Lucene search
K
CisaMost viewed

4188 matches found

CISA
CISA
added 2024/01/09 12:0 p.m.4 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on January 9, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-348-01 Cambium ePMP 5GHz Force 300-25 Radio Update A CISA encourages users and...

7AI score
Exploits0References1
CISA
CISA
added 2023/12/20 12:0 p.m.4 views

Apple Releases Security Updates for Multiple Products

Apple has released security updates to address vulnerabilities in Safari, iOS, iPadOS, and macOS Sonoma. A cyber threat actor could exploit one of these vulnerabilities to obtain sensitive information. CISA encourages users and administrators to review Apple security releaseslink is external and...

6.8AI score
Exploits0References1
CISA
CISA
added 2023/12/18 12:0 p.m.4 views

FBI, CISA, and ASD’s ACSC Release Advisory on Play Ransomware

Today, the Federal Bureau of Investigation FBI, Cybersecurity and Infrastructure Security Agency CISA, and the Australian Signals Directorate’s Australian Cyber Security Centre ASD's ACSC released a joint Cybersecurity Advisory CSA, StopRansomware: Play Ransomware, to disseminate Play ransomware...

7.2AI score
Exploits0References3
CISA
CISA
added 2023/12/15 12:0 p.m.4 views

CISA Releases Advisory on Cyber Resilience for the HPH Sector

Today, CISA released a Cybersecurity Advisory, Enhancing Cyber Resilience: Insights from the CISA Healthcare and Public Health Sector Risk and Vulnerability Assessment, that details findings from our risk and vulnerability assessments of a Health and Public Health HPH Sector organization. CISA...

7.1AI score
Exploits0References3
CISA
CISA
added 2023/12/12 12:0 p.m.4 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on December 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-346-01 Schneider Electric Easy UPS Online Monitoring Software ICSA-22-356-03 Mitsubis...

7AI score
Exploits0References2
CISA
CISA
added 2023/12/07 12:0 p.m.4 views

CISA and International Partners Release Advisory on Russia-based Threat Actor Group, Star Blizzard

Today, the Cybersecurity and Infrastructure Security Agency CISA—in coordination with the United Kingdom’s National Cyber Security Centre UK-NCSC, Australian Signals Directorate’s Australian Cyber Security Centre ASD’s ACSC, Canadian Centre for Cyber Security CCCS, New Zealand National Cyber...

7AI score
Exploits0References3
CISA
CISA
added 2023/12/01 12:0 p.m.4 views

Apple Releases Security Updates for Multiple Products

Apple has released security updates to address vulnerabilities within Safari, macOS Sonoma, iOS, and iPadOS. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply...

6.9AI score
Exploits0References3
CISA
CISA
added 2023/11/22 12:0 p.m.4 views

Mozilla Releases Security Updates for Firefox and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary...

7.3AI score
Exploits0References4
CISA
CISA
added 2023/11/17 12:0 p.m.4 views

Juniper Releases Security Advisory for Juniper Secure Analytics

Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure Analytics. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Juniper advisory JSA74298link ...

7.6AI score
Exploits0References1
CISA
CISA
added 2023/11/14 12:0 p.m.4 views

CISA Releases Roadmap for Artificial Intelligence Adoption

Today, CISA released its Roadmap for Artificial Intelligence—in alignment with White House Executive Order 14110: Safe, Secure, And Trustworthy Development and Use of Artificial Intelligence—to outline a comprehensive set of actions CISA will take along five lines of effort: 1. Responsibly use AI...

7.2AI score
Exploits0References3
CISA
CISA
added 2023/11/09 12:0 p.m.4 views

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on November 9, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-313-01 Johnson Controls Quantum HD Unity ICSA-23-313-02 Hitachi Energy eSOMS...

7AI score
Exploits0References4
CISA
CISA
added 2023/11/07 12:0 p.m.4 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on November 7, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-311-01 GE MiCOM S1 Agile CISA encourages users and administrators to review the newly...

7AI score
Exploits0References1
CISA
CISA
added 2023/11/06 12:0 p.m.4 views

CISA Published When to Issue VEX Information

Today, CISA published When to Issue Vulnerability Exploitability eXchange VEX Information, developed by a community of industry and government experts with the goal to offer some guidance and structure for the software security world, including the large and growing global SBOM community. This...

