Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...

Webshells Observed in Post-Compromised Exchange Servers  

CISA has added two new Malware Analysis Reports MARs to Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities. Each new MAR AR21-084A and AR21-084B identifies a webshell observed in post-compromised Microsoft Exchange Servers. After successful exploiting a Microsoft Exchange Server...

Fortinet FortiOS System File Leak

The Cybersecurity and Infrastructure Security Agency CISA is aware of the possible exposure of passwords on Fortinet devices that are vulnerable to CVE 2018-13379. Exploitation of this vulnerability may allow an unauthenticated attacker to access FortiOS system files. Potentially affected devices...

Microsoft Releases Outlook for Android Security Update

Microsoft has released an update to address a vulnerability in Outlook for Android. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Microsoft Security...

ISC Releases Security Advisory for BIND

The Internet Systems Consortium ISC has released a security advisory that addresses a vulnerability affecting multiple versions of ISC Berkeley Internet Name Domain BIND. Under certain conditions, a remote attacker could exploit this vulnerability to modify records on an affected server. NCCIC...

Cisco Releases Multiple Security Advisories

Cisco has released four security advisories to address vulnerabilities affecting Cisco Unified Contact Center, Cisco WebEx Player, Cisco Security Agent, and Cisco Unified Communication Manager. These vulnerabilities may allow an attacker to execute arbitrary code or obtain sensitive information...

Apple Releases Security Updates to Address Multiple Vulnerabilities

Apple has released Mac OS X 10.6.8 and Security Update 2011-004 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, disclose sensitive information, or cause a denial-of-service condition. US-CERT encourages users and administrators to review...

Oracle Releases Security Alert for WebLogic Server Vulnerability

Oracle has released a security alert to address a vulnerability in Oracle WebLogic Server. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands on an affected system. US-CERT encourages users and administrators to review the Oracle security...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-49035link is external Microsoft Partner Center Improper Access Control Vulnerability CVE-2023-34192link is external Synacor Zimbra Collaboration Suite ZCS...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-21412 Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability CVE-2024-21351 Microsoft Windows SmartScreen Security Feature Bypass...

CISA Releases Guidance for Addressing Citrix NetScaler ADC and Gateway Vulnerability CVE-2023-4966, Citrix Bleed

Today, CISA, in response to active, targeted exploitation, released guidance for addressing Citrix NetScaler ADC and Gateway vulnerability CVE-2023-4966. The vulnerability, also known as Citrix Bleed, could allow a cyber actor to take control of an affected system. CISA recommends organizations...

CISA Releases Fifteen Industrial Control Systems Advisories

CISA released fifteen 15 Industrial Control Systems ICS advisories on February 16, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories f...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view the newly adde...

ICSJWG Spring 2022 Virtual Meeting

The Industrial Control Systems Joint Working Group ICSJWG will hold its Spring 2022 Virtual Meeting April 26–27. ICSJWG meetings facilitate relationship building among critical infrastructure stakeholders and owners/operators of industrial control systems, idea exchanges regarding critical issues...

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessa...

Google Releases Security Updates for Chrome

Google has released Chrome version 95.0.4638.54 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update as so...

Intel Releases Multiple Security Updates

Intel has released security updates to address vulnerabilities multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Intel advisories and apply the necessary updates: NUC 9...

VMware Releases Security Updates for Multiple Products

VMware has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to gain access to confidential information. CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0016 and apply the necessary...

CISA and NIST Release New Interagency Resource: Defending Against Software Supply Chain Attacks

A software supply chain attack—such as the recent SolarWinds Orion attack—occurs when a cyber threat actor infiltrates a software vendor’s network and employs malicious code to compromise the software before the vendor sends it to their customers. The compromised software can then further...

Google Releases Security Updates for Chrome

Google has released Chrome version 87.0.4280.88 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...

Microsoft Releases Security Update for Edge

Microsoft has released a security update to address a vulnerability in Edge Chromium-based. A remote attacker could exploit this vulnerability to write files to arbitrary locations and gain elevated privileges. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...

NCSC-NZ Releases Annual Cyber Threat Report

The New Zealand National Cyber Security Centre NCSC-NZ has released their annual report detailing cyber threats and incidents affecting New Zealand from July 2018 to June 2019. During this period, NCSC-NZ recorded an increase in the severity of cybersecurity incidents—particularly from...

Intel Releases Security Updates, Mitigations for Multiple Products

Intel has released security updates and recommendations to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain an escalation of privileges on a previously infected machine. The Cybersecurity and Infrastructure Security Agency CISA encourag...

Oracle Releases Security Alert

Oracle has released a security alert to address a vulnerability in multiple versions of Oracle Database. A remote attacker could exploit this vulnerability to take control of an affected system. NCCIC encourages users and administrators to review the Oracle Security Alert and the Multi-State...

BlueBorne Bluetooth Vulnerabilities

US-CERT is aware of a collection of Bluetooth vulnerabilities, known as BlueBorne, potentially affecting millions of unpatched mobile phones, computers, and Internet of Things IoT devices. A remote attacker could exploit several of these vulnerabilities to take control of affected devices. US-CER...

Adobe Releases Security Update for ColdFusion

Adobe has released a security hotfix for ColdFusion 10, 9.0.2, 9.0.1, and 9.0 for Windows, Macintosh, and UNIX. This hotfix addresses a vulnerability CVE-2013-1389 that could allow a remote attacker to execute arbitrary code and a vulnerability CVE-2013-3336 that could permit an unauthorized user...

