 10, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-222-01 Siemens Solid Edge, JT2Go and Teamcenter Visualization ICSA-23-222-02 Siemens...

6.9AI score
Exploits0References12
CISA
CISA
added 2023/08/08 12:0 p.m.5 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on August 8, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-220-01 Schneider Electric IGSS ICSA-23-220-02 Hitachi Energy RTU500 series CISA encourag...

7AI score
Exploits0References2
CISA
CISA
added 2023/08/08 12:0 p.m.5 views

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address multiple vulnerabilities in Adobe software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary...

7.6AI score
Exploits0References4
CISA
CISA
added 2023/08/08 12:0 p.m.5 views

Microsoft Releases August 2023 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s August 2023 Security Update Guidelink is external a...

7.5AI score
Exploits0References1
CISA
CISA
added 2023/07/21 12:0 p.m.5 views

Atlassian Releases Security Updates

Atlassian has released its Security Bulletin for July 2023link is external to address vulnerabilities in Confluence Data Center & Server CVE-2023-22505link is external and CVE-2023-22508link is external and Bamboo Data Center CVE-2023-22506link is external. An attacker can exploit these...

8.8CVSS7.6AI score0.02185EPSS
Exploits0References5
CISA
CISA
added 2023/07/20 12:0 p.m.5 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-29298 Adobe ColdFusion Improper Access Control Vulnerability CVE-2023-38205 Adobe ColdFusion Improper Access Control Vulnerability These types of vulnerabiliti...

7.5CVSS7.3AI score0.99754EPSS
Exploits0References5
CISA
CISA
added 2023/07/19 12:0 p.m.5 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-3519 Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actor...

9.8CVSS7.8AI score0.99445EPSS
Exploits16References6
CISA
CISA
added 2023/07/18 12:0 p.m.5 views

Adobe Releases Security Updates for ColdFusion

Adobe has released security updates to address a critical vulnerability CVE-2023-38203 affecting ColdFusionlink is external. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Adobe security release...

9.8CVSS7.7AI score0.97003EPSS
Exploits0References2
CISA
CISA
added 2023/07/11 12:0 p.m.5 views

CISA Adds Five Known Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-32046 Microsoft Windows MSHTML Platform Privilege Escalation Vulnerability CVE-2023-32049 Microsoft Windows Defender SmartScreen Security Feature Bypass...

9.8CVSS7.3AI score0.36152EPSS
Exploits6References10
CISA
CISA
added 2023/07/11 12:0 p.m.5 views

Fortinet Releases Security Update for FortiOS and FortiProxy

Fortinet has released a security update to address a critical vulnerability CVE-2023-33308 affecting FortiOS and FortiProxylink is external. A remote attacker can exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Fortinet...

9.8CVSS7.5AI score0.01873EPSS
Exploits0References2
CISA
CISA
added 2023/07/06 12:0 p.m.5 views

CISA and Partners Release Joint Cybersecurity Advisory on Newly Identified Truebot Malware Variants

Today, the Cybersecurity and Infrastructure Security Agency CISA, Federal Bureau of Investigations FBI, the Multi-State Information Sharing and Analysis Center MS-ISAC, and the Canadian Centre for Cyber Security CCCS released a joint Cybersecurity Advisory CSA, Increased Truebot Activity Infects...

9.8CVSS7.1AI score0.36152EPSS
Exploits1References9
CISA
CISA
added 2023/06/22 12:0 p.m.5 views

CISA Adds Six Known Exploited Vulnerabilities to Catalog

CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-20887 VMware Aria Operations for Networks Command Injection Vulnerability CVE-2020-35730 Roundcube Webmail Cross-Site Scripting XSS Vulnerability CVE-2020-1264...

9.8CVSS8.2AI score0.98243EPSS
Exploits24References11
CISA
CISA
added 2023/06/02 12:0 p.m.5 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-34362 Progress MOVEit Transfer SQL Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

9.8CVSS8.5AI score0.99934EPSS
Exploits15References8
CISA
CISA
added 2023/06/01 12:0 p.m.5 views

Progress Software Releases Security Advisory for MOVEit Transfer

Progress Software has released a security advisorylink is external for a SQL injection vulnerability CVE-2023-34362link is external in MOVEit Transfer—a Managed File Transfer Softwarelink is external. A cyber threat actor could exploit this vulnerability to take over an affected system. CISA urge...

