CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-29824link is external Ivanti Endpoint Manager EPM SQL Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber acto...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on October 1, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-275-01 Optigo Networks ONS-S8 Spectra Aggregation Switch ICSA-24-275-02 Mitsubishi...

ASD’s ACSC, CISA, FBI, NSA, and International Partners Release Guidance on Principles of OT Cybersecurity for Critical Infrastructure Organizations

Today, the Australian Signals Directorate’s Australian Cyber Security Centre ASD’s ACSC—in partnership with CISA, U.S. government and international partners—released the guide Principles of Operational Technology Cybersecuritylink is external. This guidance provides critical information on how to...

CISA’s VDP Platform 2023 Annual Report Showcases Success

Today, the Cybersecurity and Infrastructure Security Agency CISA released its Vulnerability Disclosure Policy VDP Platform 2023 Annual Report, highlighting the service’s remarkable success in 2023, its second full year of operation. Throughout 2023, CISA focused on advocating for the increased...

ASD’s ACSC, CISA, and US and International Partners Release Guidance on Detecting and Mitigating Active Directory Compromises

Today, the Australian Signals Directorate Australian Cyber Security Centre ASD ACSC, the Cybersecurity and Infrastructure Security Agency CISA, and other U.S. and international partners released the joint guide Detecting and Mitigating Active Directory Compromiseslink is external. This guide...

Cisco Releases Security Updates for IOS and IOS XE Software

Cisco released its September 2024 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication to address vulnerabilities in IOS and IOS XE. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and...

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on September 26, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-270-01 Advantech ADAM-5550 ICSA-24-270-02 Advantech ADAM-5630 ICSA-24-270-03 Atelmo...

CISA Warns of Hurricane-Related Scams

As Hurricane Helene approaches, CISA urges users to remain on alert for potential malicious cyber activity. Fraudulent emails and social media messages—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with...

Threat Actors Continue to Exploit OT/ICS through Unsophisticated Means

CISA continues to respond to active exploitation of internet-accessible operational technology OT and industrial control systems ICS devices, including those in the Water and Wastewater Systems WWS Sector. Exposed and vulnerable OT/ICS systems may allow cyber threat actors to use default...

CISA Adds Four Known Exploited Vulnerabilities to Catalog

Updated September 25, 2024 CISA has removed one vulnerability from its Known Exploited Vulnerabilities Catalog, based on information found in the FAQ section of Microsoft's Security Update Guide for CVE-2024-43491link is external. CVE-2024-43491link is external Microsoft Windows Update Remote Cod...

Citrix Releases Security Updates for XenServer and Citrix Hypervisor

Citrix released security updates to address multiple vulnerabilities in XenServer and Citrix Hypervisor. A cyber threat actor could exploit some of these vulnerabilities to cause a denial of service condition. CISA encourages users and administrators to review the following and apply necessary...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-7593link is external Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability These types of vulnerabilities are frequent attack vectors for malicious...

CISA Releases Eight Industrial Control Systems Advisories

CISA released eight Industrial Control Systems ICS advisories on September 24, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-268-01 OPW Fuel Management Systems SiteSentinel ICSA-24-268-02 Alisonic Sibylla...

Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-45229

Versa Networks has released an advisory for a vulnerability CVE-2024-45229link is external affecting Versa Director. A cyber threat actor could exploit this vulnerability to exercise unauthorized REST APIs. CISA urges organizations to apply necessary updates, hunt for any malicious activity, repo...

VMware Releases Security Advisory for VMware Cloud Foundation and vCenter Server

VMware released a security advisory addressing vulnerabilities in the VMware Cloud Foundation and the vCenter Server. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following VMware...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-8963link is external Ivanti Cloud Services Appliance CSA Path Traversal Vulnerability These types of vulnerabilities are frequent attack vectors for malicious...

Ivanti Releases Admin Bypass Security Update for Cloud Services Appliance

Ivanti has released a security update to address an admin bypass vulnerability CVE-2024-8963link is external affecting Ivanti Cloud Services Appliance CSA version 4.6. A cyber threat actor could exploit this vulnerability in conjunction with CVE-2024-8190link is external–detailed in a Sept. 13...

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on September 19, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-263-01 Rockwell Automation RSLogix 5 and RSLogix 500 ICSA-24-263-02 IDEC PLCs...

Apple Releases Security Updates for Multiple Products

Apple released security updates to address vulnerabilities in multiple Apple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply necessary updates: i...

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-27348link is external Apache HugeGraph-Server Improper Access Control Vulnerability CVE-2020-0618link is external Microsoft SQL Server Reporting Services Remo...

CISA and FBI Release Secure by Design Alert on Eliminating Cross-Site Scripting Vulnerabilities

Today, CISA and FBI released a Secure by Design Alert, Eliminating Cross-Site Scripting Vulnerabilities, as a part of our ongoing effort to reduce the prevalence of vulnerability classes at scale. Vulnerabilities like cross-site scripting XSS continue to appear in software, enabling threat actors...

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on September 17, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-261-01 Siemens SIMATIC S7-200 SMART Devices ICSA-24-261-02 Millbeck Communications...

