4188 matches found
CISA Releases Five Pulse Secure-Related MARs
As part of CISA’s ongoing response to Pulse Secure compromises, CISA has analyzed five malware samples related to exploited Pulse Secure devices. CISA encourages users and administrators to review the following five malware analysis reports MARs for threat actor tactics, techniques, and procedure...
Hurricane-Related Scams
CISA warns users to remain on alert for malicious cyber activity targeting potential disaster victims and charitable donors following a hurricane. Fraudulent emails—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with...
Urgent: Protect Against Active Exploitation of ProxyShell Vulnerabilities
Malicious cyber actors are actively exploiting the following ProxyShell vulnerabilities: CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. An attacker exploiting these vulnerabilities could execute arbitrary code on a vulnerable machine. CISA strongly urges organizations to identify vulnerable...
ISC Releases Security Advisory for BIND
The Internet Systems Consortium ISC has released a security advisory that addresses a vulnerability affecting multiple versions of the ISC Berkeley Internet Name Domain BIND. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...
Mozilla Releases Security Updates
Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla Security Advisory for Firefox 91.0.1 and...
CISA Provides Recommendations for Protecting Information from Ransomware-Caused Data Breaches
CISA has released the fact sheet Protecting Sensitive and Personal Information from Ransomware-Caused Data Breaches to address the increase in malicious cyber actors using ransomware to exfiltrate data and then threatening to sell or leak the exfiltrated data if the victim does not pay the ransom...
Adobe Releases Multiple Security Updates
Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessa...
Google Releases Security Updates for Chrome
Google has released Chrome version 92.0.4515.159 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates. Th...
CISA Releases Security Advisory for ThroughTek Kalay P2P SDK
CISA has released an Industrial Control Systems ICS advisory detailing a vulnerability affecting several versions of ThroughTek Kalay P2P Software Development Kit SDK. A remote attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrator...
BadAlloc Vulnerability Affecting Devices Incorporating Older BlackBerry QNX Products
CISA released an Alert today on devices incorporating older versions of multiple BlackBerry QNX products affected by a BadAlloc vulnerability. A malicious actor could exploit this vulnerability to take control of an affected system or cause a denial-of-service condition. Because devices...
Apple Releases Security Update
Apple has released a security update to address vulnerabilities in iCloud for Windows 12.5. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security update and apply the necessary updates. This...
Mozilla Releases Security Updates for Thunderbird
Mozilla has released security updates to address vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 91 and apply the necessa...
Drupal Releases Security Updates
Drupal has released security updates to address vulnerabilities that could affect versions 8.9, 9.1, and 9.2. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Drupal Security Advisory SA-CORE-2021-005 and app...
Mozilla Releases Security Updates for Firefox
Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla Security Advisory for Firefox 91...
Adobe Releases Security Updates for Multiple Products
Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessa...
Citrix Releases Security Update for ShareFile Storage Zones Controller
Citrix has released a security update to address a vulnerability affecting Citrix ShareFile storage zones controller. An attacker can exploit this vulnerability to obtain access to sensitive information. CISA recommends users and administrators review Citrix Security Bulletin CTX322787 and apply...
Intel Releases Multiple Security Updates
Intel has released security updates to address vulnerabilities multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Intel advisories and apply the necessary updates: NUC 9...
SAP Releases August 2021 Security Updates
SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review SAP Security Notes for August 2021 and apply the necessary...
Microsoft Releases August 2021 Security Updates
Updated: August 24, 2021 CISA is aware of open source reporting on the active exploitation of CVE-2021-36942 PetitPotam. To address this vulnerability, Microsoft released a patch and mitigation guidance as part of its August 2021 security updates. CISA strongly encourages users and administrators...
Ivanti Releases Security Update for Pulse Connect Secure
Ivanti has released Pulse Connect Secure system software version 9.1R12 to address multiple vulnerabilities an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review Ivanti's Security Advisory SA44858 and apply the necessary update. This...
CISA Releases Security Advisory for InterNiche Products
CISA has released an Industrial Control Systems ICS advisory detailing multiple vulnerabilities in InterNiche products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the ICS Advisory ICSA-21-217-01...
VMware Releases Security Updates for Multiple Products
VMware has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to gain access to confidential information. CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0016 and apply the necessary...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users an...
Google Releases Security Updates for Chrome
Google has released Chrome version 92.0.4515.131 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates. Th...
CISA Releases Security Advisory for Swisslog Healthcare
CISA has released an Industrial Control Systems ICS advisory detailing multiple vulnerabilities in Swisslog Healthcare Translogic Pneumatic Tube Systems PTS. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to...
CISA and NSA Release Kubernetes Hardening Guidance
The National Security Agency NSA and CISA have released Kubernetes Hardening Guidance, a cybersecurity technical report detailing the complexities of securely managing Kubernetes—an open-source, container-orchestration system used to automate deploying, scaling, and managing containerized...
CISA Announces Vulnerability Disclosure Policy (VDP) Platform
CISA has announced the establishment of its Vulnerability Disclosure Policy VDP Platform for the federal civilian enterprise, which will allow the Federal Civilian Executive Branch to coordinate with the civilian security research community in a streamlined fashion. The VDP Platform provides a...
