Ivanti Updates Log4j Advisory with Security Updates for Multiple Products  

Ivanti has updated its Log4j Advisory with security updates for multiple products to address CVE-2021-44228. An unauthenticated attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Ivanti security advisories pages...

Juniper Networks Releases Security Updates for Multiple Products

Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Juniper Networks security advisories page an...

Citrix Releases Security Updates for Hypervisor 

Citrix has released security updates to address vulnerabilities in Hypervisor. An attacker could exploit these vulnerabilities to cause a denial-of-service condition. CISA encourages users and administrators to review Citrix Security Update CTX335432 and apply the necessary updates. This product ...

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address a vulnerability affecting Cisco Unified Contact Center Management Portal Unified CCMP and Cisco Unified Contact Center Domain Manager Unified CCDM. A remote attacker could exploit this vulnerability to take control of an affected system. CISCA...

Apple Releases Security Updates for iOS and iPadOS

Apple has released security updates to address a vulnerability affecting iOS 15.2.1 and iPadOS 15.2.1. An attacker could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review the Apple security page for iOS 15.2.1 and iPadOS 15.2.1 a...

CNMF Identifies and Discloses Malware used by Iranian APT MuddyWater

U.S. Cyber Command’s Cyber National Mission Force CNMF has identified multiple open-source tools used by an Iranian advanced persistent threat APT group known as MuddyWater. According to CNMF, “MuddyWater has been seen using a variety of techniques to maintain access to victim networks. These...

Citrix Releases Security Update for Workspace App for Linux

Citrix has released a security update to address a vulnerability in Workspace App for Linux. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Citrix Security Update CTX338435 and apply the necessary update. This...

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessa...

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for Firefox...

Microsoft Releases January 2022 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s January 2022 Security Update Summary and Deployme...

SAP Releases January 2022 Security Updates

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the SAP Security Notes for January 2022 and apply the necessa...

CISA, FBI, and NSA Release Cybersecurity Advisory on Russian Cyber Threats to U.S. Critical Infrastructure

CISA, the Federal Bureau of Investigation FBI, and the National Security Agency NSA have released a joint Cybersecurity Advisory CSA that provides an overview of Russian state-sponsored cyber operations, including commonly observed tactics, techniques, and procedures. The CSA also provides...

Samba Releases Security Update

The Samba Team has released a security update to address a vulnerability in multiple versions of Samba. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Samba Security Announcement CVE-2021-43566 and apply the...

CISA Adds 15 Known Exploited Vulnerabilities to Catalog

CISA has added 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and...

WordPress Releases Security Update

WordPress versions between 3.7 and 5.8 are affected by multiple vulnerabilities. Exploitation of some of these vulnerabilities could cause a denial of service condition. CISA encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 5.8.3. This product ...

Google Releases Security Updates for Chrome

Google has released Chrome version 97.0.4692.71 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates as...

VMware Releases Security Updates

VMware has released a security advisory to address a vulnerability in Workstation, Fusion, and ESXi. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2022-0001 and apply the necessa...

Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

CISA, the Federal Bureau of Investigation FBI, the National Security Agency NSA, and the cybersecurity authorities of Australia, Canada, New Zealand, and the United Kingdom have released a joint Cybersecurity Advisory in response to multiple vulnerabilities in Apache’s Log4j software library...

Apache Releases Security Update for HTTP Server

The Apache Software Foundation has released Apache HTTP Server 2.4.52. This version addresses vulnerabilities—CVE-2021-44790 and CVE-2021-44224—one of which may allow a remote attacker to take control of an affected system. CISA encourages users and administrators to review the Apache announcemen...

VMware Releases Security Advisory

VMware has released a security advisory to address a vulnerability in Workspace ONE UEM console. An attacker could exploit this vulnerability to obtain sensitive information. CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0029 and apply the necessary...

CISA Issues ED 22-02 Directing Federal Agencies to Mitigate Apache Log4j Vulnerabilities

CISA has issued Emergency Directive ED 22-02: Mitigate Apache Log4j Vulnerability, directing federal civilian executive branch FCEB agencies to address Log4j vulnerabilities—most notably, CVE-2021-44228. Although ED 22-02 applies to FCEB agencies, CISA strongly recommends that all organizations...

NSA and CISA Release Final Part IV of Guidance on Securing 5G Cloud Infrastructures

CISA has announced the joint National Security Agency NSA and CISA publication of the final of a four-part series, Security Guidance for 5G Cloud Infrastructures. Part IV: Ensure Integrity of Cloud Infrastructure focuses on platform integrity, microservices infrastructure integrity, launch time...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types an...

Immediate Steps to Strengthen Critical Infrastructure against Potential Cyberattacks

In light of persistent and ongoing cyber threats, CISA urges critical infrastructure owners and operators to take immediate steps to strengthen their computer network defenses against potential cyberattacks. CISA has released CISA Insights: Preparing For and Mitigating Potential Cyber Threats to...

Apple Releases Security Updates for Multiple Products

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security pages for the following products and apply the...

SAP Releases December 2021 Security Updates

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the SAP Security Notes for December 2021 and apply the...

Microsoft Releases December 2021 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s December 2021 Security Update Summary and...

Google Releases Security Updates for Chrome

Google has released Chrome version 96.0.4664.110 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates as...

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Adobe’s Security Bulletins and apply the necessary updates...