Adobe Releases Flash Player Update

Adobe has released an update for Flash Player to address multiple vulnerabilities. These vulnerabilities affect Adobe Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris, and Adobe Flash Player 10.1.106.16 and earlier versions for Android. Exploitation of thes...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-21385link is external Qualcomm Multiple Chipsets Memory Corruption Vulnerability CVE-2026-22719link is external Broadcom VMware Aria Operations Command...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-59718link is external Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability This type of vulnerability is a frequent atta...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-49138link is external Microsoft Windows Common Log File System CLFS Driver Heap-Based Buffer Overflow Vulnerability These types of vulnerabilities are frequent...

CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities With Additional Releases

Today, CISA updated its guidance addressing two vulnerabilities, CVE-2023-20198 and CVE-2023-20273, affecting Cisco’s Internetworking Operating System IOS XE Software Web User Interface UI. The guidance now notes that Cisco has fixed these vulnerabilities for the 17.6 Cisco IOS XE software releas...

CISA Releases Two Industrial Control Systems Advisories

CISA released two 2 Industrial Control Systems ICS advisories on February 21, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on February 2, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

Microsoft Warns of Destructive Malware Targeting Ukrainian Organizations

Microsoft has released a blog post on possible Master Boot Record MBR Wiper activity targeting Ukrainian organizations, including Ukrainian government agencies. According to Microsoft, powering down the victim device executes the malware, which overwrites the MBR with a ransom note; however, the...

CISA Releases Capacity Enhancement Guides to Enhance Mobile Device Cybersecurity for Consumers and Organizations

CISA has released actionable Capacity Enhancement Guides CEGs to help users and organizations improve mobile device cybersecurity. The CEG: Mobile Device Cybersecurity Checklist for Consumers provides steps for consumers, including using strong authentication and enabling automatic operating syst...

New Federal Government Cybersecurity Incident and Vulnerability Response Playbooks

The White House, via Executive Order EO 14028: Improving the Nation’s Cybersecurity, tasked CISA, as the operational lead for federal cybersecurity, to “develop a standard set of operational procedures i.e., playbook to be used in planning and conducting cybersecurity vulnerability and incident...

GoCD Authentication Vulnerability

GoCD has released a security update to address a critical authentication vulnerability in GoCD versions 20.6.0 through 21.2.0. GoCD is an open-source Continuous Integration and Continuous Delivery system. A remote attacker could exploit this vulnerability to obtain sensitive information. CISA...

CISA Insights: Guidance for MSPs and Small- and Mid-sized Businesses

CISA has released CISA Insights: Guidance for Managed Service Providers MSPs and Small- and Mid-sized Businesses, which provides mitigation and hardening guidance to help these organizations strengthen their defenses against cyberattacks. Many small- and mid-sized businesses use MSPs to manage IT...

FBI-DHS-CISA Joint Advisory on Russian Foreign Intelligence Service Cyber Operations

The Federal Bureau of Investigation FBI, Department of Homeland Security, and CISA have released a Joint Cybersecurity Advisory CSA addressing Russian Foreign Intelligence Service SVR cyber actors—also known as Advanced Persistent Threat 29 APT 29, the Dukes, CozyBear, and Yttrium—continued...

Apple Releases Security Updates for iCloud for Windows

Apple has released security updates to address vulnerabilities in iCloud for Windows. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Apple...

Google Releases Security Updates for Chrome

Google has released Chrome version 87.0.4280.66 for Windows, Mac, and Linux to address multiple vulnerabilities. Some of these vulnerabilities could allow an attacker to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrato...

Apple Releases Security Updates

Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the App...

ISC Releases Security Advisories for BIND

The Internet Systems Consortium ISC has released security advisories that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain BIND. A remote attacker could exploit one of these vulnerabilities to obtain sensitive information. The Cybersecurity and Infrastructu...

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in Cisco Integrated Management Controller IMC Supervisor, Unified Computing System UCS Director, and UCS Director Express for Big Data. A remote attacker could exploit these vulnerabilities to take control of an affected system. The...

Oracle Releases July 2019 Security Bulletin

Oracle has released its Critical Patch Update for July 2019 to address 319 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...

Microsoft Releases Security Update

Microsoft has released a security update to address a vulnerability in the Windows Host Compute Service Shim hcsshim library. A remote attacker could exploit this vulnerability to take control of an affected system. NCCIC encourages users and administrators to review the Microsoft Security Adviso...

Creating and Managing Strong Passwords

NCCIC/US-CERT reminds users of the importance of creating and managing strong passwords. Passwords are often the only barrier between you and your personal information. There are several programs attackers can use to help guess or "crack" passwords. However, choosing strong passwords and keeping...

FCC Promotes Best Practices for SS7 Communications

The Federal Communications Commission FCC has released a public notice encouraging communications service providers to voluntarily use security best practices recommended by the Communications Security, Reliability, and Interoperability Council CSRIC, a federal advisory committee to the FCC. Thes...

Cisco Releases Security Updates

Cisco has released security updates to address a vulnerability in its WebEx browser extensions. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Cisco Security Advisory and Vulnerability...

CERT Releases Oracle Java 7 Security Advisory

CERT released Vulnerability Note VU625617 to address a vulnerability in Oracle Java Runtime Environment JRE 7 and earlier that is currently being exploited in the wild. This vulnerability may allow an attacker to execute arbitrary code on vulnerable systems. US-CERT encourages users and...