NSA Releases Guidance on Securing Wireless Devices While in Public
The National Security Agency NSA has released an information sheet with guidance on securing wireless devices while in public for National Security System, Department of Defense, and Defense Industrial Base teleworkers, as well as the general public. This information sheet provides information on...
Top Routinely Exploited Vulnerabilities
CISA, the Australian Cyber Security Centre ACSC, the United Kingdom’s National Cyber Security Centre NCSC, and the U.S. Federal Bureau of Investigation FBI have released the Joint Cybersecurity Advisory Top Routinely Exploited Vulnerabilities, which details the top vulnerabilities routinely...
Apple Releases Security Updates
Apple has released security updates to address a vulnerability in multiple products. An attacker could exploit this vulnerability to take control of an affected device. CISA encourages users and administrators to review the security update page for the following products and apply the necessary...
CISA Releases Security Advisory for Geutebruck Devices
CISA has released an Industrial Control Systems ICS advisory detailing multiple vulnerabilities in multiple Geutebruck G-CAM E2 series devices and Encoder G-Code versions. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users an...
Microsoft Releases Guidance for Mitigating PetitPotam NTLM Relay Attacks
On July 23, Microsoft released KB5005413: Mitigating NTLM Relay Attacks on Active Directory Certificate Services AD CS to address a NTLM Relay Attack named PetitPotam. CISA encourages users and administrators to review KB5005413 and apply the necessary mitigations. This product is provided subjec...
Drupal Releases Security Updates
Drupal has released security updates to address a critical third-party-library vulnerability that could affect Drupal 7, 8.9, 9.1, and 9.2. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Drupal security...
Cisco Releases Security Updates
Cisco has released security updates to address multiple vulnerabilities in Intersight Virtual Appliance. An attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA...
Malware Targeting Pulse Secure Devices
As part of CISA’s ongoing response to Pulse Secure compromises, CISA has analyzed 13 malware samples related to exploited Pulse Secure devices. CISA encourages users and administrators to review the following 13 malware analysis reports MARs for threat actor techniques, tactics, and procedures TT...
Adobe Releases Security Updates for Multiple Products
Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessa...
2021 CWE Top 25 Most Dangerous Software Weaknesses
The Homeland Security Systems Engineering and Development Institute, sponsored by the Department of Homeland Security and operated by MITRE, has released the 2021 Common Weakness Enumeration CWE Top 25 Most Dangerous Software Weaknesses list. The Top 25 uses data from the National Vulnerability...
Apple Releases Security Updates
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the Apple security pages for the following products and apply the...
Google Releases Security Updates for Chrome
Google has released Chrome version 92.0.4515.107 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates. Th...
Oracle Releases July 2021 Critical Patch Update
Oracle has released its Critical Patch Update for July 2021 to address 342 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Oracle July 2021 Critica...
Citrix Releases Security Updates
Citrix has released security updates to address multiple vulnerabilities in Application Delivery Controller, Gateway, and SD-WAN WANOP Edition. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Citrix...
Significant Historical Cyber-Intrusion Campaigns Targeting ICS
Protecting our Nation’s critical infrastructure is the responsibility of federal and state, local, tribal, and territorial SLTT governments and owners and operators of that infrastructure. The cybersecurity threats posed to the industrial control systems ICS that control and operate critical...
Fortinet Releases Security Updates for FortiManager and FortiAnalyzer
Fortinet has released security advisory FG-IR-21-067 to address a use-after-free vulnerability in the FortiManager fgfmsd daemon. A use-after-free condition occurs when a program marks a section of memory as free but then subsequently tries to use that memory, which could result in a program cras...
U.S. Government Releases Indictment and Several Advisories Detailing Chinese Cyber Threat Activity
CISA, the Federal Bureau of Investigation FBI, and the National Security Agency NSA have observed increasingly sophisticated Chinese state-sponsored activity targeting U.S. political, economic, military, educational, and critical infrastructure personnel and organizations. In response: The White...
Cisco Releases Security Updates
Cisco has released security updates to address a vulnerability in Adaptive Security Appliance Software Release 9.16.1 and Firepower Threat Defense Software Release 7.0.0. A remote attacker could exploit this vulnerability to cause a denial of service condition. CISA encourages users and...
Google Releases Security Updates for Chrome
Google has released Chrome version 91.0.4472.164 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. One of these vulnerabilities—CVE-2021-30563—has been detected in exploits in the wild. CISA encourages users a...
Ransomware Risk in Unpatched, EOL SonicWall SRA and SMA 8.x Products
CISA is aware of threat actors actively targeting a known, previously patched, vulnerability in SonicWall Secure Mobile Access SMA 100 series and Secure Remote Access SRA products running unpatched and end-of-life EOL 8.x firmware. Threat actors can exploit this vulnerability to initiate a target...
Juniper Networks Releases Security Updates for Multiple Products
Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Juniper Networks security advisories page an...
New StopRansomware.gov website – The U.S. Government’s One-Stop Location to Stop Ransomware
The U.S. Government launched a new website to help public and private organizations defend against the rise in ransomware cases. StopRansomware.gov is a whole-of-government approach that gives one central location for ransomware resources and alerts. We encourage organizations to use this new...