Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for Firefox...

Google Releases Security Updates for Chrome

Google has released Chrome version 100.0.4896.75 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates as...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly...

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly add...

Spring Releases Security Updates Addressing "Spring4Shell" and Spring Cloud Function Vulnerabilities

Spring by VMWare has released Spring Cloud Function versions 3.1.7 and 3.2.3 to address remote code execution RCE vulnerability CVE-2022-22963 as well as Spring Framework versions 5.3.18 and 5.2.20 to address RCE vulnerability CVE-2022-22965, known as “Spring4Shell.” A remote attacker could explo...

Apple Releases Security Updates

Apple has released security updates to address vulnerabilities—CVE-2022-22674 and CVE-2022-22675—in multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected device. These vulnerabilities have been detected in exploits in the wild. CISA encourages...

CISA Releases Security Advisories for Rockwell Automation Products

CISA has released two Industrial Controls Systems Advisories ICSAs detailing vulnerabilities in Rockwell Automation products. An attacker could exploit these vulnerabilities to inject code on affected system. CISA encourages users and administrators to review ICSA-22-090-05: Rockwell Automation...

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly...

FBI Releases PIN on Ransomware Straining Local Governments and Public Services

The Federal Bureau of Investigation FBI has released a Private Industry Notification PIN to inform U.S. Government Facilities Sector partners of cyber actors conducting ransomware attacks on local government agencies that have resulted in disrupted operational services, risks to public safety, an...

Google Releases Security Updates for Chrome

Google has released Chrome version 100.0.4896.60 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update. Thi...

FBI Releases PIN on Phishing Campaign against U.S. Election Officials

The Federal Bureau of Investigation FBI has released a Private Industry Notification PIN to warn U.S. election and other state and local government officials about invoice-themed phishing emails that could be used to harvest officials’ login credentials. CISA encourages federal, state, and local...

Mitigating Attacks Against Uninterruptable Power Supply Devices

CISA and the Department of Energy DOE are aware of threat actors gaining access to a variety of internet-connected uninterruptable power supply UPS devices, often through unchanged default usernames and passwords. Organizations can mitigate attacks against their UPS devices, which provide emergen...

CISA Adds 32 Known Exploited Vulnerabilities to Catalog

CISA has added 32 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added...

Google Releases Security Updates for Chrome

Google has released Chrome version 99.0.4844.84 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates. Thi...

CISA Adds 66 Known Exploited Vulnerabilities to Catalog

CISA has added 66 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added...

State-Sponsored Russian Cyber Actors Targeted Energy Sector from 2011 to 2018

CISA, the Federal Bureau of Investigation, and the Department of Energy have released a joint Cybersecurity Advisory CSA detailing campaigns conducted by state-sponsored Russian cyber actors from 2011 to 2018 that targeted U.S. and international Energy Sector organizations. The CSA highlights...

VMware Releases Security Updates

VMware has released security updates to address multiple vulnerabilities in VMware Carbon Black App Control software. A remote attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory...

FBI and FinCEN Release Advisory on AvosLocker Ransomware

The Federal Bureau of Investigation FBI and the Department of the Treasury’s Financial Crimes Enforcement Network FinCEN have released a joint Cybersecurity Advisory identifying indicators of compromise associated with AvosLocker ransomware. AvosLocker is a ransomware-as-a-service affiliate-based...

Drupal Releases Security Updates

Drupal has released security updates to address a vulnerability affecting Drupal 9.2 and 9.3. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Drupal Security Advisory SA-CORE-006 and apply the necessary update...

CRI-O Security Update for Kubernetes

CRI-O has released a security update addressing a critical vulnerability—CVE-2022-0811—in CRI-O 1.19. A local attacker could exploit this vulnerability to take control of an affected Kubernetes environment as well as other software or platforms that use CRI-O runtime containers. CISA encourages...

Strengthening Cybersecurity of SATCOM Network Providers and Customers

CISA and the Federal Bureau of Investigation FBI are aware of possible threats to U.S. and international satellite communications SATCOM networks. Successful intrusions into SATCOM networks could create additional risk for SATCOM network customer environments. In response, CISA and FBI have...

Drupal Releases Security Updates

Drupal has released security updates to address vulnerabilities affecting Drupal 9.2 and 9.3. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Drupal Advisory SA-CORE-2022-05 and apply the necessary...

WordPress Releases Security Update

WordPress versions prior to 5.9.2 are affected by multiple vulnerabilities. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected website. CISA encourages users and administrators to review the WordPress Security Release and upgrade to WordPres...

OpenSSL Releases Security Updates

OpenSSL has released security updates addressing a vulnerability CVE-2022-0778 affecting multiple versions of OpenSSL. An attacker could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review the OpenSSL Advisory and upgrade to the...