9.8CVSS8.1AI score0.99934EPSS
Exploits15References4
CISA
CISA
added 2023/05/25 12:0 p.m.5 views

CISA Warns of Hurricane/Typhoon-Related Scams

CISA urges users to remain on alert for malicious cyber activity following a natural disaster such as a hurricane or typhoon, as attackers target potential disaster victims by leveraging social engineering tactics, techniques, and procedures TTPs. Social engineering TTPs include phishing attacks...

6.9AI score
Exploits0References4
CISA
CISA
added 2023/05/24 12:0 p.m.5 views

CISA and Partners Release Cybersecurity Advisory Guidance detailing PRC state-sponsored actors evading detection by “Living off the Land”

Today, CISA joined the National Security Agency NSA, the Federal Bureau of Investigation FBI, and international partners in releasing a joint cybersecurity advisory highlighting recently discovered activities conducted by a People’s Republic of China PRC state-sponsored cyber threat actor. This...

7.3AI score
Exploits0References3
CISA
CISA
added 2023/05/23 12:0 p.m.5 views

CISA and Partners Update the #StopRansomware Guide, Developed through the Joint Ransomware Task Force (JRTF)

Today, CISA, the Federal Bureau of Investigation FBI, the National Security Agency NSA, and the Multi-State Information Sharing and Analysis Center MS-ISAC published an updated version of the StopRansomware Guide, as ransomware actors have accelerated their tactics and techniques since its initia...

6.9AI score
Exploits0References8
CISA
CISA
added 2023/05/19 12:0 p.m.5 views

Cisco Releases Security Advisory for Small Business Series Switches

Cisco released a security advisory to address multiple vulnerabilities affecting the web-based user interface of certain Cisco Small Business Series Switcheslink is external. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition or execute arbitrary code wit...

8.4AI score
Exploits0References3
CISA
CISA
added 2023/05/12 12:0 p.m.5 views

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-25717 Multiple Ruckus Wireless Products CSRF and RCE Vulnerability CVE-2021-3560 Red Hat Polkit Incorrect Authorization Vulnerability CVE-2014-0196 Linux...

10CVSS7.7AI score0.95107EPSS
Exploits62References12
CISA
CISA
added 2023/05/09 12:0 p.m.5 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-29336 Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation up to SYSTEM privileges. These types of vulnerabilities are...

7.8CVSS7.6AI score0.40919EPSS
Exploits3References8
CISA
CISA
added 2023/04/27 12:0 p.m.5 views

CISA Releases One Industrial Control Systems Medical Advisory

CISA released one Industrial Control Systems Medical ICS medical advisory on April 27, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS medical...

7AI score
Exploits0References1
CISA
CISA
added 2023/04/25 12:0 p.m.5 views

Abuse of the Service Location Protocol May Lead to DoS Attacks

The Service Location Protocol SLP, RFC 2608link is external allows an unauthenticated remote attacker to register arbitrary services. This could allow an attacker to use spoofed UDP traffic to conduct a denial-of-service DoS attack with a significant amplification factor. Researchers from Bitsigh...

7.5CVSS7.6AI score0.65873EPSS
Exploits1References7
CISA
CISA
added 2023/04/21 12:0 p.m.5 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-28432 MinIO Information Disclosure Vulnerability CVE-2023-27350 PaperCut MF/NG Improper Access Control Vulnerability CVE-2023-2136 Google Chrome Skia Integer...

9.8CVSS7AI score0.99999EPSS
Exploits37References8
CISA
CISA
added 2023/04/20 12:0 p.m.5 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on April 20, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical...

7AI score
Exploits0References1
CISA
CISA
added 2023/04/18 12:0 p.m.5 views

APT28 Exploits Known Vulnerability To Carry Out Reconnaissance and Deploy Malware on Cisco Routers

NCSClink is external, NSA, CISA, and FBI have released a joint advisory to provide details of tactics, techniques, and procedures TTPs associated with APT28's exploitation of Cisco routers in 2021. By exploiting the vulnerability CVE-2017-6742link is external, APT28 used infrastructure to...

