CISA Releases Update to Royal Ransomware Advisory

Today, the Federal Bureau of Investigation FBI and the Cybersecurity and Infrastructure Security Agency CISA released an update to joint Cybersecurity Advisory CSA StopRansomware: Royal Ransomware. The updated advisory provides network defenders with additional information on tactics, techniques,...

ASD's ACSC and CISA Release Business Continuity in a Box

Today, the Australian Signals Directorate’s Australian Cyber Security Centre ASD's ACSC and CISA released Business Continuity in a Box. Business Continuity in a Box, developed by ACSC with contributions from CISA, assists organizations with swiftly and securely standing up critical business...

CISA Adds Six Known Exploited Vulnerabilities to Catalog

CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-47246 SysAid Server Path Traversal Vulnerability CVE-2023-36844 Juniper Junos OS EX Series PHP External Variable Modification Vulnerability CVE-2023-36845...

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on November 9, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-313-01 Johnson Controls Quantum HD Unity ICSA-23-313-02 Hitachi Energy eSOMS...

CISA, NSA, and Partners Release New Guidance on Securing the Software Supply Chain

Today, CISA, the National Security Agency NSA, and partners released Securing the Software Supply Chain: Recommended Practices for Software Bill of Materials Consumption. Developed through the Enduring Security Framework ESF, this guidance provides software developers and suppliers with industry...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-29552 Service Location Protocol SLP Denial-of-Service Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pos...

CISA Releases Guidance for Addressing Citrix NetScaler ADC and Gateway Vulnerability CVE-2023-4966, Citrix Bleed

Today, CISA, in response to active, targeted exploitation, released guidance for addressing Citrix NetScaler ADC and Gateway vulnerability CVE-2023-4966. The vulnerability, also known as Citrix Bleed, could allow a cyber actor to take control of an affected system. CISA recommends organizations...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-22518 Atlassian Confluence Data Center and Server Improper Authorization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on November 7, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-311-01 GE MiCOM S1 Agile CISA encourages users and administrators to review the newly...

FEMA and CISA Release Joint Guidance on Planning Considerations for Cyber Incidents

Today, the Federal Emergency Management Agency FEMA and the Cybersecurity and Infrastructure Security Agency CISA released the joint guide Planning Considerations for Cyber Incidents: Guidance for Emergency Managers to provide state, local, tribal, and territorial SLTT emergency managers with...

CISA Published When to Issue VEX Information

Today, CISA published When to Issue Vulnerability Exploitability eXchange VEX Information, developed by a community of industry and government experts with the goal to offer some guidance and structure for the software security world, including the large and growing global SBOM community. This...

Cisco Releases Security Advisories for Multiple Products

Cisco released security advisories for vulnerabilities affecting multiple Cisco products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary...

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on November 2, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-306-01 Red Lion Crimson ICSA-23-306-02 Mitsubishi Electric MELSEC iQ-F Series CPU Modu...

Atlassian Releases Security Advisory for Confluence Data Center and Server

Atlassian released a security advisory to address a vulnerability CVE-2023-22518 affecting Confluence Data Center and Server. A cyber actor could exploit this vulnerability to obtain sensitive information. CISA encourages users and administrators to review CVE-2023-22518 - Improper Authorization...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-46604 Apache ActiveMQ Deserialization of Untrusted Data Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and...

CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities

Today, CISA updated its guidance addressing two vulnerabilities, CVE-2023-20198 and CVE-2023-20273, affecting Cisco’s Internetworking Operating System IOS XE Software Web User Interface UI. The guidance now notes that Cisco has fixed these vulnerabilities for the 17.3 Cisco IOS XE software releas...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-46747 F5 BIG-IP Authentication Bypass Vulnerability CVE-2023-46748 F5 BIG-IP SQL Injection Vulnerability These types of vulnerabilities are frequent attack...

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on October 31, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-304-02 INEA ME RTU ICSA-23-304-03 Zavio IP Camera ICSA-23-208-03 Mitsubishi Electric...

VMware Releases Advisory for VMware Tools Vulnerabilities

VMware released a security advisory addressing multiple vulnerabilities CVE-2023-34057, CVE-2023-34058 in VMware Tools. A cyber actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the VMware advisory...

CISA Announces Launch of Logging Made Easy

Today, CISA announces the launch of a new version of Logging Made Easy LMElink is external, a straightforward log management solution for Windows-based devices that can be downloaded and self-installed for free. CISA’s version reimagines technology developed by the United Kingdom’s National Cyber...

CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities With Additional Releases

Today, CISA updated its guidance addressing two vulnerabilities, CVE-2023-20198 and CVE-2023-20273, affecting Cisco’s Internetworking Operating System IOS XE Software Web User Interface UI. The guidance now notes that Cisco has fixed these vulnerabilities for the 17.6 Cisco IOS XE software releas...

Apple Releases Security Advisories for Multiple Products

Apple has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the following advisories and apply the necessary updates:...

VMware Releases Security Advisory for vCenter Server

VMware released a security advisory for vulnerabilities CVE-2023-34048, CVE-2023-34056 affecting the VMware vCenter Serverlink is external. A remote cyber actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-5631 Roundcube Webmail Persistent Cross-Site Scripting XSS Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors an...

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on October 26, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-299-01 Dingtian DT-R002 ICSA-23-299-02 Centralite Pearl Thermostat ICSA-23-299-03...

Mozilla Releases Security Advisories for Multiple Products

Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Mozilla advisories for more...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on October 24, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-297-01 Rockwell Automation Stratix 5800 and Stratix 5200 CISA encourages users and...

CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities

Today, CISA updated its guidance addressing two vulnerabilities, CVE-2023-20198 and CVE-2023-20273, affecting Cisco’s Internetworking Operating System IOS XE Software Web User Interface UI. The guidance now notes that Cisco has fixed these vulnerabilities for the 17.9 Cisco IOS XE software releas...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-20273 Cisco IOS XE Web UI Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

CISA Releases Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities

Today, CISA, in response to active, widespread exploitation, released guidance addressing two vulnerabilities, CVE-2023-20198 and CVE-2023-20273, affecting Cisco’s Internetworking Operating System IOS XE Software Web User Interface UI. An unauthenticated remote actor could exploit these...

CISA Releases Fact Sheet on Effort to Revise the National Cyber Incident Response Plan (NCIRP)

Today, the Cybersecurity and Infrastructure Security Agency CISA released a fact sheet on the effort to revise the National Cyber Incident Response Plan NCIRP. Through the Joint Cyber Defense Collaborative JCDC, CISA will work to ensure that the updated NCIRP addresses significant changes in poli...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-4966 Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability CVE-2021-1435 Cisco IOS XE Web UI Command Injection Vulnerability These types of...

CISA, NSA, FBI, and MS-ISAC Release Update to #StopRansomware Guide

Today, the Cybersecurity and Infrastructure Security Agency CISA, the National Security Agency NSA, the Federal Bureau of Investigation FBI, and the Multi-State Information Sharing and Analysis Center MS-ISAC released an updated version of the joint StopRansomware Guide. The update includes new...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on October 19, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-143-02 Hitachi Energy’s RTU500 Series Product UPDATE B CISA encourages users and...

Oracle Releases October 2023 Critical Patch Update Advisory

Oracle has released its Critical Patch Update Advisory for October 2023 to address 387 vulnerabilities across multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Oracle...

CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance

Today, the Cybersecurity Infrastructure and Security Agency CISA, the National Security Agency NSA, the Federal Bureau of Investigation FBI, and the Multi-State Information Sharing and Analysis Center MS-ISAC released a joint guide, Phishing Guidance: Stopping the Attack Cycle at Phase One. The...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on October 17, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-290-01 Schneider Electric EcoStruxure Power Monitoring Expert and Power Operation...

CISA, NSA, FBI, and International Partners Release Updated Secure by Design Guidance

Today, the U.S. Cybersecurity and Infrastructure Security Agency CISA, National Security Agency NSA, and Federal Bureau of Investigation FBI released an update to Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Security-by- Design and -Default with the following...

CISA, FBI, and MS-ISAC Release Joint Advisory on Atlassian Confluence Vulnerability CVE-2023-22515

Today, CISA, the Federal Bureau of Investigation FBI, and the Multi-State Information Sharing and Analysis Center MS-ISAC released a joint Cybersecurity Advisory CSA in response to the active exploitation of CVE-2023-22515. This critical vulnerability affects certain versions of Atlassian...

Cisco Releases Security Advisory for IOS XE Software Web UI

Cisco released a security advisory to address a vulnerability CVE-2023-20198 affecting IOS XE Software Web UIlink is external. A cyber threat actor can exploit this vulnerability to take control of an affected device. CISA encourages users and administrators to review the Cisco security...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-20198 Cisco IOS XE Web UI Privilege Escalation Vulnerabilitylink is external These types of vulnerabilities are frequent attack vectors for malicious cyber actor...

CISA Releases Nineteen Industrial Control Systems Advisories

CISA released nineteen Industrial Control Systems ICS advisories on October 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-285-01 Siemens SIMATIC CP products ICSA-23-285-02 Siemens SCALANCE W1750D...

CISA Releases New Resources Identifying Known Exploited Vulnerabilities and Misconfigurations Linked to Ransomware

Today, as part of the Ransomware Vulnerability Warning Pilot RVWP, CISA launched two new resources for combating ransomware campaigns: A “Known to be Used in Ransomware Campaigns” column in the KEV Catalog that identifies KEVs associated with ransomware campaigns. A “Misconfigurations and...

Fortinet Releases Security Updates for Multiple Products

Fortinet has released security advisories addressing vulnerabilities in multiple products. These vulnerabilities may allow cyber threat actors to take control of the affected systems. CISA encourages users and administrators to review the following Fortinet security advisories and apply the...

FBI and CISA Release Update on AvosLocker Advisory

Today, the Federal Bureau of Investigation FBI and the Cybersecurity and Infrastructure Security Agency CISA released a joint Cybersecurity Advisory CSA, StopRansomware: AvosLocker Ransomware Update to disseminate known indicators of compromise IOCs, tactics, techniques, and procedures TTPs, and...

Microsoft Releases October 2023 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s October 2023 Security Update Guidelink is...

Citrix Releases Security Updates for Multiple Products

Citrix has released security updates to address vulnerabilities affecting multiple products. A malicious cyber actor can exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Citrix security bulletins and apply...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on October 10, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-19-029-02 Mitsubishi Electric MELSEC-Q Series PLCs CISA Update A CISA encourages users and...

HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487

Researchers and vendors have disclosed a denial-of-service DoS vulnerability in HTTP/2 protocollink is external. The vulnerability CVE-2023-44487link is external, known as Rapid Reset, has been exploited in the wild in August 2023 through October 2023. CISA recommends organizations that provide...

CISA Adds Five Known Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation: CVE-2023-21608 Adobe Acrobat and Reader Use-After-Free Vulnerability CVE-2023-20109 Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerabilit...