Apache Releases HTTP Server version 2.4.51 to Address Vulnerabilities Under Exploitation

On October 7, 2021, the Apache Software Foundation released Apache HTTP Server version 2.4.51 to address Path Traversal and Remote Code Execution vulnerabilities CVE-2021-41773, CVE-2021-42013 in Apache HTTP Server 2.4.49 and 2.4.50. These vulnerabilities have been exploited in the wild. CISA is...

Mozilla Releases Security Updates for Firefox and Firefox ESR

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR . An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for Firefox 93, Firefox E...

Apache Releases Security Update for Apache HTTP Server

Updated October 7, 2021 Apache has released additional fixes for CVE-2021-41773, which is tracked as CVE-2021-42013. For more information see the Apache vulnerabilities page. Originally published October 6, 2021 The Apache Software Foundation has released Apache HTTP Server version 2.4.50 to...

CISA Releases Security Advisory for Honeywell Experion and ACE Controllers

CISA has released an Industrial Controls Systems ICS advisory detailing multiple vulnerabilities affecting all versions of Honeywell Experion Process Knowledge System C200, C200E, C300, and ACE controllers. A remote attacker could exploit some of these vulnerabilities to take control of an affect...

Be Cyber Smart During Cybersecurity Awareness Month

CISA and the National Cybersecurity Alliance NCSA remind users to continue to “Do Your Part. BeCyberSmart.” during October—2021’s Cybersecurity Awareness Month! In 2021, CISA and NCSA will focus on different outreach themes each week to include: Be Cyber Smart Phight the Phish! Explore. Experienc...

Google Releases Security Updates for Chrome

Google has released Chrome version 94.0.4606.71 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update as so...

CISA and NSA Release Guidance on Selecting and Hardening VPNs

The National Security Agency NSA and CISA have released the cybersecurity information sheet Selecting and Hardening Standards-based Remote Access VPN Solutions to address the potential security risks associated with using Virtual Private Networks VPNs. Remote-access VPN servers allow off-site use...

RCE Vulnerability in Hikvision Cameras (CVE-2021-36260)

Hikvision has released updates to mitigate a command injection vulnerability—CVE-2021-36260—in Hikvision cameras that use a web server service. A remote attacker could exploit this vulnerability to take control of an affected device. CISA encourages users and administrators to review Hikvision’s...

VMware vCenter Server Vulnerability CVE-2021-22005 Under Active Exploit

On September 21, 2021, VMware disclosed that its vCenter Server is affected by an arbitrary file upload vulnerability—CVE-2021-22005—in the Analytics service. A malicious cyber actor with network access to port 443 can exploit this vulnerability to execute code on vCenter Server. On September 24,...

Google Releases Security Updates for Chrome

Google has released Chrome version 94.0.4606.61 for Windows, Mac, and Linux. This version addresses a vulnerability—CVE-2021-37973—that an attacker could exploit to take control of an affected system. An exploit for this vulnerability exists in the wild. CISA encourages users and administrators t...

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Cisco Security Advisories page and apply the necessary...

CISA Releases Guidance: IPv6 Considerations for TIC 3.0

The federal government has prioritized the transition of federal networks to Internet Protocol version 6 IPv6 since the release of Office of Management and Budget OMB Memorandum 05-22 in 2005. In 2020, OMB renewed its focus on IPv6 through the publication of OMB Memorandum 21-07. That memorandum...

Apple Releases Security Updates

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to take control of an affected system. These vulnerabilities have been detected in exploits in the wild. CISA encourages users and administrators to review the Appl...

Google Releases Security Updates for Chrome

Google has released Chrome version 94.0.4606.54 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates. Thi...

CISA, FBI, and NSA Release Joint Cybersecurity Advisory on Conti Ransomware 

CISA, the Federal Bureau of Investigation FBI, and the National Security Agency NSA have released a joint Cybersecurity Advisory CSA alerting organizations of increased Conti ransomware attacks. Malicious cyber actors use Conti ransomware to steal sensitive files from domestic and international...