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2014-0497link is external Adobe Flash Player Integer Underflow Vulnerability CVE-2013-0643link is external Adobe Flash Player Incorrect Default Permissions...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-43461link is external Microsoft Windows MSHTML Platform Spoofing Vulnerability CVE-2024-6670link is external Progress WhatsUp Gold SQL Injection Vulnerability...

New CISA Plan Aligns Federal Agencies in Cyber Defense

Today, the Cybersecurity and Infrastructure Security Agency CISA released the Federal Civilian Executive Branch FCEB Operational Cybersecurity Alignment FOCAL Plan. Developed in collaboration with FCEB agencies, this plan provides standard, essential components of enterprise operational...

CISA Releases Analysis of FY23 Risk and Vulnerability Assessments

CISA has released an analysis and infographic detailing the findings from the 143 Risk and Vulnerability Assessments RVAs conducted across multiple critical infrastructure sectors in fiscal year 2023 FY23. The analysis details a sample attack path including tactics and steps a cyber threat actor...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-8190link is external Ivanti Cloud Services Appliance OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious...

Ivanti Releases Security Update for Cloud Services Appliance

Ivanti has released a security update addressing an OS command injection vulnerability CVE-2024-8190 affecting Ivanti Cloud Services Appliance CSA 4.6 all versions before patch 519. A cyber threat actor could exploit this vulnerability to take control of an affected system. At this time, Ivanti h...

Cisco Releases Security Updates for IOS XR Software

Cisco released security updates to address vulnerabilities in Cisco ISO XR software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary updates:...

CISA Releases Twenty-Five Industrial Control Systems Advisories

CISA released twenty-five Industrial Control Systems ICS advisories on September 12, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-256-01 Siemens SINEMA Remote Connect Server ICSA-24-256-02 Siemens SINUMERIK...

Adobe Releases Security Updates for Multiple Products

Adobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the...

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisory on September 10, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-254-01 Viessmann Climate Solutions SE Vitogate 300 ICSA-24-254-02 iniNet Solutions...

Microsoft Releases September 2024 Security Updates

Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessary updates: Microsoft...

Citrix Releases Security Updates for Citrix Workspace App for Windows

Citrix released security updates to address multiple vulnerabilities in the Citrix Workspace App for Windows. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessar...

Ivanti Releases Security Updates for Endpoint Manager, Cloud Service Application, and Workspace Control

Ivanti released security updates to address multiple vulnerabilities in Ivanti Endpoint Manager, Cloud Service Application 4.6, and Workspace Control. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators t...

Cisco Releases Security Updates for Cisco Smart Licensing Utility

Cisco released security updates to address two vulnerabilities CVE-2024-20439 and CVE-2024-20440 in Cisco Smart Licensing Utility. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the followin...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2016-3714link is external ImageMagick Improper Input Validation Vulnerability CVE-2017-1000253link is external Linux Kernel PIE Stack Buffer Corruption...

FBI, CISA, NSA, and US and International Partners Release Advisory on Russian Military Cyber Actors Targeting US and Global Critical Infrastructure

Today, the Federal Bureau of Investigation FBI—in partnership with CISA, the National Security Agency NSA, and other U.S. and international partners—released a joint Cybersecurity Advisory Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure. This advisory provides...

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisory on September 5, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-249-01 Hughes Network Systems WL3000 Fusion Software ICSMA-24-249-01 Baxter Connex...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2021-20123link is external Draytek VigorConnect Path Traversal Vulnerability CVE-2021-20124link is external Draytek VigorConnect Path Traversal Vulnerability...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on September 3, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-247-01 LOYTEC Electronics LINX Series CISA encourages users and administrators to revie...

CISA and Partners Release Advisory on RansomHub Ransomware

Today, CISA—in partnership with the Federal Bureau of Investigation FBI, Multi-State Information Sharing and Analysis Center MS-ISAC, and Department of Health and Human Services HHS—released a joint Cybersecurity Advisory, StopRansomware: RansomHub Ransomware. This advisory provides network...

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on August 29, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-242-01 Rockwell Automation ThinManager ThinServer ICSA-24-242-02 Delta Electronics DT...

CISA and Partners Release Advisory on Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations

Today, CISA—in partnership with the Federal Bureau of Investigation FBI and the Department of Defense Cyber Crime Center DC3—released Iran-based Cyber Actors Enabling Ransomware Attacks on U.S. Organizations. This joint advisory warns of cyber actors, known in the private sector as Pioneer Kitten...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-7965link is external Google Chromium V8 Inappropriate Implementation Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber...

Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-39717

Versa Networks has released an advisorylink is external for a vulnerability CVE-2024-39717link is external in Versa Director, a key component in managing SD-WAN networks, used by some Internet Service Providers ISPs and Managed Service Providers MSPs. A cyber threat actor could exploit this...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-38856link is external Apache OFBiz Incorrect Authorization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors an...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-7971link is external Google Chromium V8 Type Confusion Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and po...

CISA Adds One Known Exploited Vulnerability to Catalog for Versa Networks Director

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-39717link is external Versa Director Dangerous File Type Upload Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber acto...

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on August 22, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-235-01 Rockwell Automation Emulate3D ICSA-24-235-02 Rockwell Automation 5015 – AENFTXT...