ISC Releases Security Advisories for BIND

The Internet Systems Consortium ISC has released security advisories that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain BIND. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition. CISA encourages users and...

Google Releases Security Updates for Chrome

Google has released Chrome version 99.0.4844.74 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates. Thi...

Apple Releases Security Updates for Multiple Products

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security page and apply the necessary updates. This...

Russian State-Sponsored Cyber Actors Access Network Misconfigured with Default MFA Protocols

CISA and the Federal Bureau of Investigation FBI have released a joint Cybersecurity Advisory that details how Russian state-sponsored cyber actors accessed a network with misconfigured default multifactor authentication MFA protocols. The actors then exploited a critical Windows Print Spooler...

CISA Adds 15 Known Exploited Vulnerability to Catalog

CISA has added 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and...

Updated: Kubernetes Hardening Guide

The National Security Agency NSA and CISA have updated their joint Cybersecurity Technical Report CTR: Kubernetes Hardening Guide, originally released in August 2021, based on valuable feedback and inputs from the cybersecurity community. Kubernetes is an open-source system that automates...

Dirty Pipe Privilege Escalation Vulnerability in Linux

CISA is aware of a privilege escalation vulnerability in Linux kernel versions 5.8 and later known as “Dirty Pipe” CVE-2022-0847. A local attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review CVE-2022-0847 and update to...

Updated: Conti Ransomware

CISA, the Federal Bureau of Investigation FBI, the National Security Agency NSA, and the United States Secret Service USSS have re-released an advisory on Conti ransomware. Conti cyber threat actors remain active and reported Conti ransomware attacks against U.S. and international organizations...

Microsoft Releases March 2022 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s March 2022 Security Update Summary and...

CISA Releases Security Advisory on PTC Axeda Agent and Desktop Server

CISA has released an Industrial Controls Systems Advisory ICSA, detailing vulnerabilities in PTC Axeda agent and Axeda Desktop Server. Successful exploitation of these vulnerabilities—collectively known as “Access:7”—could result in full system access, remote code execution, read/change...

FBI Releases Indicators of Compromise for RagnarLocker Ransomware

The Federal Bureau of Investigation FBI has released a Flash report detailing indicators of compromise IOCs associated with ransomware attacks by RagnarLocker, a group of a ransomware actors targeting critical infrastructure sectors. CISA encourages users and administrators to review the IOCs and...

Mozilla Releases Security Updates for Firefox and Firefox ESR

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for Firefox 98 and Firefox...

SAP Releases March 2022 Security Updates

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the SAP Security Notes for March 2022 and apply the necessary...

Mozilla Releases Security Updates

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for Firefox...

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary...

CISA Adds 11 Known Exploited Vulnerabilities to Catalog 

CISA has added 11 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and...

Mozilla Releases Security Updates for Multiple Products

Mozilla has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Mozilla security advisory MFSA 2022-09 and apply the necessary updates...

CISA’s Zero Trust Guidance for Enterprise Mobility Available for Public Comment

CISA has released a draft version of Applying Zero Trust Principles to Enterprise Mobility for public comment. The paper guides federal agencies as they evolve and operationalize cybersecurity programs and capabilities, including cybersecurity for mobility. The public comment period will close...

CISA Adds 95 Known Exploited Vulnerabilities to Catalog

CISA has added 95 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added...

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users...

NSA Releases Network Infrastructure Security Guidance

The National Security Agency NSA has released a new Cybersecurity Technical Report CTR: Network Infrastructure Security Guidance. The report captures best practices based on the depth and breadth of experience in supporting customers and responding to threats. Recommendations include perimeter an...

Google Releases Security Updates for Chrome

Google has released Chrome version 99.0.4844.51 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates. Thi...

Broadcom Software Discloses APT Actors Deploying Daxin Malware in Global Espionage Campaign

Broadcom Software—an industry member of CISA’s Joint Cyber Defense Collaborative JCDC—uncovers an advanced persistent threat APT campaign against select governments and other critical infrastructure targets in a publication titled Daxin: Stealthy Backdoor Designed for Attacks Against Hardened...

CISA Releases Advisory on Destructive Malware Targeting Organizations in Ukraine

CISA and the Federal Bureau of Investigation have released an advisory on destructive malware targeting organizations in Ukraine. The advisory also provides recommendations and strategies to prepare for and respond to destructive malware. Additionally, CISA has created a new Shields Up Technical...

Mozilla Releases Security Update for Mozilla VPN

Mozilla has released a security update to address a vulnerability in Mozilla VPN. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Mozilla Foundation Security Advisory 2022-08 and make the necessary update. This...

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types a...