4188 matches found
CISA Releases One Industrial Control Systems Advisory
CISA released one Industrial Control Systems ICS advisory on May 30, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-150-01 Advantech WebAccess/SCADA CISA encourages users and administrators to review the newl...
CISA Releases One Industrial Control Systems Advisory
CISA released one Industrial Control Systems ICS advisory on May 25, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-145-01 Moxa MXsecurity Series CISA encourages users and administrators to review the newly...
CISA Releases Five Industrial Control Systems Advisories
CISA released five Industrial Control Systems ICS advisories on May 16, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-138-01 Carlo Gavazzi Powersoft ICSA-23-138-02 Mitsubishi Electric MELSEC WS ICSA-23-138-0...
CISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems ICS advisories on May 16, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-136-01 Snap One OvrC Cloud ICSA-23-136-02 Rockwell ArmorStart ICSA-23-136-03 Rockwell...
CISA Releases Fifteen Industrial Control Systems Advisories
CISA released fifteen Industrial Control Systems ICS advisories on May 11, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-131-01 Siemens Solid Edge ICSA-23-131-02 Siemens SCALANCE W1750D ICSA-23-131-03 Siemen...
CISA and FBI Release Joint Advisory in Response to Active Exploitation of PaperCut Vulnerability
CISA and FBI have released a joint Cybersecurity Advisory CSA, Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG. This joint advisory provides details related to an exploitation of PaperCut MF/NG vulnerability CVE-2023-27350. FBI observed malicious actors exploit CVE-2023-27350...
CISA Releases One Industrial Control Systems Advisory
CISA released one Industrial Control Systems ICS advisory on May 2, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical...
Cisco Releases Security Advisories for Multiple Products
Cisco has released security updates for vulnerabilities affecting Industrial Network Director IND, Modeling Labs, StarOS Software, and BroadbandWorks Network Server. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and...
CISA to Continue and Enhance U.K.’s Logging Made Easy Tool
CISA has announced plans to continue and enhance the Logging Made Easy LME tool, a service originally developed and maintainedlink is external by the United Kingdom’s National Cyber Security Centre NCSC-UK. NCSC-UK stopped supporting the open-source log management solution for Windows-based devic...
CISA Adds One Known Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2017-6742 Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors...
CISA and CESER Releases Software Bill of Materials (SBOM) Sharing Lifecycle Report
CISA and the U.S. Department of Energy DOE Cybersecurity, Energy Security, and Emergency Response CESER have released the SBOM Sharing Lifecycle Report to the cybersecurity and supply chain community. The purpose of this report is to enumerate and describe the different parties and phases of the...
Shifting the Balance of Cybersecurity Risk: Security-by-Design and Default Principles
Shifting the Balance of Cybersecurity Risk: Security-by-Design and Default Principles serves as a cybersecurity roadmap for manufacturers of technology and associated products. With recommendations in this guide, manufacturers are urged to put cybersecurity first, during the design phase of a...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-28252link is external Microsoft Windows Common Log File System CLFS Driver Privilege Escalation Vulnerability These types of vulnerabilities are frequent attack...
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems ICS advisories on April 11, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-101-01 FANUC ROBOGUIDE-HandlingPRO ICSA-20-212-04 Mitsubishi Electric Factory Automation...
Adobe Releases Security Updates for Multiple Products
Adobe has released security updates to address multiple vulnerabilities in Adobe software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Adobe Security Bulletins and apply the necessary updates. •...
Apple Releases Security Update
Apple has released a security updates to address a vulnerability in GarageBand. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Apple security page for GarageBand and apply the necessary...
Thorium Platform Public Availability
Today, CISA, in partnership with Sandia National Laboratories, announced the public availability of Thoriumlink is external, a scalable and distributed platform for automated file analysis and result aggregation. Thorium enhances cybersecurity teams' capabilities by automating analysis workflows...