9CVSS8.5AI score0.21424EPSS
Exploits1References11
CISA
CISA
added 2022/11/03 12:0 a.m.5 views

CISA Releases Three Industrial Control Systems Advisories

CISA has released three 3 Industrial Control Systems ICS advisories on November 3, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories f...

2.5AI score
Exploits0References3
CISA
CISA
added 2022/04/27 12:0 a.m.5 views

2021 Top Routinely Exploited Vulnerabilities

CISA, the National Security Agency NSA, the Federal Bureau of Investigation FBI, the Australian Cyber Security Centre ACSC, the Canadian Centre for Cyber Security CCCS, the New Zealand National Cyber Security Centre NZ NCSC, and the United Kingdom’s National Cyber Security Centre NCSC-UK have...

2AI score
Exploits0References2
CISA
CISA
added 2022/04/15 12:0 a.m.5 views

Google Releases Security Updates for Chrome

Google has released Chrome version 100.0.4896.127 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. This vulnerability has been detected in exploits in the wild. CISA encourages users and administrators to...

2AI score
Exploits0References1
CISA
CISA
added 2021/11/09 12:0 a.m.5 views

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessa...

6.7AI score
Exploits0References3
CISA
CISA
added 2020/10/01 12:0 a.m.5 views

October is National Cybersecurity Awareness Month

October is National Cybersecurity Awareness Month NCSAM, which is a collaborative effort between the Cybersecurity and Infrastructure Security Agency CISA and its public and private partners—including the National Cyber Security Alliance—to ensure every American has the resources they need to sta...

6.8AI score
Exploits0References1
CISA
CISA
added 2020/07/14 12:0 a.m.5 views

Oracle Releases July 2020 Security Bulletin

Oracle has released its Critical Patch Update for July 2020 to address 433 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...

7.1AI score
Exploits0References1
CISA
CISA
added 2020/04/16 12:0 a.m.5 views

Google Releases Security Updates

Google has released Chrome version 81.0.4044.113 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...

6.8AI score
Exploits0References1
CISA
CISA
added 2019/07/22 12:0 a.m.5 views

Apple Releases Multiple Security Updates

Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the App...

7AI score
Exploits0References5
CISA
CISA
added 2017/09/11 12:0 a.m.5 views

Cisco Releases Security Advisories

Cisco has released advisories describing Apache Struts 2 vulnerabilities potentially affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Cisco Security Advisories...

7.8AI score
Exploits0References2
CISA
CISA
added 2017/05/09 12:0 a.m.5 views

Microsoft Releases May 2017 Security Updates

Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of a system. US-CERT encourages users and administrators to review Microsoft's May 2017 Security Update Summary and Deployment Information...

7AI score
Exploits0References2
CISA
CISA
added 2017/03/22 12:0 a.m.5 views

Vulnerabilities Identified in Network Time Protocol Daemon (ntpd)

The Network Time Foundation's NTP Project has has released version ntp-4.2.8p10 to address multiple vulnerabilities in ntpd. Exploitation of some of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. US-CERT encourages users and administrators to review the...

7AI score
Exploits0References1
CISA
CISA
added 2015/07/23 12:0 a.m.5 views

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in its Application Policy Infrastructure Controller, IOS software, and the Unified MeetingPlace Conferencing products. Exploitation of these vulnerabilities may allow a remote attacker to gain unauthorized access, cause a...

7.3AI score
Exploits0References3
CISA
CISA
added 2025/09/30 12:0 p.m.4 views

CISA Releases Ten Industrial Control Systems Advisories

CISA released ten Industrial Control Systems ICS advisories on September 30, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-273-01 MegaSys Enterprises Telenium Online Web Application ICSA-25-273-02 Festo...

6.7AI score
Exploits0References10
CISA
CISA
added 2025/09/29 12:0 p.m.4 views

CISA Strengthens Commitment to SLTT Governments

The Cybersecurity and Infrastructure Security Agency CISA announced that it has transitioned to a new model to better equip state, local, tribal, and territorial SLTT governments to strengthen shared responsibility nationwide. CISA is supporting our SLTT partners with access to grant funding,...

6.5AI score
Exploits0References6
Total number of security vulnerabilities4188