CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-21893 Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery SSRF Vulnerability These types of vulnerabilities are frequent attack vectors...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2022-48618 Apple Multiple Products Memory Corruption Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

CISA Releases Eight Industrial Control Systems Advisories

CISA released eight Industrial Control Systems ICS advisories on January 30, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-030-01 Emerson Rosemount GC370XA, GC700XA, GC1500XA ICSA-24-030-02 Mitsubishi Electr...

Juniper Networks Releases Security Bulletin for J-Web in Junos OS SRX Series and EX Series

Juniper Networks released a security bulletin to address multiple vulnerabilities for J-Web in Junos OS SRX Series and EX Series. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Juniper...

Guidance: Assembling a Group of Products for SBOM

Today, CISA published Guidance on Assembling a Group of Products created by the Software Bill of Materials SBOM Tooling & Implementation Working Group, one of the five SBOM community-driven workstreams facilitated by CISA. CISA’s community-driven working groups publish documents and reports to...

Cisco Releases Security Advisory for Multiple Unified Communications and Contact Center Solutions Products

Cisco released a security advisory to address a vulnerability CVE-2024-20253 affecting multiple Unified Communications Products. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Cisco Unified...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on January 25, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-025-01 MachineSense FeverWarn ICSA-24-025-02 SystemK NVR 504/508/516 CISA encourages...

Mozilla Releases Security Updates for Thunderbird and Firefox

Mozilla has released security updates to address vulnerabilities in Thunderbird and Firefox. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-22527 Atlassian Confluence Data Center and Server Template Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber...

CISA Joins ACSC-led Guidance on How to Use AI Systems Securely

CISA has collaborated with the Australian Signals Directorate’s Australian Cyber Security Centre ASD’s ACSC on Engaging with Artificial Intelligencelink is external—joint guidance, led by ACSC, on how to use AI systems securely. The following organizations also collaborated with ACSC on the...

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on January 23, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-023-01 APsystems Energy Communication Unit ECU-C Power Control Software ICSA-24-023-02...

Apple Releases Security Updates for Multiple Products

Apple has released security updates for iOS and iPadOS, macOS, Safari, watchOS, and tvOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security releaselink is external and apply...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-23222 Apple Multiple Products Type Confusion Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-34048 VMware vCenter Server Out-of-Bounds Write Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

CISA Issues Emergency Directive on Ivanti Vulnerabilities

CISA has issued Emergency Directive ED 24-01 Mitigate Ivanti Connect Secure and Ivanti Policy Secure Vulnerabilities in response to active vulnerabilities in the following Ivanti products: Ivanti Connect Secure and Ivanti Policy Secure. ED 24-01 directs all Federal Civilian Executive Branch FCEB...

Incident Response Guide for the WWS Sector

Today, CISA, the Federal Bureau of Investigation FBI, and the Environmental Protection Agency released a joint Incident Response Guide for the Water and Wastewater Systems WWS Sector. The guide includes contributions from over 25 WWS Sector organizations spanning private industry, nonprofit, and...

Drupal Releases Security Advisory for Drupal Core

Drupal released a security advisory to address a vulnerability affecting multiple Drupal core versions. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review Drupal security advisory SA-CORE-2024-001link is...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-35082 Ivanti Endpoint Manager Mobile EPMM and MobileIron Core Authentication Bypass Vulnerability These types of vulnerabilities are frequent attack vectors for...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on January 18, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-018-01 AVEVA PI Server CISA encourages users and administrators to review the newly...

Oracle Releases Critical Patch Update Advisory for January 2024

Oracle released its Critical Patch Update Advisory for January 2024 to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Oracle’s January 2024...

Citrix Releases Security Updates for NetScaler ADC and NetScaler Gateway

Citrix released security updates to address vulnerabilities CVE-2023-6548 and CVE-2023-6549 in NetScaler ADC and NetScaler Gateway. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Citrix...

Atlassian Releases Security Updates for Multiple Products

Atlassian released a security advisory to address a vulnerability CVE-2023-22527 in out-of-date versions of Confluence Data Center and Server as well as its January 2024 security bulletin to address vulnerabilities in multiple products. A malicious cyber actor could exploit one of these...

VMware Releases Security Advisory for Aria Automation

VMware released a security advisory to address a vulnerability CVE-2023-34063 in Aria Automation. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2024-0001link is external...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-6549 Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability CVE-2023-6548 Citrix NetScaler ADC and NetScaler Gateway Code Injection...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2018-15133 Laravel Deserialization of Untrusted Data Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on January 16, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-016-01 SEW-EURODRIVE MOVITOOLS MotionStudio ICSA-24-016-02 Integration Objects OPC UA...

CISA and FBI Release Known IOCs Associated with Androxgh0st Malware

Today, CISA and the Federal Bureau of Investigation FBI released a joint Cybersecurity Advisory CSA, Known Indicators of Compromise Associated with Androxgh0st Malware, to disseminate known indicators of compromise IOCs and tactics, techniques, and procedures TTPs associated with threat actors...

