CISA and NSA Release Cybersecurity Information Sheets on Cloud Security Best Practices

Today, CISA and the National Security Agency NSA released five joint Cybersecurity Information Sheets CSIs to provide organizations with recommended best practices and/or mitigations to improve the security of their cloud environments. Use Secure Cloud Identity and Access Management Practices Use...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on March 7, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-067-01 Chirp Systems Chirp Access CISA encourages users and administrators to review the...

Cisco Releases Security Updates for Secure Client

Cisco released security updates to address vulnerabilities in Cisco Secure Client and Secure Client for Linux. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the following security releases...

Apple Releases Security Updates for iOS and iPadOS

Apple released security updates to address vulnerabilities in iOS and iPadOS. A cyber threat actor could exploit one of these vulnerabilities to obtain sensitive information. CISA encourages users and administrators to review the following security releases and apply the necessary updates: iOS 17...

CISA Adds One Known Exploited JetBrains Vulnerability, CVE-2024-27198, to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-27198 JetBrains TeamCity Authentication Bypass Vulnerability CISA urges organizations to review the following JetBrains blog post and apply the necessary updates...

VMware Releases Security Advisory for Multiple Products

VMware released a security advisory to address multiple vulnerabilities in ESXi, Workstation, Fusion, and Cloud Foundation. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following VMwar...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-23225 Apple iOS and iPadOS Memory Corruption Vulnerability CVE-2024-23296 Apple iOS and iPadOS Memory Corruption Vulnerability These types of vulnerabilities a...

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on March 5, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-065-01 Nice Linear eMerge E3-Series ICSMA-24-065-01 Santesoft Sante FFT Imaging...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-21237 Android Pixel Information Disclosure Vulnerability CVE-2021-36380 Sunhillo SureLine OS Command Injection Vulnerablity These types of vulnerabilities are...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-21338 Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability These types of vulnerabilities are frequent attack vectors for...

Cisco Releases Security Advisories for Cisco NX-OS Software

Cisco released security advisories to address vulnerabilities affecting Cisco NX-OS Software. A cyber threat actor could exploit one of these vulnerabilities to cause a denial-of-service condition. CISA encourages users and administrators to review the following advisories and apply the necessary...

CISA, FBI, and MS-ISAC Release Advisory on Phobos Ransomware

Today, CISA, the Federal Bureau of Investigation FBI, and the Multi-State Information Sharing and Analysis Center MS-ISAC released a joint Cybersecurity Advisory CSA, StopRansomware: Phobos Ransomware, to disseminate known tactics, techniques, and procedures TTPs and indicators of compromise IOCs...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on February 29, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-060-01 Delta Electronics CNCSoft-B ICSMA-24-060-01 MicroDicom DICOM Viewer CISA...

CISA and Partners Release Advisory on Threat Actors Exploiting Ivanti Connect Secure and Policy Secure Gateways Vulnerabilities

Today, CISA and the following partners released joint Cybersecurity Advisory Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways: Federal Bureau of Investigation FBI Multi-State Information Sharing & Analysis Center MS-ISAC Australian Signals...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-29360 Microsoft Streaming Service Untrusted Pointer Dereference Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber acto...

CISA Releases Resource Guide for University Cybersecurity Clinics

Today, CISA released a Resource Guide for Cybersecurity Clinics to outline ways CISA can partner with and support cybersecurity clinics and their clients. University cybersecurity clinics train students from diverse backgrounds and academic expertise to strengthen the digital defenses of...

CISA, FBI, and HHS Release an Update to #StopRansomware Advisory on ALPHV Blackcat

Today, CISA, the Federal Bureau of Investigation FBI, and the Department of Health and Human Services HHS released an update to the joint advisory StopRansomware: ALPHV Blackcat to provide new indicators of compromise IOCs and tactics, techniques, and procedures TTPs associated with the ALPHV...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on February 27, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-058-01 Mitsubishi Electric Multiple Factory Automation Products ICSMA-24-058-01...

CISA, NCSC-UK, and Partners Release Advisory on Russian SVR Actors Targeting Cloud Infrastructure

CISA, in partnership with UK National Cyber Security Centre NCSC and other U.S. and international partners released the joint advisory, SVR Cyber Actors Adapt Tactics for Initial Cloud Access. This advisory provides recent tactics, techniques, and procedures TTPs used by Russian Foreign...

Updated: Top Cyber Actions for Securing Water Systems

Today, CISA, the Environmental Protection Agency EPA, and the Federal Bureau of Investigation FBI updated the joint fact sheet Top Cyber Actions for Securing Water Systems. This update includes additional resources—from American Water Works Association, the WaterISAC, and MS-ISAC—to support water...

CISA Adds One Known Exploited ConnectWise Vulnerability, CVE-2024-1709, to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-1709 ConnectWise ScreenConnect Authentication Bypass Vulnerability CISA urges organizations to review the ConnectWise Security Bulletin and apply the necessary...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on February 22, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-053-01 Delta Electronics CNCSoft-B DOPSoft CISA encourages users and administrators to...

CISA, EPA, and FBI Release Top Cyber Actions for Securing Water Systems

Today, CISA, the Environmental Protection Agency EPA, and the Federal Bureau of Investigation FBI released the joint fact sheet Top Cyber Actions for Securing Water Systems. This fact sheet outlines the following practical actions Water and Wastewater Systems WWS Sector entities can take to bette...

Mozilla Releases Security Updates for Firefox and Thunderbird

Mozilla released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Mozilla Security Advisorie...