VMware Releases Security Updates

VMware has released security updates to address multiple vulnerabilities in vCenter Server and Cloud Foundation. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory...

Apple Releases Security Updates for Multiple Products

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security pages for the following products and apply the...

NETGEAR Releases Security Updates for RCE Vulnerability

NETGEAR has released security updates to address a remote code execution vulnerability—CVE-2021-40847—in multiple NETGEAR routers. A remote attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review NETGEAR’s Security Adviso...

Microsoft Releases Security Update for Azure Linux Open Management Infrastructure

Updated, September 17 On September 16, 2021, Microsoft released additional guidance on Open Management Infrastructure OMI vulnerabilities—CVE-2021-38645, CVE-2021-38649, CVE-2021-38648, and CVE-2021-38647—which impact Azure VM Management Extensions. According to Microsoft, “customers must update...

Drupal Releases Multiple Security Updates

Drupal has released security updates to address multiple vulnerabilities affecting Drupal 8.9, 9.1, and 9.2. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Drupal security advisories a...

FBI-CISA-CGCYBER Advisory on APT Exploitation of ManageEngine ADSelfService Plus Vulnerability

The Federal Bureau of Investigation FBI, CISA, and Coast Guard Cyber Command CGCYBER have released a Joint Cybersecurity Advisory CSA detailing the active exploitation of an authentication bypass vulnerability CVE-2021-40539 in Zoho ManageEngine ADSelfService Plus—a self-service password manageme...

ACSC Releases Annual Cyber Threat Report

The Australian Cyber Security Centre ACSC has released its annual report on key cyber security threats and trends for the 2020–21 financial year. The report lists the exploitation of the pandemic environment, the disruption of essential services and critical infrastructure, ransomware, the rapid...

Microsoft Releases September 2021 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s September 2021 Security Update Summary and...

CERT NZ Releases Ransomware Protection Guide for Businesses

The New Zealand Computer Emergency Response Team CERT NZ has released a guide on ransomware protection for businesses. The guide includes a pair of helpful diagrams that outline different ransomware attack pathways and illustrate where relevant security controls can work to protect or stop an...

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Adobe’s Security Bulletins and apply the necessary updates...

SAP Releases September 2021 Security Updates 

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the SAP Security Notes for September 2021 and apply the...

Citrix Releases Security Update for ShareFile Storage Zones Controller

Citrix has released a security update to address a vulnerability affecting Citrix ShareFile storage zones controller. A remote attacker can exploit this vulnerability to take control of an affected system. CISA recommends users and administrators review Citrix Security Bulletin CTX328123 and appl...

Google Releases Security Updates for Chrome

Google has released Chrome version 93.0.4577.82 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates. Thi...

CISA's Annual National Cybersecurity Summit

CISA will host its fourth annual National Cybersecurity Summit on Wednesdays during the month of October. The 2021 Summit will be held as a series of four virtual events bringing stakeholders together in a forum for meaningful conversation: Oct. 6 - Assembly Required: The Pieces of the...

Apple Releases Security Updates to Address CVE-2021-30858 and CVE-2021-30860

Apple has released security updates to address vulnerabilities—CVE-2021-30858 and CVE-2021-30860—in multiple products. An attacker could exploit these vulnerabilities to take control of an affected device. CISA is aware of public reporting that these vulnerabilities may have been exploited in the...

WordPress Releases Security Update

WordPress 5.4-5.8 are affected by multiple vulnerabilities. An attacker could exploit these vulnerabilities to take control of an affected website. CISA encourages users and administrators to review the WordPress Security and Maintenance Release and upgrade to WordPress 5.8.1. This product is...

Citrix Releases Security Updates for Hypervisor

Citrix has released security updates to address vulnerabilities in Hypervisor. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Citrix Security Update CTX325319 and apply the necessary updates. This product i...

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for Firefox...

Zoho Releases Security Update for ADSelfService Plus

Zoho has released a security update on a vulnerability CVE-2021-40539 affecting ManageEngine ADSelfService Plus builds 6113 and below. CVE-2021-40539 has been detected in exploits in the wild. A remote attacker could exploit this vulnerability to take control of an affected system. ManageEngine...

