CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-27997 Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

CISA Issues BOD 23-02: Mitigating the Risk from Internet-Exposed Management Interfaces

Today, CISA issued Binding Operational Directive BOD 23-02: Mitigating the Risk from Internet-Exposed Management Interfaces, requiring Federal Civilian Executive Branch FCEB agencies to reduce risks posed by internet-exposed networked management interfaces on federal information systems. This...

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on June 13, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-164-01 Datalogics Library Third-Party ICSA-23-164-02 Rockwell Automation FactoryTalk...

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address multiple vulnerabilities in Adobe software. An attacker can exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates...

Fortinet Releases June 2023 Vulnerability Advisories

Fortinet has released its June 2023 Vulnerability Advisories to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Fortinet June 2023 Vulnerabilit...

Microsoft Releases June 2023 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s June 2023 Security Update Guidelink is external and...

Fortinet Releases Security Updates for FortiOS and FortiProxy

Fortinet has released security updates to address a heap-based buffer overflow vulnerability CVE-2023-27997 in FortiOS and FortiProxy. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Fortinet security advisory...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on June 8, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-159-01 ​Atlas Copco Power Focus 6000 ICSA-23-159-02 ​Sensormatic Electronics Illustra Pro...

VMware Releases Security Update for Aria Operations for Networks

VMware has released a security update to address multiple vulnerabilities in Aria Operations for Networks Formerly vRealize Network Insight. The vulnerabilities were evaluated to fall within the critical severity range, as a malicious actor with network access may be able to perform a command...

CISA and FBI Release #StopRansomware: CL0P Ransomware Gang Exploits MOVEit Vulnerability

CISA and FBI released a joint Cybersecurity Advisory CSA CL0P Ransomware Gang Exploits MOVEit Vulnerability in response to a recent vulnerability exploitation attributed to CL0P Ransomware Gang. This joint guide provides indicators of compromise IOCs and tactics, techniques, and procedures TTPs...

Mozilla Releases Security Updates for Multiple Products

Mozilla has released security updates to address vulnerabilities for Firefox 114 and Firefox ESR 102.12. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Mozilla’s security advisories for Firefox 114link is...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-3079 Google Chromium V8 Type Confusion Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on June 6, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-157-01 Delta Electronics CNCSoft-B DOPSoft ICSA-23-157-02 Mitsubishi Electric MELSEC iQ-R...

CISA and Partners Release Joint Guide to Securing Remote Access Software

Today, CISA, Federal Bureau of Investigation FBI, the National Security Agency NSA, Multi-State Information Sharing and Analysis Center MS-ISAC, and the Israel National Cyber Directorate INCD released the Guide to Securing Remote Access Software. This new joint guide is the result of a...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-33009 Zyxel Multiple Firewalls Buffer Overflow Vulnerability CVE-2023-33010 Zyxel Multiple Firewalls Buffer Overflow Vulnerability These types of vulnerabiliti...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-34362 Progress MOVEit Transfer SQL Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

Progress Software Releases Security Advisory for MOVEit Transfer

Progress Software has released a security advisorylink is external for a SQL injection vulnerability CVE-2023-34362link is external in MOVEit Transfer—a Managed File Transfer Softwarelink is external. A cyber threat actor could exploit this vulnerability to take over an affected system. CISA urge...

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on June 1, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-152-01 Advantech WebAccess-SCADA ICSA-23-152-02 HID Global SAFE ICSA-22-256-03 Delta...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-28771 Zyxel Multiple Firewalls OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on May 30, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-150-01 Advantech WebAccess/SCADA CISA encourages users and administrators to review the newl...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-2868 Barracuda Networks ESG Appliance Improper Input Validation Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber acto...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on May 25, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-145-01 Moxa MXsecurity Series CISA encourages users and administrators to review the newly...

CISA Warns of Hurricane/Typhoon-Related Scams

CISA urges users to remain on alert for malicious cyber activity following a natural disaster such as a hurricane or typhoon, as attackers target potential disaster victims by leveraging social engineering tactics, techniques, and procedures TTPs. Social engineering TTPs include phishing attacks...

CISA and Partners Release Cybersecurity Advisory Guidance detailing PRC state-sponsored actors evading detection by “Living off the Land”

Today, CISA joined the National Security Agency NSA, the Federal Bureau of Investigation FBI, and international partners in releasing a joint cybersecurity advisory highlighting recently discovered activities conducted by a People’s Republic of China PRC state-sponsored cyber threat actor. This...

CISA and Partners Update the #StopRansomware Guide, Developed through the Joint Ransomware Task Force (JRTF)

Today, CISA, the Federal Bureau of Investigation FBI, the National Security Agency NSA, and the Multi-State Information Sharing and Analysis Center MS-ISAC published an updated version of the StopRansomware Guide, as ransomware actors have accelerated their tactics and techniques since its initia...