7AI score
Exploits0References3
CISA
CISA
added 2023/10/26 12:0 p.m.4 views

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on October 26, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-299-01 Dingtian DT-R002 ICSA-23-299-02 Centralite Pearl Thermostat ICSA-23-299-03...

7AI score
Exploits0References9
CISA
CISA
added 2023/10/26 12:0 p.m.4 views

Apple Releases Security Advisories for Multiple Products

Apple has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the following advisories and apply the necessary updates:...

6.9AI score
Exploits0References9
CISA
CISA
added 2023/10/12 12:0 p.m.4 views

CISA Releases Nineteen Industrial Control Systems Advisories

CISA released nineteen Industrial Control Systems ICS advisories on October 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-285-01 Siemens SIMATIC CP products ICSA-23-285-02 Siemens SCALANCE W1750D...

6.9AI score
Exploits0References19
CISA
CISA
added 2023/10/11 12:0 p.m.4 views

Fortinet Releases Security Updates for Multiple Products

Fortinet has released security advisories addressing vulnerabilities in multiple products. These vulnerabilities may allow cyber threat actors to take control of the affected systems. CISA encourages users and administrators to review the following Fortinet security advisories and apply the...

8.2AI score
Exploits0References6
CISA
CISA
added 2023/09/28 12:0 p.m.4 views

Cisco Releases Security Advisories for Multiple Products

Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A remote cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the...

8.2AI score
Exploits0References9
CISA
CISA
added 2023/09/21 12:0 p.m.4 views

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on September 21, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-264-01 Real Time Automation 460 Series ICSA-23-264-02 Siemens Spectrum Power 7...

7AI score
Exploits0References6
CISA
CISA
added 2023/09/20 12:0 p.m.4 views

FBI and CISA Release Advisory on Snatch Ransomware

Today, the Federal Bureau of Investigation FBI and the Cybersecurity and Infrastructure Security Agency CISA released joint Cybersecurity Advisory CSA StopRansomware: Snatch Ransomware, which provides indicators of compromise IOCs and tactics, techniques, and procedures TTPs associated with the...

7.1AI score
Exploits0References6
CISA
CISA
added 2023/09/12 12:0 p.m.4 views

Microsoft Releases September 2023 Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s September 2023 Security Update Guidelink i...

7.5AI score
Exploits0References1
CISA
CISA
added 2023/09/12 12:0 p.m.4 views

Apple Releases Security Updates for iOS and macOS

Apple has released security updates to address a vulnerability in multiple products. A cyber threat actor could exploit this vulnerability to take control of an affected device. CISA encourages users and administrators to review the following advisories and apply the necessary updates. iOS 15.7.9...

6.7AI score
Exploits0References3
CISA
CISA
added 2023/09/07 12:0 p.m.4 views

CISA Releases Malware Analysis Reports on Barracuda Backdoors

Updated September 7, 2023 CISA has published an additional malware analysis report associated with malicious Barracuda activity. The report provides analysis on the following malware samples: SUBMARINE – SUBMARINE is a backdoor that exploits a vulnerability on the target environment where the...

9.8CVSS9AI score0.86956EPSS
Exploits3References11
CISA
CISA
added 2023/09/06 12:0 p.m.4 views

CISA Releases Capacity Enhancement Guide to Strengthen Agency Resilience to DDoS Attack

CISA has released actionable guidance for Federal Civilian Executive Branch FCEB agencies to help them evaluate and mitigate the risk of volumetric distributed denial-of-service DDoS attacks against their websites and related web services. The Capacity Enhancement Guide: Volumetric DDoS Against W...

7.3AI score
Exploits0References2
CISA
CISA
added 2023/08/30 12:0 p.m.4 views

Mozilla Releases Security Updates for Multiple Products

Mozilla has released security updates to address vulnerabilities for Firefox 117, Firefox ESR 115.2, Firefox ESR 102.15, Thunderbird 115.2, and Thunderbird 102.15. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and...

