OpenSSL Releases Security Update

OpenSSL has released a security update to address a vulnerability affecting OpenSSL 3.0.4. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the OpenSSL advisory and upgrade to the appropriate version. This produ...

North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector

CISA, the Federal Bureau of Investigation FBI, and the Department of the Treasury Treasury have released a joint Cybersecurity Advisory CSA, North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector, to provide information on Maui ransomware,...

Google Releases Security Update for Chrome

Google has released Chrome version 103.0.5060.114 for Windows. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update. This product is...

Prepare for a New Cryptographic Standard to Protect Against Future Quantum-Based Threats

The National Institute of Standards and Technology NIST has announced that a new post-quantum cryptographic standard will replace current public-key cryptography, which is vulnerable to quantum-based attacks. Note: the term “post-quantum cryptography” is often referred to as “quantum-resistant...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added...

#StopRansomware: MedusaLocker

CISA, the Federal Bureau of Investigation FBI, the Department of the Treasury Treasury, and the Financial Crimes Enforcement Network FinCEN have released a joint Cybersecurity Advisory CSA, StopRansomware: MedusaLocker, to provide information on MedusaLocker ransomware. MedusaLocker actors target...

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for Firefox...

2022 CWE Top 25 Most Dangerous Software Weaknesses

The Homeland Security Systems Engineering and Development Institute, sponsored by CISA and operated by MITRE, has released the 2022 Common Weakness Enumeration CWE Top 25 Most Dangerous Software Weaknesses list. The list uses data from the National Vulnerability Database to compile the most...

CISA Releases Guidance on Switching to Modern Auth in Exchange Online before October 1

CISA has released guidance on switching from Basic Authentication “Basic Auth” in Microsoft Exchange Online to Modern Authentication "Modern Auth" before Microsoft begins permanently disabling Basic Auth on October 1, 2022. Basic Auth is a legacy authentication method that does not support...

CISA Adds Eight Known Exploited Vulnerabilities to Catalog  

CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly...

Citrix Releases Security Updates for Hypervisor

Citrix has released security updates to address vulnerabilities that could affect Hypervisor. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Citrix Security Update CTX460064 and apply the necessary...

Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems

CISA and the United States Coast Guard Cyber Command CGCYBER have released a joint Cybersecurity Advisory CSA to warn network defenders that cyber threat actors, including state-sponsored advanced persistent threat APT actors, have continued to exploit CVE-2021-44228 Log4Shell in VMware Horizon®...

CISA Releases Cloud Security Technical Reference Architecture

CISA has released its Cloud Security CS Technical Reference Architecture TRA to guide federal civilian departments and agencies in securely migrating to the cloud. Co-authored by CISA, the United States Digital Service, and the Federal Risk and Authorization Management Program, the CS TRA defines...

Keeping PowerShell: Measures to Use and Embrace

Cybersecurity authorities from the United States, New Zealand, and the United Kingdom have released a joint Cybersecurity Information Sheet CIS on PowerShell. The CIS provides recommendations for proper configuration and monitoring of PowerShell, as opposed to removing or disabling it entirely du...

Google Releases Security Updates for Chrome

Google has released Chrome version 103.0.5060.53 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update. Thi...

CISA Releases Security Advisories Related to OT:ICEFALL (Insecure by Design) Report

CISA is aware that Forescout researchers have released OT:ICEFALL, a report on 56 vulnerabilities caused by insecure-by-design practices in operational technology across multiple vendors. The vulnerabilities are divided into four main categories: insecure engineering protocols, weak cryptography ...

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...

CISA Requests Public Comment on CISA’s TIC 3.0 Cloud Use Case

CISA has released Trusted Internet Connections TIC 3.0 Cloud Use Case for public comment. TIC is a federal cybersecurity initiative intended to secure federal data, networks, and boundaries while providing visibility into agency traffic, including cloud communications. TIC use cases provide...

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary...

SAP Releases June 2022 Security Updates

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review SAP Security Patch Day – June 2022 and apply the necessary...

CISA Adds One Known Exploited Vulnerability to Catalog 

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added...

Citrix Releases Security Updates for Application Delivery Management

Citrix has released security updates to address vulnerabilities in Application Delivery Management. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Citrix Security Update CTX460016 and apply the necessary...

Microsoft Releases June 2022 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s June 2022 Security Update Summary and Deployment...

Drupal Releases Security Updates

Drupal has released security updates to address a Guzzle third-party library vulnerability that does not affect Drupal core but may affect some contributed projects or custom code on Drupal sites. Exploitation of this vulnerability could allow a remote attacker to take control of an affected...

Google Releases Security Updates for Chrome

Google has released Chrome version 102.0.5005.115 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update. Th...

CISA Adds Three Known Exploited Vulnerabilities to Catalog  

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly...

CISA Adds 36 Known Exploited Vulnerabilities to Catalog 

CISA has added 36 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added...

Owl Labs Releases Security Updates for Meeting Owl Pro and Whiteboard Owl

Owl Labs has released security updates to address a vulnerability CVE-2022-31460 in Meeting Owl Pro and Whiteboard Owl. An attacker could exploit this vulnerability to obtain sensitive information. CISA encourages users and administrators to review the Owl Labs security advisories for Meeting Owl...