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on May 23, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-143-01 Hitachi Energy AFS65x, AFS67x, AFR67x and AFF66x Products ICSA-23-143-02 Hitachi...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-32409 Apple Multiple Products WebKit Sandbox Escape Vulnerability CVE-2023-28204 Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability CVE-2023-323...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2004-1464 Cisco IOS Denial-of-Service Vulnerability CVE-2016-6415 Cisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability CVE-2023-21492 Samsung...

Cisco Releases Security Advisory for Small Business Series Switches

Cisco released a security advisory to address multiple vulnerabilities affecting the web-based user interface of certain Cisco Small Business Series Switcheslink is external. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition or execute arbitrary code wit...

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems ICS advisories on May 16, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-138-01 Carlo Gavazzi Powersoft ICSA-23-138-02 Mitsubishi Electric MELSEC WS ICSA-23-138-0...

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on May 16, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-136-01 Snap One OvrC Cloud ICSA-23-136-02 Rockwell ArmorStart ICSA-23-136-03 Rockwell...

CISA and Partners Release BianLian Ransomware Cybersecurity Advisory

CISA, the Federal Bureau of Investigation FBI, and the Australian Cyber Security Centre ACSC have released a joint Cybersecurity Advisory CSA with known BianLian ransomware and data extortion group technical details. Microsoft and Sophos contributed to the advisory. To reduce the likelihood and...

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-25717 Multiple Ruckus Wireless Products CSRF and RCE Vulnerability CVE-2021-3560 Red Hat Polkit Incorrect Authorization Vulnerability CVE-2014-0196 Linux...

CISA Releases Fifteen Industrial Control Systems Advisories

CISA released fifteen Industrial Control Systems ICS advisories on May 11, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-131-01 Siemens Solid Edge ICSA-23-131-02 Siemens SCALANCE W1750D ICSA-23-131-03 Siemen...

CISA and FBI Release Joint Advisory in Response to Active Exploitation of PaperCut Vulnerability

CISA and FBI have released a joint Cybersecurity Advisory CSA, Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG. This joint advisory provides details related to an exploitation of PaperCut MF/NG vulnerability CVE-2023-27350. FBI observed malicious actors exploit CVE-2023-27350...

Microsoft Releases May 2023 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s May 2023 Security Update Guidelink is external and...

CISA and Partners Disclose Snake Malware Threat From Russian Cyber Actors

Today, CISA and partners released a joint advisory for a sophisticated cyber espionage tool used by Russian cyber actors. Hunting Russian Intelligence “Snake” Malware provides technical descriptions of the malware’s host architecture and network communications, and mitigations to help detect and...

Mozilla Releases Security Advisories for Multiple Products

Mozilla has released security advisories to address vulnerabilities in Thunderbird, Firefox and Firefox ESR. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and appl...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on May 9, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-129-02 Hitachi Energy MSM ICSA-21-334-02 Mitsubishi MELSEC and MELIPC Series Update F CISA...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-29336 Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation up to SYSTEM privileges. These types of vulnerabilities are...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on May 4, 2023.This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on May 2, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical...

CISA Urges Organizations to Incorporate the FCC Covered List Into Risk Management Plans

The Federal Communications Commission FCC maintains a Covered List of communications equipment and services that have been determined by the U.S. government to pose an unacceptable risk to the national security of the United States or the security and safety of United States persons to national...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-1389 TP-Link Archer AX-21 Command Injection Vulnerability CVE-2021-45046 Apache Log4j2 Deserialization of Untrusted Data Vulnerability CVE-2023-21839 Oracle...

CISA Requests for Comment on Secure Software Self-Attestation Form

CISA has issued requests for comment on the Secure Software Self-Attestation Form. CISA, in coordination with the Office of Budget and Management OMB, released proposed guidance on secure software. This guidance seeks to secure software leveraged by the federal government. CISA expects agencies t...

CISA Releases One Industrial Control Systems Medical Advisory

CISA released one Industrial Control Systems Medical ICS medical advisory on April 27, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS medical...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on April 25, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-115-01 Keysight N8844A Data Analytics Web Service ICSA-23-115-02 Scada-LTS Third Party...

Abuse of the Service Location Protocol May Lead to DoS Attacks

The Service Location Protocol SLP, RFC 2608link is external allows an unauthenticated remote attacker to register arbitrary services. This could allow an attacker to use spoofed UDP traffic to conduct a denial-of-service DoS attack with a significant amplification factor. Researchers from Bitsigh...

CISA Releases Two SBOM Documents

Today, CISA released two community-drafted documents around Software Bill of Materials SBOM: Types of SBOM documents and Minimum Requirements for Vulnerability Exploitability eXchange VEX. The Types of SBOM document summarizes common types of SBOMs that tools may create in the industry today, alo...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-28432 MinIO Information Disclosure Vulnerability CVE-2023-27350 PaperCut MF/NG Improper Access Control Vulnerability CVE-2023-2136 Google Chrome Skia Integer...