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on February 20, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-051-01 Commend WS203VICM ICSA-24-051-02 Ethercat Zeek Plugin ICSA-24-051-03...

CISA and MS-ISAC Release Advisory on Compromised Account Used to Access State Government Organization

Today, CISA and the Multi-State Information Sharing & Analysis Center MS-ISAC released a joint Cybersecurity Advisory CSA, Threat Actor Leverages Compromised Account of Former Employee to Access State Government Organization to provide network defenders with the tactics, techniques, and procedure...

Updated: New Software Updates and Mitigations to Defend Against Exploitation of Ivanti Connect Secure and Policy Secure Gateways

Note: CISA will update this Alert with more information as it becomes available. Updated Feb. 15, 2024: On Feb. 14, 2024, Ivanti released new software updates for Ivanti Connect Secure and Ivanti Policy Secure. Review Ivanti's updated KB articlelink is external for more information. End of Feb. 1...

CISA Releases Seventeen Industrial Control Systems Advisories

CISA released seventeen Industrial Control Systems ICS advisories on February 15, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-046-01 Siemens SCALANCE W1750D ICSA-24-046-02 Siemens SIDIS Prime ICSA-24-046-0...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2020-3259 Cisco ASA and FTD Information Disclosure Vulnerability CVE-2024-21410 Microsoft Exchange Server Privilege Escalation Vulnerability These types of...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on February 13, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-044-01 Mitsubishi Electric MELSEC iQ-R Series Safety CPU and SIL2 Process CPU CISA...

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessa...

Microsoft Releases Security Updates for Multiple Products

Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s February Security Update Guidelink is...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-21412 Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability CVE-2024-21351 Microsoft Windows SmartScreen Security Feature Bypass...

ISC Releases Security Advisories for BIND 9

The Internet Systems Consortium ISC released security advisories to address vulnerabilities affecting multiple versions of ISC’s Berkeley Internet Name Domain BIND 9. A cyber threat actor could exploit one of these vulnerabilities to cause a denial-of-service condition. CISA encourages users and...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-43770link is external Roundcube Webmail Persistent Cross-Site Scripting XSS Vulnerability These types of vulnerabilities are frequent attack vectors for maliciou...

Priorities of the Joint Cyber Defense Collaborative for 2024

Today, CISA—on behalf of the collective group of industry and government partners that comprise the Joint Cyber Defense Collaborative JCDC—released JCDC’s 2024 Priorities. Similar to the 2023 JCDC Planning Agenda, JCDC’s 2024 Priorities will help focus the collective group on developing high-impa...

Fortinet Releases Security Advisories for FortiOS

Fortinet released security updates to address critical remote code execution vulnerabilities in FortiOS CVE-2024-21762, CVE-2024-23313. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. Note : According to Fortinet, CVE-2024-21762 is potentially being...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-21762 Fortinet FortiOS Out-of-Bound Write Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significan...

JetBrains Releases Security Advisory for TeamCity On-Premises

JetBrains released a security advisory to address a vulnerability CVE-2024-23917 in TeamCity On-Premises. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Critical Security Issue Affecting TeamCity...

Cisco Releases Security Advisory for Vulnerabilities in Cisco Expressway Series

Cisco released a security advisory to address vulnerabilities affecting Cisco Expressway Series. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Cisco Expressway Serieslink is external...

CISA Partners With OpenSSF Securing Software Repositories Working Group to Release Principles for Package Repository Security

Today, CISA partnered with the Open Source Security Foundation OpenSSF Securing Software Repositories Working Group to publish the Principles for Package Repository Securitylink is external framework. Recognizing the critical role package repositories play in securing open source software...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on February 8, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-039-01 Qolsys IQ Panel 4, IQ4 HUB ICSA-23-082-06 ProPump and Controls Osprey Pump...

CISA and Partners Release Advisory on PRC-sponsored Volt Typhoon Activity and Supplemental Living Off the Land Guidance

Today, CISA, the National Security Agency NSA, and the Federal Bureau of Investigation FBI released a joint Cybersecurity Advisory CSA, PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure alongside supplemental Joint Guidance: Identifying and...

VMware Releases Security Advisory for Aria Operations for Networks

VMware released a security advisory to address multiple vulnerabilities in Aria Operations for Networks. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware security advisory...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on February 6, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-037-01 HID Global Encoders ICSA-24-037-02 HID Global Reader Configuration Cards CISA...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-4762 Google Chromium V8 Type Confusion Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant...

Juniper Networks Releases Security Bulletin for Juniper Secure Analytics

Juniper Networks released a security bulletin to address multiple vulnerabilities affecting Juniper Secure Analytics optional applications. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on February 1, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-032-01 Gessler GmbH WEB-MASTER ICSA-24-032-03 AVEVA Edge products formerly known as...

Moby and Open Container Initiative Release Critical Updates for Multiple Vulnerabilities Affecting Docker-related Components

Moby and the Open Container Initiative OCI have released updates for multiple vulnerabilities CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-21626 affecting Docker-related components, including Moby BuildKit and OCI runc. A cyber threat actor could exploit these vulnerabilities to take...

CISA and FBI Release Secure by Design Alert Urging Manufacturers to Eliminate Defects in SOHO Routers

Today, CISA and the Federal Bureau of Investigation FBI published guidance on Security Design Improvements for SOHO Device Manufacturers as a part of the new Secure by Design SbD Alert series that focuses on how manufacturers should shift the burden of security away from customers by integrating...