Ivanti Releases Security Update for Connect Secure and Policy Secure Gateways

Ivanti has released a security updatelink is external to address an authentication bypass vulnerability CVE-2023-46805link is external and a command injection vulnerability CVE-2024-21887link is external in all supported versions 9.x and 22.x of Connect Secure and Policy Secure gateways. A cyber...

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on January 11, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-011-03 Rapid Software LLC Rapid SCADA ICSA-24-011-04 Horner Automation Cscape...

Juniper Networks Releases Security Bulletin for Junos OS and Junos OS Evolved

Juniper Networks has released a security advisory to address a vulnerability CVE-2024-21611 in Junos OS and Junos OS Evolved. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review the Juniper Advisory...

Cisco Releases Security Advisory for Cisco Unity Connection

Cisco released a security advisory to address a vulnerability CVE-2024-20272 in Cisco Unity Connection. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Cisco Unity Connection Unauthenticated...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-21887 Ivanti Connect Secure and Policy Secure Command Injection Vulnerability CVE-2023-46805 Ivanti Connect Secure and Policy Secure Authentication Bypass...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-29357 Microsoft SharePoint Server Privilege Escalation Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and po...

Microsoft Releases Security Updates for Multiple Products

Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s January Security Update Guidelink is...

Fortinet Releases Security Updates for FortiOS and FortiProxy

Fortinet has released a security update to address a vulnerability in FortiOS and FortiProxy software. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the FG-IR-23-315 FortiOS & FortiProxy - Improper...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on January 9, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-348-01 Cambium ePMP 5GHz Force 300-25 Radio Update A CISA encourages users and...

CISA Adds Six Known Exploited Vulnerabilities to Catalog

CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-38203 Adobe ColdFusion Deserialization of Untrusted Data Vulnerability CVE-2023-29300 Adobe ColdFusion Deserialization of Untrusted Data Vulnerability...

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on January 4, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-004-01 Rockwell Automation FactoryTalk Activation ICSA-24-004-02 Mitsubishi Electric...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-7024 Google Chromium WebRTC Heap Buffer Overflow Vulnerability CVE-2023-7101 Spreadsheet::ParseExcel Remote Code Execution Vulnerability These types of...

Juniper Releases Security Advisory for Juniper Secure Analytics

Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure Analytics. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Juniper advisory JSA75636link ...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on December 21, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-355-01 FXC AE1021/AE1021PE ICSA-23-355-02 QNAP VioStor NVR CISA encourages users and...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-49897 FXC AE1021, AE1021PE OS Command Injection Vulnerability CVE-2023-47565 QNAP VioStor NVR OS Command Injection Vulnerability These types of vulnerabilities...

CISA Releases Microsoft 365 Secure Configuration Baselines and SCuBAGear Tool

CISA has published the finalized Microsoft 365 Secure Configuration Baselines, designed to bolster the security and resilience of organizations’ Microsoft 365 M365 cloud services. This guidance release is accompanied by the updated SCuBAGear toollink is external that assesses organizations’ M365...

Apple Releases Security Updates for Multiple Products

Apple has released security updates to address vulnerabilities in Safari, iOS, iPadOS, and macOS Sonoma. A cyber threat actor could exploit one of these vulnerabilities to obtain sensitive information. CISA encourages users and administrators to review Apple security releaseslink is external and...

Mozilla Releases Security Updates for Firefox and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary...

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven Industrial Control Systems ICS advisories on December 19, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-353-01 Subnet Solutions Inc. PowerSYSTEM Center ICSA-23-353-02 EFACEC BCU 500...

CISA and FBI Release Advisory on ALPHV Blackcat Affiliates

Today, CISA and the Federal Bureau of Investigation FBI released a joint Cybersecurity Advisory CSA, StopRansomware: ALPHV Blackcat, to disseminate known ALPHV Blackcat affiliates’ tactics, techniques, and procedures TTPs and indicators of compromise IOCs identified through FBI investigations as...

FBI, CISA, and ASD’s ACSC Release Advisory on Play Ransomware

Today, the Federal Bureau of Investigation FBI, Cybersecurity and Infrastructure Security Agency CISA, and the Australian Signals Directorate’s Australian Cyber Security Centre ASD's ACSC released a joint Cybersecurity Advisory CSA, StopRansomware: Play Ransomware, to disseminate Play ransomware...

CISA Releases Advisory on Cyber Resilience for the HPH Sector

Today, CISA released a Cybersecurity Advisory, Enhancing Cyber Resilience: Insights from the CISA Healthcare and Public Health Sector Risk and Vulnerability Assessment, that details findings from our risk and vulnerability assessments of a Health and Public Health HPH Sector organization. CISA...

CISA Secure by Design Alert Urges Manufacturers to Eliminate Default Passwords

Today, CISA published guidance on How Manufacturers Can Protect Customers by Eliminating Default Passwords as a part of our new Secure by Design SbD Alert series. This SbD Alert urges technology manufacturers to proactively eliminate the risk of default password exploitation by implementing...