Lucene search
K
CisaMost viewed

4188 matches found

CISA
CISA
added 2024/03/05 12:0 p.m.4 views

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on March 5, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-065-01 Nice Linear eMerge E3-Series ICSMA-24-065-01 Santesoft Sante FFT Imaging...

7AI score
Exploits0References3
CISA
CISA
added 2024/02/29 12:0 p.m.4 views

CISA, FBI, and MS-ISAC Release Advisory on Phobos Ransomware

Today, CISA, the Federal Bureau of Investigation FBI, and the Multi-State Information Sharing and Analysis Center MS-ISAC released a joint Cybersecurity Advisory CSA, StopRansomware: Phobos Ransomware, to disseminate known tactics, techniques, and procedures TTPs and indicators of compromise IOCs...

7.2AI score
Exploits0References3
CISA
CISA
added 2024/02/28 12:0 p.m.4 views

CISA Releases Resource Guide for University Cybersecurity Clinics

Today, CISA released a Resource Guide for Cybersecurity Clinics to outline ways CISA can partner with and support cybersecurity clinics and their clients. University cybersecurity clinics train students from diverse backgrounds and academic expertise to strengthen the digital defenses of...

7AI score
Exploits0References2
CISA
CISA
added 2024/02/23 12:0 p.m.4 views

Updated: Top Cyber Actions for Securing Water Systems

Today, CISA, the Environmental Protection Agency EPA, and the Federal Bureau of Investigation FBI updated the joint fact sheet Top Cyber Actions for Securing Water Systems. This update includes additional resources—from American Water Works Association, the WaterISAC, and MS-ISAC—to support water...

7.2AI score
Exploits0References2
CISA
CISA
added 2024/02/22 12:0 p.m.4 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on February 22, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-053-01 Delta Electronics CNCSoft-B DOPSoft CISA encourages users and administrators to...

7AI score
Exploits0References1
CISA
CISA
added 2024/02/21 12:0 p.m.4 views

Mozilla Releases Security Updates for Firefox and Thunderbird

Mozilla released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Mozilla Security Advisorie...

7.6AI score
Exploits0References3
CISA
CISA
added 2024/02/15 12:0 p.m.4 views

CISA Releases Seventeen Industrial Control Systems Advisories

CISA released seventeen Industrial Control Systems ICS advisories on February 15, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-046-01 Siemens SCALANCE W1750D ICSA-24-046-02 Siemens SIDIS Prime ICSA-24-046-0...

6.9AI score
Exploits0References17
CISA
CISA
added 2024/02/08 12:0 p.m.4 views

CISA Partners With OpenSSF Securing Software Repositories Working Group to Release Principles for Package Repository Security

Today, CISA partnered with the Open Source Security Foundation OpenSSF Securing Software Repositories Working Group to publish the Principles for Package Repository Securitylink is external framework. Recognizing the critical role package repositories play in securing open source software...

7.1AI score
Exploits0References5
CISA
CISA
added 2024/02/07 12:0 p.m.4 views

CISA and Partners Release Advisory on PRC-sponsored Volt Typhoon Activity and Supplemental Living Off the Land Guidance

Today, CISA, the National Security Agency NSA, and the Federal Bureau of Investigation FBI released a joint Cybersecurity Advisory CSA, PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure alongside supplemental Joint Guidance: Identifying and...

6.8AI score
Exploits0References5
CISA
CISA
added 2024/02/01 12:0 p.m.4 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on February 1, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-032-01 Gessler GmbH WEB-MASTER ICSA-24-032-03 AVEVA Edge products formerly known as...

7AI score
Exploits0References2
CISA
CISA
added 2024/01/31 12:0 p.m.4 views

CISA and FBI Release Secure by Design Alert Urging Manufacturers to Eliminate Defects in SOHO Routers

Today, CISA and the Federal Bureau of Investigation FBI published guidance on Security Design Improvements for SOHO Device Manufacturers as a part of the new Secure by Design SbD Alert series that focuses on how manufacturers should shift the burden of security away from customers by integrating...