7.6AI score
Exploits0References5
CISA
CISA
added 2023/08/18 12:0 p.m.4 views

Juniper Releases Security Advisory for Multiple Vulnerabilities in Junos OS

Juniper has released a security advisory to address vulnerabilities in Junos OS on SRX Series and EX Series. A remote cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Juniper’s Support Portal link is...

7.7AI score
Exploits0References1
CISA
CISA
added 2023/08/15 12:0 p.m.4 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on August 15, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-227-01 Schneider Electric EcoStruxure Control Expert, Process Expert, Modicon...

7AI score
Exploits0References2
CISA
CISA
added 2023/08/04 12:0 p.m.4 views

CISA Releases its Cybersecurity Strategic Plan

Today, CISA released a strategic plan to lay out how we will fulfill our cybersecurity mission over the next three years. The CISA Cybersecurity Strategic Plan aligns the following nine objectives to specific enabling measures and measures of effectiveness to drive accountability: 1. Increase...

7.3AI score
Exploits0References2
CISA
CISA
added 2023/08/02 12:0 p.m.4 views

Mozilla Releases Security Updates for Multiple Products

Mozilla has released security updates to address vulnerabilities for Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrato...

7.3AI score
Exploits0References5
CISA
CISA
added 2023/07/27 12:0 p.m.4 views

CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse

The Australian Signals Directorate’s Australian Cyber Security Centre ACSC, the Cybersecurity and Infrastructure Security Agency CISA, and the National Security Agency NSA are releasing a joint Cybersecurity Advisory CSA, Preventing Web Application Access Control Abuse, to warn vendors, designers...

7.2AI score
Exploits0References4
CISA
CISA
added 2023/07/27 12:0 p.m.4 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-37580 Zimbra Collaboration ZCS Cross-Site Scripting XSS Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and...

6.1CVSS6.3AI score0.60034EPSS
Exploits0References4
CISA
CISA
added 2023/07/17 12:0 p.m.4 views

CISA Develops Factsheet for Free Tools for Cloud Environments

CISA has developed and published a factsheet, Free Tools for Cloud Environments, to help businesses transitioning into a cloud environment identify proper tools and techniques necessary for the protection of critical assets and data security. Free Tools for Cloud Environments provides network...

7.4AI score
Exploits0References7
CISA
CISA
added 2023/07/17 12:0 p.m.4 views

NSA, CISA Release Guidance on Security Considerations for 5G Network Slicing 

Today, the National Security Agency NSA and CISA published 5G Network Slicing: Security Considerations for Design, Deployment, and Maintenance. This guidance—created by the Enduring Security Framework ESF, a public-private cross-sector working group led by the NSA and CISA—presents recommendation...

7.2AI score
Exploits0References3
CISA
CISA
added 2023/07/13 12:0 p.m.4 views

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on July 13, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-194-01 Siemens RUGGEDCOM ROX ICSA-23-194-02 Siemens SiPass Integrated ICSA-23-194-03...

6.9AI score
Exploits0References9
CISA
CISA
added 2023/07/12 12:0 p.m.4 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Critical Industrial Control Systems ICS advisory on July 12, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-193-01 Rockwell Automation Select Communication Modules CISA encourages users and...

7AI score
Exploits0References1
CISA
CISA
added 2023/07/11 12:0 p.m.4 views

Mozilla Releases Security Update for Firefox and Firefox ESR

Mozilla has released a security update to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Mozilla Security Advisory MFSA 2023-26link is external and apply the...

7.3AI score
Exploits0References1
CISA
CISA
added 2023/07/07 12:0 p.m.4 views

CISA Adds One Known Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2021-29256 Arm Mali GPU Kernel Driver Use-After-Free Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

9CVSS7.3AI score0.0302EPSS
Exploits0References6
CISA
CISA
added 2023/07/07 12:0 p.m.4 views

Progress Software Releases Service Pack for MOVEit Transfer Vulnerabilities

Progress Software has released a Service Pack to address three newly disclosed vulnerabilities CVE-2023-36934, CVE-2023-36932, CVE-2023-36933 in MOVEit Transfer. A cyber threat actor could exploit some of these vulnerabilities to obtain sensitive information. CISA encourages users to review...