CISA Provides Criteria and Process for Updates to the KEV Catalog

CISA has updated the Known Exploited Vulnerabilities KEV catalog webpage as well as the FAQs for Binding Operational Directive BOD 22-01, Reducing the Significant Risk of Known Exploited Vulnerabilities, which established the KEV catalog. The updates provide information on the criteria and proces...

People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices

CISA, the National Security Agency NSA, and the Federal Bureau of Investigation FBI have released a joint Cybersecurity Advisory CSA to provide information on ways in which People’s Republic of China PRC state-sponsored cyber actors continue to exploit publicly known vulnerabilities in order to...

Atlassian Releases New Versions of Confluence Server and Data Center to Address CVE-2022-26134

Atlassian has released new Confluence Server and Data Center versions to address remote code execution vulnerability CVE-2022-26134 affecting these products. An unauthenticated remote attacker could exploit this vulnerability to execute code remotely. Atlassian reports that there is known...

CISA Releases Security Advisory on Dominion Voting Systems Democracy Suite ImageCast X

CISA has released an Industrial Controls Systems Advisory ICSA detailing vulnerabilities affecting versions of the Dominion Voting Systems Democracy Suite ImageCast X, which is an in-person voting system used to allow voters to mark their ballot. Exploitation of these vulnerabilities would requir...

CISA Releases Security Advisory on Illumina Local Run Manager

CISA has released an Industrial Controls Systems Advisory ICSA detailing multiple vulnerabilities in Illumina Local Run Manager. Successful exploitation of these vulnerabilities may allow an unauthenticated malicious actor to take control of the affected product remotely and take any action at th...

Atlassian Releases Security Advisory for Confluence Server and Data Center, CVE-2022-26134

Atlassian has released a security advisory to address a remote code execution vulnerability CVE-2022-26134 affecting Confluence Server and Data Center products. An unauthenticated remote attacker could exploit this vulnerability to execute code remotely. Atlassian reports that there is known...

CISA Updates Advisory on Threat Actors Chaining Unpatched VMware Vulnerabilities

CISA has updated Cybersecurity Advisory AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control, originally released May 18, 2022. The advisory has been updated to include additional indicators of compromise and detection signatures, as well as tactics,...

CISA Adds One Known Exploited Vulnerability (CVE-2022-26134) to Catalog  

CISA has added one new vulnerability—CVE-2022-26134—to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view t...

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for Firefox...

Karakurt Data Extortion Group

CISA, the Federal Bureau of Investigation FBI, the Department of Treasury, and the Financial Crimes Enforcement Network FinCEN have released a joint Cybersecurity Advisory CSA to provide information on the Karakurt data extortion group. Karakurt actors steal data and threaten to auction it off or...

Microsoft Releases Workaround Guidance for MSDT "Follina" Vulnerability

Microsoft has released workaround guidance to address a remote code execution RCE vulnerability—CVE-2022-30190, known as "Follina"—affecting the Microsoft Support Diagnostic Tool MSDT in Windows. A remote, unauthenticated attacker could exploit this vulnerability to take control of an affected...

Drupal Releases Security Updates

Drupal has released security updates to address a vulnerability that does not affect Drupal core but may affect some contributed projects or custom code on Drupal sites. Exploitation of this vulnerability could allow a remote attacker to take control of an affected website. CISA encourages users...

CISA and DoD Release 5G Security Evaluation Process Investigation Study

CISA and the Department of Defense DoD have released their 5G Security Evaluation Process Investigation Study for federal agencies. The new features, capabilities, and services offered by fifth-generation 5G cellular network technology can transform mission and business operations; and federal...

Citrix Releases Security Updates for ADC and Gateway

Citrix has released security updates to address vulnerabilities in ADC and Gateway. An attacker could exploit these vulnerabilities to cause a denial-of-service condition. CISA encourages users and administrators to review Citrix Security Update CTX457048 and apply the necessary updates. This...

CISA Adds 34 Known Exploited Vulnerabilities to Catalog

CISA has added 34 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added...

Google Releases Security Updates for Chrome

Google has released Chrome version 102.0.5005.61 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update. Thi...

CISA Adds 20 Known Exploited Vulnerabilities to Catalog

CISA has added 20 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added...

CISA Adds 21 Known Exploited Vulnerabilities to Catalog

CISA has added 21 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added...

Mozilla Releases Security Products for Multiple Firefox Products

Mozilla has released security updates to address vulnerabilities in Firefox 100.0.2, Firefox for Android 100.3.0, and Firefox ESR 91.9.1. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Mozilla security...

ISC Releases Security Advisory for BIND

The Internet Systems Consortium ISC has released a security advisory that addresses a vulnerability affecting version 9.18.0 of ISC Berkeley Internet Name Domain BIND. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrato...

CISA Releases Analysis of FY21 Risk and Vulnerability Assessments

CISA has released an analysis and infographic detailing the findings from the 112 Risk and Vulnerability Assessments RVAs conducted across multiple sectors in Fiscal Year 2021 FY21. The analysis details a sample attack path comprising 11 successive tactics, or steps, a cyber threat actor could ta...

CISA Issues Emergency Directive and Releases Advisory Related to VMware Vulnerabilities

CISA has issued Emergency Directive ED 22-03 and released a Cybersecurity Advisory CSA in response to active and expected exploitation of multiple vulnerabilities in the following VMware products: VMware Workspace ONE Access Access, VMware Identity Manager vIDM, VMware vRealize Automation vRA,...