7.4AI score
Exploits0References6
CISA
CISA
added 2024/01/29 12:0 p.m.4 views

Juniper Networks Releases Security Bulletin for J-Web in Junos OS SRX Series and EX Series

Juniper Networks released a security bulletin to address multiple vulnerabilities for J-Web in Junos OS SRX Series and EX Series. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Juniper...

7.6AI score
Exploits0References1
CISA
CISA
added 2024/01/25 12:0 p.m.4 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on January 25, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-025-01 MachineSense FeverWarn ICSA-24-025-02 SystemK NVR 504/508/516 CISA encourages...

7AI score
Exploits0References2
CISA
CISA
added 2024/01/18 12:0 p.m.4 views

Incident Response Guide for the WWS Sector

Today, CISA, the Federal Bureau of Investigation FBI, and the Environmental Protection Agency released a joint Incident Response Guide for the Water and Wastewater Systems WWS Sector. The guide includes contributions from over 25 WWS Sector organizations spanning private industry, nonprofit, and...

6.7AI score
Exploits0References3
CISA
CISA
added 2024/01/18 12:0 p.m.4 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on January 18, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-018-01 AVEVA PI Server CISA encourages users and administrators to review the newly...

7AI score
Exploits0References1
CISA
CISA
added 2024/01/09 12:0 p.m.4 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on January 9, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-348-01 Cambium ePMP 5GHz Force 300-25 Radio Update A CISA encourages users and...

7AI score
Exploits0References1
CISA
CISA
added 2024/01/04 12:0 p.m.4 views

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on January 4, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-004-01 Rockwell Automation FactoryTalk Activation ICSA-24-004-02 Mitsubishi Electric...

7AI score
Exploits0References3
CISA
CISA
added 2023/12/20 12:0 p.m.4 views

Apple Releases Security Updates for Multiple Products

Apple has released security updates to address vulnerabilities in Safari, iOS, iPadOS, and macOS Sonoma. A cyber threat actor could exploit one of these vulnerabilities to obtain sensitive information. CISA encourages users and administrators to review Apple security releaseslink is external and...

6.8AI score
Exploits0References1
CISA
CISA
added 2023/12/18 12:0 p.m.4 views

FBI, CISA, and ASD’s ACSC Release Advisory on Play Ransomware

Today, the Federal Bureau of Investigation FBI, Cybersecurity and Infrastructure Security Agency CISA, and the Australian Signals Directorate’s Australian Cyber Security Centre ASD's ACSC released a joint Cybersecurity Advisory CSA, StopRansomware: Play Ransomware, to disseminate Play ransomware...

7.2AI score
Exploits0References3
CISA
CISA
added 2023/12/15 12:0 p.m.4 views

CISA Releases Advisory on Cyber Resilience for the HPH Sector

Today, CISA released a Cybersecurity Advisory, Enhancing Cyber Resilience: Insights from the CISA Healthcare and Public Health Sector Risk and Vulnerability Assessment, that details findings from our risk and vulnerability assessments of a Health and Public Health HPH Sector organization. CISA...

7.1AI score
Exploits0References3
CISA
CISA
added 2023/12/12 12:0 p.m.4 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on December 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-346-01 Schneider Electric Easy UPS Online Monitoring Software ICSA-22-356-03 Mitsubis...

7AI score
Exploits0References2
CISA
CISA
added 2023/12/01 12:0 p.m.4 views

Apple Releases Security Updates for Multiple Products

Apple has released security updates to address vulnerabilities within Safari, macOS Sonoma, iOS, and iPadOS. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply...

6.9AI score
Exploits0References3
CISA
CISA
added 2023/11/28 12:0 p.m.4 views

CISA, FBI, NSA, and Treasury Release Guidance on OSS in OT/ICS Environments

Today, CISA, the Federal Bureau of Investigation, the National Security Agency, and the U.S. Department of the Treasury released guidance on improving the security of open source software OSS in operational technology OT and industrial control systems ICS. In alignment with CISA’s recently releas...

7.4AI score
Exploits0References5
CISA
CISA
added 2023/11/22 12:0 p.m.4 views

Mozilla Releases Security Updates for Firefox and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary...