CISA Releases Five Industrial Control Systems Advisories
CISA released five Industrial Control Systems ICS advisories on June 17, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-168-01 Siemens Mendix Studio Pro ICSA-25-168-02 LS Electric GMWin 4 ICSA-25-168-04 Fuji...
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems ICS advisories on June 10, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-160-01 SinoTrack GPS Receiver ICSA-25-160-02 Hitachi Energy Relion 670, 650, SAM600-IO...
Updated Guidance on Play Ransomware
CISA, the Federal Bureau of Investigation FBI, and the Australian Signals Directorate’s Australian Cyber Security Centre ASD’s ACSC have issued an updated advisory on Play ransomware, also known as Playcrypt. This advisory highlights new tactics, techniques, and procedures used by the Play...
CISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems ICS advisories on June 3, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-153-01 Schneider Electric Wiser Home Automation ICSA-25-153-02 Schneider Electric...
New Guidance for SIEM and SOAR Implementation
Today, CISA, in collaboration with the Australian Signals Directorate’s Australian Cyber Security Centre ASD’s ACSC and other international and U.S. partners, released new guidance for organizations seeking to procure Security Information and Event Management SIEM and Security Orchestration,...
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems ICS advisories on May 22, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-142-01 Lantronix Device Installer ICSA-25-142-02 Rockwell Automation FactoryTalk Historian...
Russian GRU Cyber Actors Targeting Western Logistics Entities and Tech Companies
Today, CISA, the National Security Agency, the Federal Bureau of Investigation, and other U.S. and international partners released a joint Cybersecurity Advisory, Russian GRU Targeting Western Logistics Entities and Technology Companies. This advisory details a Russian state-sponsored cyber...
CISA Releases Five Industrial Control Systems Advisories
CISA released five Industrial Control Systems ICS advisories on May 8, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-128-01 Horner Automation Cscape ICSA-25-128-02 Hitachi Energy RTU500 series ICSA-25-128-03...
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems ICS advisories on March 25, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-084-01 ABB RMC-100 ICSA-25-084-02 Rockwell Automation Verve Asset Manager ICSA-25-084-0...
CISA and Partners Release Cybersecurity Advisory on Medusa Ransomware
Today, CISA—in partnership with the Federal Bureau of Investigation FBI and Multi-State Information Sharing and Analysis Center MS-ISAC—released joint Cybersecurity Advisory, StopRansomware: Medusa Ransomware. This advisory provides tactics, techniques, and procedures TTPs, indicators of compromi...
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems ICS advisories on March 11, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-070-01 Schneider Electric Uni-Telway Driver ICSA-25-070-02 Optigo Networks Visual BACnet...
CISA and FBI Warn of Malicious Cyber Actors Using Buffer Overflow Vulnerabilities to Compromise Software
CISA and the Federal Bureau of Investigation FBI have released a Secure by Design Alert, Eliminating Buffer Overflow Vulnerabilities, as part of their cooperative Secure by Design Alert series—an ongoing series aimed at advancing industry-wide best practices to eliminate entire classes of...
CISA Partners with ASD’s ACSC, CCCS, NCSC-UK, and Other International and US Organizations to Release Guidance on Edge Devices
CISA—in partnership with international and U.S. organizations—released guidance to help organizations protect their network edge devices and appliances, such as firewalls, routers, virtual private networks VPN gateways, Internet of Things IoT devices, internet-facing servers, and internet-facing...
Adobe Releases Security Updates for Multiple Products
Adobe released security updates to address vulnerabilities in multiple Adobe software products including Adobe Photoshop, Animate, and Illustrator for iPad. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and...
CISA Releases Five Industrial Control Systems Advisories
CISA released five Industrial Control Systems ICS advisories on December 17, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-352-01 ThreatQuotient ThreatQ Platform ICSA-24-352-02 Hitachi Energy TropOS Devices...
Apple Releases Security Updates for Multiple Products
Apple released security updates to address vulnerabilities in multiple Apple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply necessary updates: i...
ASD’s ACSC, CISA, FBI, NSA, and International Partners Release Guidance on Principles of OT Cybersecurity for Critical Infrastructure Organizations
Today, the Australian Signals Directorate’s Australian Cyber Security Centre ASD’s ACSC—in partnership with CISA, U.S. government and international partners—released the guide Principles of Operational Technology Cybersecuritylink is external. This guidance provides critical information on how to...
VMware Releases Security Advisory for VMware Cloud Foundation and vCenter Server
VMware released a security advisory addressing vulnerabilities in the VMware Cloud Foundation and the vCenter Server. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following VMware...
CISA Releases Twenty-Five Industrial Control Systems Advisories
CISA released twenty-five Industrial Control Systems ICS advisories on September 12, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-256-01 Siemens SINEMA Remote Connect Server ICSA-24-256-02 Siemens SINUMERIK...
CISA Releases One Industrial Control Systems Advisory
CISA released one Industrial Control Systems ICS advisory on August 8, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-221-01 Dorsett Controls InfoScan CISA encourages users and administrators to review the...
CISA and Partners Release Advisory on Black Basta Ransomware
Today, CISA, in partnership with the Federal Bureau of Investigation FBI, the Department of Health and Human Services HHS, and the Multi-State Information Sharing and Analysis Center MS-ISAC released joint Cybersecurity Advisory CSA StopRansomware: Black Basta to provide cybersecurity defenders...
CISA Releases One Industrial Control Systems Advisory
CISA released one Industrial Control Systems ICS advisory on April 2, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-093-01 IOSIX IO-1020 Micro ELD CISA encourages users and administrators to review the newly...
Apple Released Security Updates for Safari and macOS
Apple released security updates to address a vulnerability CVE-2024-1580 in Safari and macOS. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary updates:...
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems ICS advisories on February 8, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-039-01 Qolsys IQ Panel 4, IQ4 HUB ICSA-23-082-06 ProPump and Controls Osprey Pump...
VMware Releases Security Advisory for Aria Operations for Networks
VMware released a security advisory to address multiple vulnerabilities in Aria Operations for Networks. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware security advisory...
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems ICS advisories on February 6, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-037-01 HID Global Encoders ICSA-24-037-02 HID Global Reader Configuration Cards CISA...
CISA Releases Eight Industrial Control Systems Advisories
CISA released eight Industrial Control Systems ICS advisories on January 30, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-030-01 Emerson Rosemount GC370XA, GC700XA, GC1500XA ICSA-24-030-02 Mitsubishi Electr...
Mozilla Releases Security Updates for Thunderbird and Firefox
Mozilla has released security updates to address vulnerabilities in Thunderbird and Firefox. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary...
CISA and UK NCSC Unveil Joint Guidelines for Secure AI System Development
Today, in a landmark collaboration, the U.S. Cybersecurity and Infrastructure Security Agency CISA and the UK National Cyber Security Centre NCSC are proud to announce the release of the Guidelines for Secure AI System Developmentlink is external. Co-sealed by 23 domestic and international...
Microsoft Releases November 2023 Security Updates
Microsoft has released updates addressing multiple vulnerabilities in Microsoft software. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s November 2023 Security Update Guidelink is...
CISA Releases One Industrial Control Systems Advisory
CISA released one Industrial Control Systems ICS advisory on October 24, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-297-01 Rockwell Automation Stratix 5800 and Stratix 5200 CISA encourages users and...
CISA Releases One Industrial Control Systems Advisory
CISA released one Industrial Control Systems ICS advisory on October 10, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-19-029-02 Mitsubishi Electric MELSEC-Q Series PLCs CISA Update A CISA encourages users and...
CISA Releases One Industrial Control Systems Advisory
CISA released one Industrial Control Systems ICS advisory on August 1, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-213-01 APSystems Altenergy Power Control CISA encourages users and administrators to review...