4188 matches found
Cisco Releases Security Updates for Secure Client
Cisco released security updates to address vulnerabilities in Cisco Secure Client and Secure Client for Linux. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the following security releases...
Apple Releases Security Updates for iOS and iPadOS
Apple released security updates to address vulnerabilities in iOS and iPadOS. A cyber threat actor could exploit one of these vulnerabilities to obtain sensitive information. CISA encourages users and administrators to review the following security releases and apply the necessary updates: iOS 17...
VMware Releases Security Advisory for Multiple Products
VMware released a security advisory to address multiple vulnerabilities in ESXi, Workstation, Fusion, and Cloud Foundation. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following VMwar...
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems ICS advisories on February 27, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-058-01 Mitsubishi Electric Multiple Factory Automation Products ICSMA-24-058-01...
CISA Releases One Industrial Control Systems Advisory
CISA released one Industrial Control Systems ICS advisory on February 13, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-044-01 Mitsubishi Electric MELSEC iQ-R Series Safety CPU and SIL2 Process CPU CISA...
CISA Releases Six Industrial Control Systems Advisories
CISA released six Industrial Control Systems ICS advisories on January 23, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-023-01 APsystems Energy Communication Unit ECU-C Power Control Software ICSA-24-023-02...
Apple Releases Security Updates for Multiple Products
Apple has released security updates for iOS and iPadOS, macOS, Safari, watchOS, and tvOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security releaselink is external and apply...
Drupal Releases Security Advisory for Drupal Core
Drupal released a security advisory to address a vulnerability affecting multiple Drupal core versions. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review Drupal security advisory SA-CORE-2024-001link is...
Oracle Releases Critical Patch Update Advisory for January 2024
Oracle released its Critical Patch Update Advisory for January 2024 to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Oracle’s January 2024...
CISA Releases One Industrial Control Systems Advisory
CISA released one Industrial Control Systems ICS advisory on January 18, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-018-01 AVEVA PI Server CISA encourages users and administrators to review the newly...
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems ICS advisories on January 16, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-016-01 SEW-EURODRIVE MOVITOOLS MotionStudio ICSA-24-016-02 Integration Objects OPC UA...
Microsoft Releases Security Updates for Multiple Products
Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s January Security Update Guidelink is...
Fortinet Releases Security Updates for FortiOS and FortiProxy
Fortinet has released a security update to address a vulnerability in FortiOS and FortiProxy software. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the FG-IR-23-315 FortiOS & FortiProxy - Improper...
Juniper Releases Security Advisory for Juniper Secure Analytics
Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure Analytics. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Juniper advisory JSA75636link ...
Mozilla Releases Security Updates for Firefox and Thunderbird
Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary...
CISA Releases Seven Industrial Control Systems Advisories
CISA released seven Industrial Control Systems ICS advisories on December 19, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-353-01 Subnet Solutions Inc. PowerSYSTEM Center ICSA-23-353-02 EFACEC BCU 500...
Fortinet Releases Security Updates for Multiple Products
Fortinet has released security updates to address vulnerabilities in multiple Fortinet products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply necessary...
Adobe Releases Security Updates for Multiple Products
Adobe has released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply th...
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems ICS advisories on December 5, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-339-01 Zebra ZTC Industrial ZT400 and Desktop GK420d ICSA-23-208-03 Mitsubishi Electri...
CISA and Partners Release Joint Advisory on IRGC-Affiliated Cyber Actors Exploiting PLCs
Today, CISA, the Federal Bureau of Investigation FBI, National Security Agency NSA, Environmental Protection Agency EPA, and the Israel National Cyber Directorate INCD released a joint Cybersecurity Advisory CSA IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors in response to the acti...
CISA, FBI, NSA, and Treasury Release Guidance on OSS in OT/ICS Environments
Today, CISA, the Federal Bureau of Investigation, the National Security Agency, and the U.S. Department of the Treasury released guidance on improving the security of open source software OSS in operational technology OT and industrial control systems ICS. In alignment with CISA’s recently releas...
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems ICS advisories on November 28, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-331-01 Delta Electronics InfraSuite Device Master ICSA-23-331-02 Franklin Electric...
CISA Releases Five Industrial Control Systems Advisories
CISA released five Industrial Control Systems ICS advisories on November 21, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-325-01 WAGO PFC200 Series ICSA-23-325-02 Fuji Electric Tellus Lite V-Simulator...
Adobe Releases Security Updates for Multiple Products
Adobe has released security updates to address vulnerabilities affecting multiple Adobe products. A cyber threat actor could exploit some of these vulnerabilities to take control of affected system. CISA encourages users and administrators to review the following advisories and apply the necessar...
CISA Releases Six Industrial Control Systems Advisories
CISA released six Industrial Control Systems ICS advisories on November 2, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-306-01 Red Lion Crimson ICSA-23-306-02 Mitsubishi Electric MELSEC iQ-F Series CPU Modu...
CISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems ICS advisories on October 31, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-304-02 INEA ME RTU ICSA-23-304-03 Zavio IP Camera ICSA-23-208-03 Mitsubishi Electric...
CISA Releases One Industrial Control Systems Advisory
CISA released one Industrial Control Systems ICS advisory on October 19, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-143-02 Hitachi Energy’s RTU500 Series Product UPDATE B CISA encourages users and...
CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance
Today, the Cybersecurity Infrastructure and Security Agency CISA, the National Security Agency NSA, the Federal Bureau of Investigation FBI, and the Multi-State Information Sharing and Analysis Center MS-ISAC released a joint guide, Phishing Guidance: Stopping the Attack Cycle at Phase One. The...
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems ICS advisories on October 17, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-290-01 Schneider Electric EcoStruxure Power Monitoring Expert and Power Operation...
CISA, NSA, FBI, and International Partners Release Updated Secure by Design Guidance
Today, the U.S. Cybersecurity and Infrastructure Security Agency CISA, National Security Agency NSA, and Federal Bureau of Investigation FBI released an update to Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Security-by- Design and -Default with the following...
CISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems ICS advisories on October 5, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-278-01 Hitachi Energy AFS65x, AFF66x, AFS67x, and AFR67x Series Products ICSA-23-278-...
CISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems ICS advisories on September 28, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-271-01 Rockwell Automation PanelView 800 ICSA-23-271-02 DEXMA DexGate ICSA-23-143-...
Atlassian Releases September Security Bulletin
Atlassian has released its security bulletin for September 2023 to address vulnerabilities in multiple products. A malicious cyber actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Atlassian’s September 2023...
CISA Releases Continuous Diagnostics and Mitigation Program: Identity, Credential, and Access Management (ICAM) Reference Architecture
Today, CISA released the Continuous Diagnostics and Mitigation Program: Identity, Credential, and Access Management ICAM Reference Architecture to help federal civilian departments and agencies integrate their identity and access management IDAM capabilities into their ICAM architectures. Prior t...
CISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems ICS advisories on September 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-255-01 Hitachi Energy Lumada APM Edge ICSA-23-255-02 Fujitsu Software Infrastructu...
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems ICS advisories on September 5, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-248-01 Fujitsu Limited Real-time Video Transmission Gear IP series ICSMA-23-248-01...
VMware Releases Security Update for Tools
VMware has released a security update to address a vulnerability in VMware Tools. A cyber threat actor can exploit this vulnerability to obtain sensitive information. CISA encourages users and administrators to review VMware Security Advisory VMSA-2023-0019link is external and apply the necessary...
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems ICS advisories on August 31, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-243-01 ARDEREG Sistemas SCADA ICSA-23-243-02 GE Digital CIMPLICITY ICSA-23-243-03 PTC...
CISA and FBI Publish Joint Advisory on QakBot Infrastructure
Today, the Cybersecurity and Infrastructure Security Agency CISA and Federal Bureau of Investigation FBI released a joint Cybersecurity Advisory CSA, Identification and Disruption of QakBot Infrastructure, to help organizations detect and protect against newly identified QakBot-related activity a...
CISA Releases Six Industrial Control Systems Advisories
CISA released six Industrial Control Systems ICS advisories on August 24, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-236-01 KNX Protocol ICSA-23-236-02 Opto 22 SNAP PAC S1 ICSA-23-236-03 CODESYS Developme...
CISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems ICS advisories on August 17, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-229-01 ICONICS and Mitsubishi Electric Products ICSA-23-229-03 Schnieder Electric...
CISA Releases Twelve Industrial Control Systems Advisories
CISA released twelve Industrial Control Systems ICS advisories on August 10, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-222-01 Siemens Solid Edge, JT2Go and Teamcenter Visualization ICSA-23-222-02 Siemens...
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems ICS advisories on August 8, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-220-01 Schneider Electric IGSS ICSA-23-220-02 Hitachi Energy RTU500 series CISA encourag...
Adobe Releases Security Updates for Multiple Products
Adobe has released security updates to address multiple vulnerabilities in Adobe software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary...
Microsoft Releases August 2023 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s August 2023 Security Update Guidelink is external a...
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-29298 Adobe ColdFusion Improper Access Control Vulnerability CVE-2023-38205 Adobe ColdFusion Improper Access Control Vulnerability These types of vulnerabiliti...
Oracle Releases Security Updates
Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for July 2023 to address vulnerabilities affecting multiple products. A remote attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users a...
Adobe Releases Security Updates for ColdFusion
Adobe has released security updates to address a critical vulnerability CVE-2023-38203 affecting ColdFusionlink is external. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Adobe security release...
CISA Adds Two Known Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-37450 Apple Multiple Products WebKit Code Execution Vulnerability CVE-2022-29303 SolarView Compact Command Injection Vulnerability These types of vulnerabiliti...
Juniper Releases Multiple Security Updates for Juno OS
Juniper has released updates to address multiple vulnerabilities in Juno OSlink is external. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Juniper’s Support Portallink is external and apply the...