7.3AI score
Exploits0References4
CISA
CISA
added 2023/11/17 12:0 p.m.4 views

Juniper Releases Security Advisory for Juniper Secure Analytics

Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure Analytics. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Juniper advisory JSA74298link ...

7.6AI score
Exploits0References1
CISA
CISA
added 2023/11/14 12:0 p.m.4 views

CISA Releases Roadmap for Artificial Intelligence Adoption

Today, CISA released its Roadmap for Artificial Intelligence—in alignment with White House Executive Order 14110: Safe, Secure, And Trustworthy Development and Use of Artificial Intelligence—to outline a comprehensive set of actions CISA will take along five lines of effort: 1. Responsibly use AI...

7.2AI score
Exploits0References3
CISA
CISA
added 2023/11/09 12:0 p.m.4 views

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on November 9, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-313-01 Johnson Controls Quantum HD Unity ICSA-23-313-02 Hitachi Energy eSOMS...

7AI score
Exploits0References4
CISA
CISA
added 2023/11/07 12:0 p.m.4 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on November 7, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-311-01 GE MiCOM S1 Agile CISA encourages users and administrators to review the newly...

7AI score
Exploits0References1
CISA
CISA
added 2023/11/06 12:0 p.m.4 views

CISA Published When to Issue VEX Information

Today, CISA published When to Issue Vulnerability Exploitability eXchange VEX Information, developed by a community of industry and government experts with the goal to offer some guidance and structure for the software security world, including the large and growing global SBOM community. This...

7AI score
Exploits0References3
CISA
CISA
added 2023/10/26 12:0 p.m.4 views

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on October 26, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-299-01 Dingtian DT-R002 ICSA-23-299-02 Centralite Pearl Thermostat ICSA-23-299-03...

7AI score
Exploits0References9
CISA
CISA
added 2023/10/26 12:0 p.m.4 views

Apple Releases Security Advisories for Multiple Products

Apple has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the following advisories and apply the necessary updates:...

6.9AI score
Exploits0References9
CISA
CISA
added 2023/10/12 12:0 p.m.4 views

CISA Releases Nineteen Industrial Control Systems Advisories

CISA released nineteen Industrial Control Systems ICS advisories on October 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-285-01 Siemens SIMATIC CP products ICSA-23-285-02 Siemens SCALANCE W1750D...

6.9AI score
Exploits0References19
CISA
CISA
added 2023/10/11 12:0 p.m.4 views

Fortinet Releases Security Updates for Multiple Products

Fortinet has released security advisories addressing vulnerabilities in multiple products. These vulnerabilities may allow cyber threat actors to take control of the affected systems. CISA encourages users and administrators to review the following Fortinet security advisories and apply the...

8.2AI score
Exploits0References6
CISA
CISA
added 2023/09/28 12:0 p.m.4 views

Cisco Releases Security Advisories for Multiple Products

Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A remote cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the...

8.2AI score
Exploits0References9
CISA
CISA
added 2023/09/21 12:0 p.m.4 views

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on September 21, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-264-01 Real Time Automation 460 Series ICSA-23-264-02 Siemens Spectrum Power 7...

7AI score
Exploits0References6
CISA
CISA
added 2023/09/12 12:0 p.m.4 views

Microsoft Releases September 2023 Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s September 2023 Security Update Guidelink i...

7.5AI score
Exploits0References1
CISA
CISA
added 2023/09/12 12:0 p.m.4 views

Apple Releases Security Updates for iOS and macOS

Apple has released security updates to address a vulnerability in multiple products. A cyber threat actor could exploit this vulnerability to take control of an affected device. CISA encourages users and administrators to review the following advisories and apply the necessary updates. iOS 15.7.9...

6.7AI score
Exploits0References3
CISA
CISA
added 2023/09/07 12:0 p.m.4 views

CISA Releases Malware Analysis Reports on Barracuda Backdoors

Updated September 7, 2023 CISA has published an additional malware analysis report associated with malicious Barracuda activity. The report provides analysis on the following malware samples: SUBMARINE – SUBMARINE is a backdoor that exploits a vulnerability on the target environment where the...