Microsoft Releases Mitigations and Workarounds for CVE-2021-40444

Microsoft has released mitigations and workarounds to address a remote code execution vulnerability CVE-2021-40444 in Microsoft Windows. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. This vulnerability has been detected in exploits in the...

Atlassian Releases Security Updates for Confluence Server and Data Center

On August 25, 2021, Atlassian released security updates to address a remote code execution vulnerability CVE-2021-26084 affecting Confluence Server and Data Center. Recently, CVE-2021-26084 has been detected in exploits in the wild. A remote attacker could exploit this vulnerability to take contr...

CISA Insights on Risk Considerations for Managed Service Provider Customers

CISA has released a new CISA Insights, Risk Considerations for Managed Service Provider Customers MSPs, which provides Managed Service Provider MSP customers a framework for reducing risk. This framework is designed for government and private sector organizations of all sizes, and it suggests...

Cisco Releases Security Updates for Cisco Enterprise NFVIS

Cisco has released security updates to address a critical vulnerability affecting Cisco Enterprise Network Function Virtualization Infrastructure Software NFVIS Release 4.5.1. A remote attacker could exploit this vulnerability to take control of an affected system. For updates addressing lower...

Google Releases Security Updates for Chrome

Google has released Chrome version 93.0.4577.63 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates. Thi...

FBI-CISA Advisory on Ransomware Awareness for Holidays and Weekends

Today, the Federal Bureau of Investigation FBI and CISA released a Joint Cybersecurity Advisory CSA to urge organizations to ensure they protect themselves against ransomware attacks during holidays and weekends—when offices are normally closed. Although FBI and CISA do not currently have any...

CISA Adds Single-Factor Authentication to list of Bad Practices

Today, CISA added the use of single-factor authentication for remote or administrative access systems to our Bad Practices list of exceptionally risky cybersecurity practices. Single-factor authentication is a common low-security method of authentication. It only requires matching one factor—such...

Microsoft Azure Cosmos DB Guidance

CISA is aware of a misconfiguration vulnerability in Microsoft’s Azure Cosmos DB that may have exposed customer data. The misconfiguration has been fixed within the Azure cloud, and Microsoft has notified the customers who potentially would have been impacted. CISA strongly encourages those Azure...

 ICSJWG 2021 Fall Virtual Meeting

The Industrial Control Systems Joint Working Group ICSJWG will hold the virtual 2021 ICSJWG Fall Meeting, September 21—22, 2021. ICSJWG meetings facilitate relationship building among critical infrastructure stakeholders and owners/operators of industrial control systems, idea exchange regarding...

FBI Releases Indicators of Compromise Associated with Hive Ransomware

The Federal Bureau of Investigation FBI has released a Flash report detailing indicators of compromise IOCs and tactics, techniques, and procedures TTPs associated with ransomware attacks by Hive, a likely Ransomware-as-a-Service organization consisting of a number of actors using multiple...

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...

VMware Releases Security Updates for Multiple Products 

VMware has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0018 and apply the necessary...

OpenSSL Releases Security Update 

OpenSSL has released a security update to address vulnerabilities affecting versions 1.1.1k and below. An attacker could exploit these vulnerabilities to cause a denial-of-service condition. CISA encourages users and administrators to review the OpenSSL Security Advisory and apply the necessary...

FBI Releases Indicators of Compromise Associated with OnePercent Group Ransomware

The Federal Bureau of Investigation FBI has released a Flash report detailing indicators of compromise IOCs associated with ransomware attacks by the OnePercent Group, a cyber-criminal organization known since November 2020 for using Cobalt Strike in phishing attacks against U.S. companies. CISA...

F5 Releases August 2021 Security Advisory

F5 has released a security advisory on vulnerabilities affecting multiple versions of BIG-IP and BIG-IQ for August 2021. CISA encourages users and administrators to review the F5 security advisory and install updated software or apply the necessary mitigations as soon as possible. This product is...