9.1CVSS7.3AI score0.95EPSS
Exploits0References1
CISA
CISA
added 2023/06/29 12:0 p.m.4 views

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on June 29, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-180-01 Delta Electronics InfraSuite Device Master ICSA-23-180-02 Schneider Electric...

7AI score
Exploits0References9
CISA
CISA
added 2023/06/29 12:0 p.m.4 views

2023 CWE Top 25 Most Dangerous Software Weaknesses

The Homeland Security Systems Engineering and Development Institute, sponsored by the Department of Homeland Security and operated by MITRE, has released the 2023 Common Weakness Enumeration CWE Top 25 Most Dangerous Software Weaknesseslink is external. The CWE Top 25 is calculated by analyzing...

7.4AI score
Exploits0References5
CISA
CISA
added 2023/06/29 12:0 p.m.4 views

CISA Adds Eight Known Exploited Vulnerabilities to Catalog

CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2019-17621 D-Link DIR-859 Router Command Execution Vulnerability CVE-2019-20500 D-Link DWL-2600AP Access Point Command Injection Vulnerability CVE-2021-25487...

10CVSS7.8AI score0.97109EPSS
Exploits11References13
CISA
CISA
added 2023/06/27 12:0 p.m.4 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on June 27, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-178-01 Hitachi EnergyFOXMAN-UN and UNEM Products CISA encourages users and administrators t...

7AI score
Exploits0References1
CISA
CISA
added 2023/06/22 12:0 p.m.4 views

ISC Releases Security Advisories for Multiple Versions of BIND 9

The Internet Systems Consortium ISC has released security advisories that address vulnerabilities affecting multiple versions of the ISC’s Berkeley Internet Name Domain BIND 9. A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions. CISA encourages...

7.5CVSS7.6AI score0.03776EPSS
Exploits0References3
CISA
CISA
added 2023/06/15 12:0 p.m.4 views

Progress Software Releases Security Advisory for MOVEit Transfer Vulnerability

Progress Software has released a security advisorylink is external for a privilege escalation vulnerability CVE-2023-35708 in MOVEit Transfer—a Managed File Transfer Software. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA urges users and...

9.8CVSS7.6AI score0.96682EPSS
Exploits0References2
CISA
CISA
added 2023/06/15 12:0 p.m.4 views

Barracuda Networks Releases Update to Address ESG Vulnerability

Barracuda Networks has released an update to their advisorylink is external addressing a vulnerability—CVE-2023-2868—in their Email Security Gateway Appliance ESG. According to Barracuda, customers should replace impacted appliances immediately. CISA urges organizations to review the Barracuda...

9.8CVSS7.2AI score0.86956EPSS
Exploits3References4
CISA
CISA
added 2023/06/08 12:0 p.m.4 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on June 8, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-159-01 ​Atlas Copco Power Focus 6000 ICSA-23-159-02 ​Sensormatic Electronics Illustra Pro...

7AI score
Exploits0References3
CISA
CISA
added 2023/06/07 12:0 p.m.4 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-3079 Google Chromium V8 Type Confusion Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant...

8.8CVSS7.3AI score0.32724EPSS
Exploits2References6
CISA
CISA
added 2023/06/06 12:0 p.m.4 views

CISA and Partners Release Joint Guide to Securing Remote Access Software

Today, CISA, Federal Bureau of Investigation FBI, the National Security Agency NSA, Multi-State Information Sharing and Analysis Center MS-ISAC, and the Israel National Cyber Directorate INCD released the Guide to Securing Remote Access Software. This new joint guide is the result of a...

7.2AI score
Exploits0References5
CISA
CISA
added 2023/06/05 12:0 p.m.4 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-33009 Zyxel Multiple Firewalls Buffer Overflow Vulnerability CVE-2023-33010 Zyxel Multiple Firewalls Buffer Overflow Vulnerability These types of vulnerabiliti...

9.8CVSS7.4AI score0.28813EPSS
Exploits0References7
CISA
CISA
added 2023/06/01 12:0 p.m.4 views

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on June 1, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-152-01 Advantech WebAccess-SCADA ICSA-23-152-02 HID Global SAFE ICSA-22-256-03 Delta...

7AI score
Exploits0References5
Total number of security vulnerabilities4188