9.8CVSS9AI score0.86956EPSS
Exploits3References11
CISA
CISA
added 2023/09/06 12:0 p.m.4 views

CISA Releases Capacity Enhancement Guide to Strengthen Agency Resilience to DDoS Attack

CISA has released actionable guidance for Federal Civilian Executive Branch FCEB agencies to help them evaluate and mitigate the risk of volumetric distributed denial-of-service DDoS attacks against their websites and related web services. The Capacity Enhancement Guide: Volumetric DDoS Against W...

7.3AI score
Exploits0References2
CISA
CISA
added 2023/08/30 12:0 p.m.4 views

Mozilla Releases Security Updates for Multiple Products

Mozilla has released security updates to address vulnerabilities for Firefox 117, Firefox ESR 115.2, Firefox ESR 102.15, Thunderbird 115.2, and Thunderbird 102.15. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and...

7.6AI score
Exploits0References5
CISA
CISA
added 2023/08/18 12:0 p.m.4 views

Juniper Releases Security Advisory for Multiple Vulnerabilities in Junos OS

Juniper has released a security advisory to address vulnerabilities in Junos OS on SRX Series and EX Series. A remote cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Juniper’s Support Portal link is...

7.7AI score
Exploits0References1
CISA
CISA
added 2023/08/15 12:0 p.m.4 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on August 15, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-227-01 Schneider Electric EcoStruxure Control Expert, Process Expert, Modicon...

7AI score
Exploits0References2
CISA
CISA
added 2023/08/04 12:0 p.m.4 views

CISA Releases its Cybersecurity Strategic Plan

Today, CISA released a strategic plan to lay out how we will fulfill our cybersecurity mission over the next three years. The CISA Cybersecurity Strategic Plan aligns the following nine objectives to specific enabling measures and measures of effectiveness to drive accountability: 1. Increase...

7.3AI score
Exploits0References2
CISA
CISA
added 2023/08/02 12:0 p.m.4 views

Mozilla Releases Security Updates for Multiple Products

Mozilla has released security updates to address vulnerabilities for Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrato...

7.3AI score
Exploits0References5
CISA
CISA
added 2023/07/31 12:0 p.m.4 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-35081 Ivanti Endpoint Manager Mobile EPMM Path Traversal Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and...

7.2CVSS7.2AI score0.63316EPSS
Exploits0References6
CISA
CISA
added 2023/07/27 12:0 p.m.4 views

CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse

The Australian Signals Directorate’s Australian Cyber Security Centre ACSC, the Cybersecurity and Infrastructure Security Agency CISA, and the National Security Agency NSA are releasing a joint Cybersecurity Advisory CSA, Preventing Web Application Access Control Abuse, to warn vendors, designers...

7.2AI score
Exploits0References4
CISA
CISA
added 2023/07/27 12:0 p.m.4 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-37580 Zimbra Collaboration ZCS Cross-Site Scripting XSS Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and...

6.1CVSS6.3AI score0.59041EPSS
Exploits0References4
CISA
CISA
added 2023/07/26 12:0 p.m.4 views

CISA Releases Analysis of FY22 Risk and Vulnerability Assessments

CISA has released an analysis and infographic detailing the findings from the 121 Risk and Vulnerability Assessments RVAs conducted across multiple critical infrastructure sectors in fiscal year 2022 FY22. The analysis details a sample attack path including tactics and steps a cyber threat actor...

7.2AI score
Exploits0References5
CISA
CISA
added 2023/07/17 12:0 p.m.4 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-36884 Microsoft Office and Windows HTML Remote Code Execution Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors...

7.5CVSS7.8AI score0.99083EPSS
Exploits3References6
CISA
CISA
added 2023/07/17 12:0 p.m.4 views

NSA, CISA Release Guidance on Security Considerations for 5G Network Slicing 

Today, the National Security Agency NSA and CISA published 5G Network Slicing: Security Considerations for Design, Deployment, and Maintenance. This guidance—created by the Enduring Security Framework ESF, a public-private cross-sector working group led by the NSA and CISA—presents recommendation...

7.2AI score
Exploits0References3
Total number of security vulnerabilities4188