CISA Creates Webpage for Apache Log4j Vulnerability CVE-2021-44228

CISA and its partners, through the Joint Cyber Defense Collaborative, are tracking and responding to active, widespread exploitation of a critical remote code execution vulnerability CVE-2021-44228 affecting Apache Log4j software library versions 2.0-beta9 to 2.14.1. Log4j is very broadly used in...

CISA Releases Security Advisory for Hillrom Welch Allyn Cardiology Products

CISA has released an Industrial Controls Systems Medical Advisory ICSMA detailing a vulnerability in multiple Hillrom Welch Allyn cardiology products. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages technicians and administrators to review...

CISA Adds Thirteen Known Exploited Vulnerabilities to Catalog

CISA has added thirteen new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all typ...

CISA Adds 13 Known Exploited Vulnerabilities to Catalog

CISA has added 13 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and...

Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation

The Apache Software Foundation has released a security advisory to address a remote code execution vulnerability CVE-2021-44228 affecting Log4j versions 2.0-beta9 to 2.14.1. A remote attacker could exploit this vulnerability to take control of an affected system. Log4j is an open-source, Java-bas...

Cisco Releases Security Advisory for Multiple Products Affected by Apache HTTP Server Vulnerabilities

Cisco has released a security advisory to address Cisco products affected by multiple vulnerabilities in Apache HTTP Server 2.4.48 and earlier releases. An unauthenticated remote attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and...

CISA Releases Guidance on Protecting Organization-Run Social Media Accounts

CISA has released Capacity Enhancement Guide CEG: Social Media Account Protection, which details ways to protect the security of organization-run social media accounts. Malicious cyber actors that successfully compromise social media accounts—including accounts used by federal agencies—could spre...

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for Firefox...

SonicWall Releases Security Advisory for SMA 100 Series Appliances

SonicWall has released a security advisory to address vulnerabilities affecting SonicWall Secure Mobile Access SMA 100 series appliances. A remote attacker could exploit these vulnerabilities to take control of an affected system. SMA 100 series appliances provide an organization’s employees with...

CISA Releases Security Advisory on WebHMI Vulnerabilities

CISA has released an Industrial Controls Systems ICS advisory detailing vulnerabilities in Distributed Data Systems WebHMI products. A remote attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review ICS advisory...

Zoho Releases Security Advisory for ManageEngine Desktop Central and Desktop Central MSP

Zoho has released a security advisory to address an authentication bypass vulnerability in ManageEngine Desktop Central and Desktop Central MSP. An attacker could exploit this vulnerability to take control of an affected system. According to Zoho, this vulnerability is being actively exploited in...

Mozilla Releases Security Updates for Network Security Services

Mozilla has released security updates to address a vulnerability in Network Security Services NSS. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Mozilla Security Advisory for NSS and apply the necessary...

CISA and FBI Release Alert on Active Exploitation of CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus

CISA and the Federal Bureau of Investigation FBI have released a joint Cybersecurity Advisory identifying active exploitation of a vulnerability—CVE-2021-44077—in Zoho ManageEngine ServiceDesk Plus. CVE-2021-44077 is an unauthenticated remote code execution vulnerability that affects all...

NSA and CISA Release Part III of Guidance on Securing 5G Cloud Infrastructures

CISA has announced the joint National Security Agency NSA and CISA publication of the third of a four-part series, Security Guidance for 5G Cloud Infrastructures. Part III: Data Protection examines security during all phases of the data lifecycle—in transit, in use, and at rest. The guidance...

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types a...

CISA Releases Capacity Enhancement Guides to Enhance Mobile Device Cybersecurity for Consumers and Organizations

CISA has released actionable Capacity Enhancement Guides CEGs to help users and organizations improve mobile device cybersecurity. The CEG: Mobile Device Cybersecurity Checklist for Consumers provides steps for consumers, including using strong authentication and enabling automatic operating syst...

VMware Releases Security Updates

VMware has released security updates to address multiple vulnerabilities in vCenter Server and Cloud Foundation. A remote attacker can exploit this vulnerability to obtain access to sensitive information. CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0027 a...

Reminder for Critical Infrastructure to Stay Vigilant Against Threats During Holidays and Weekends

As Americans prepare to hit the highways and airports this Thanksgiving holiday, CISA and the Federal Bureau of Investigation FBI are reminding critical infrastructure partners that malicious cyber actors aren’t making the same holiday plans as you. Recent history tells us that this could be a ti...

NSA and CISA Release Guidance on Securing 5G Cloud Infrastructures

CISA has announced the joint National Security Agency NSA and CISA publication of the second of a four-part series, Security Guidance for 5G Cloud Infrastructures. Part II: Securely Isolate Network Resources examines threats to 5G container-centric or hybrid container/virtual network, also known ...

Updated: APT Exploitation of ManageEngine ADSelfService Plus Vulnerability

The Federal Bureau of Investigation FBI, CISA, and Coast Guard Cyber Command CGCYBER have updated the Joint Cybersecurity Advisory CSA published on September 16, 2021, which details the active exploitation of an authentication bypass vulnerability CVE-2021-40539 in Zoho ManageEngine ADSelfService...

Drupal Releases Security Updates

Drupal has released security updates to address vulnerabilities that could affect versions 8.9, 9.1, and 9.2. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Drupal Security Advisory SA-CORE-2021-011 and app...