Feed aggregator

Citrix Releases Security Updates for NetScaler ADC and NetScaler Gateway

Jan 18, 2024

Citrix released security updates to address vulnerabilities (CVE-2023-6548 and CVE-2023-6549) in NetScaler ADC and NetScaler Gateway. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Citrix CTX584986 Security Bulletin and apply the necessary updates.

Continue Reading ›

Drupal Releases Security Advisory for Drupal Core

Jan 18, 2024

Drupal released a security advisory to address a vulnerability affecting multiple Drupal core versions. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review Drupal security advisory SA-CORE-2024-001 for more information and apply the necessary update.

Continue Reading ›

CISA Adds Three Known Exploited Vulnerabilities to Catalog

Jan 17, 2024

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-6549 Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability CVE-2023-6548 Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability CVE-2024-0519 Google Chromium V8 Out-of-Bounds Memory Access Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.  Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. Please share your thoughts. We recently updated our anonymous Product Feedback Survey and we'd welcome your feedback.

Continue Reading ›

VMware Releases Security Advisory for Aria Operations

Jan 17, 2024

VMware released a security advisory to address a vulnerability (CVE-2023-34063) in Aria Operations. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2024-0001 and apply the necessary update.

Continue Reading ›

CISA Releases Two Industrial Control Systems Advisories

Jan 16, 2024

CISA released two Industrial Control Systems (ICS) advisories on January 16, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-016-01 SEW-EURODRIVE MOVITOOLS MotionStudio  ICSA-24-016-02 Integration Objects OPC UA Server Toolkit   CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.

Continue Reading ›

CISA Adds One Known Exploited Vulnerability to Catalog

Jan 16, 2024

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2018-15133 Laravel Deserialization of Untrusted Data Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.  Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Continue Reading ›

CISA and FBI Release Known IOCs Associated with Androxgh0st Malware

Jan 16, 2024

Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), Known Indicators of Compromise Associated with Androxgh0st Malware, to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with threat actors deploying Androxgh0st malware. Androxgh0st malware establishes a botnet for victim identification and exploitation in vulnerable networks, and targets files that contain confidential information, such as credentials, for various high profile applications. Threat actors deploying Androxgh0st malware have been observed exploiting specific vulnerabilities which could lead to remote code execution, including: CVE-2017-9841 (PHP Unit Command) CVE-2021-41773 (Apache HTTP Server versions), and CVE-2018-15133 (Laravel applications). In response, CISA is adding these CVEs to its Known Exploited Vulnerabilities Catalog. CISA and FBI encourage organizations to review and implement the mitigations found in the joint CSA to reduce the likelihood and impact of cybersecurity incidents caused by Androxgh0st malware. For more information, visit CISA's Malware, Phishing, and Ransomware page.

Continue Reading ›

Juniper Networks Releases Security Bulletin for Junos OS and Junos OS Evolved

Jan 11, 2024

Juniper Networks has released a security advisory to address a vulnerability (CVE-2024-21611) in Junos OS and Junos OS Evolved. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review the Juniper Advisory JSA75752 and apply the necessary updates.

Continue Reading ›

CISA Releases Nine Industrial Control Systems Advisories

Jan 11, 2024

CISA released nine Industrial Control Systems (ICS) advisories on January 11, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-011-03 Rapid Software LLC Rapid SCADA ICSA-24-011-04 Horner Automation Cscape ICSA-24-011-05 Schneider Electric Easergy Studio ICSA-24-011-06 Siemens Teamcenter Visualization and JT2Go ICSA-24-011-07 Siemens Spectrum Power 7 ICSA-24-011-08 Siemens SICAM A8000 ICSA-24-011-09 Siemens SIMATIC CN 4100 ICSA-24-011-10 Siemens SIMATIC ICSA-24-011-11 Siemens Solid Edge   CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.

Continue Reading ›

Cisco Releases Security Advisory for Cisco Unity Connection

Jan 11, 2024

Cisco released a security advisory to address a vulnerability (CVE-2024-20272) in Cisco Unity Connection. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Cisco Unity Connection Unauthenticated Arbitrary File Upload Vulnerability advisory and apply the necessary updates.

Continue Reading ›

CISA Adds Two Known Exploited Vulnerabilities to Catalog

Jan 10, 2024

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-21887 Ivanti Connect Secure and Policy Secure Command Injection Vulnerability CVE-2023-46805 Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.  Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Ivanti Releases Security Update for Connect Secure and Policy Secure Gateways

Jan 10, 2024

Ivanti has released a security update to address an authentication bypass vulnerability (CVE-2023-46805) and a command injection vulnerability (CVE-2024-21887) in all supported versions (9.x and 22.x) of Connect Secure and Policy Secure gateways. A cyber threat actor could exploit these vulnerabilities to take control of an affected system.   Ivanti reports active exploitation of both CVE-2023-46805 and CVE-2024-21887.   CISA urges users and administrators to immediately apply the current workaround in Ivanti's security update and review Volexity's blog on these vulnerabilities. Note: CISA has added CVE-2023-46805 and CVE-2024-21887 to its Known Exploited Vulnerabilities Catalog, which, per Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the specified due date to protect FCEB networks against active threats. CISA will update this alert as Ivanti releases patches.

Continue Reading ›

CISA Adds One Known Exploited Vulnerability to Catalog

Jan 10, 2024

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-29357 Microsoft SharePoint Server Privilege Escalation Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.  Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Continue Reading ›

Fortinet Releases Security Updates for FortiOS and FortiProxy

Jan 9, 2024

Fortinet has released a security update to address a vulnerability in FortiOS and FortiProxy software. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the FG-IR-23-315 FortiOS & FortiProxy - Improper authorization for HA requests security bulletin and apply necessary updates.

Continue Reading ›

Microsoft Releases Security Updates for Multiple Products

Jan 9, 2024

Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s January Security Update Guide and apply the necessary updates.

Continue Reading ›

CISA Releases One Industrial Control Systems Advisory

Jan 9, 2024

CISA released one Industrial Control Systems (ICS) advisory on January 9, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-348-01 Cambium ePMP 5GHz Force 300-25 Radio (Update A) CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.

Continue Reading ›

CISA Adds Six Known Exploited Vulnerabilities to Catalog

Jan 8, 2024

CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-38203 Adobe ColdFusion Deserialization of Untrusted Data Vulnerability CVE-2023-29300 Adobe ColdFusion Deserialization of Untrusted Data Vulnerability CVE-2023-27524 Apache Superset Insecure Default Initialization of Resource Vulnerability CVE-2023-41990 Apple Multiple Products Code Execution Vulnerability CVE-2016-20017 D-Link DSL-2750B Devices Command Injection Vulnerability CVE-2023-23752 Joomla! Improper Access Control Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Continue Reading ›

CISA Releases Three Industrial Control Systems Advisories

Jan 4, 2024

CISA released three Industrial Control Systems (ICS) advisories on January 4, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-004-01 Rockwell Automation FactoryTalk Activation ICSA-24-004-02 Mitsubishi Electric Factory Automation Products ICSA-23-348-15 Unitronics Vision and Samba Series (Update A)   CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.

Continue Reading ›

CISA Adds Two Known Exploited Vulnerabilities to Catalog

Jan 2, 2024

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-7024 Google Chromium WebRTC Heap Buffer Overflow Vulnerability CVE-2023-7101 Spreadsheet::ParseExcel Remote Code Execution Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.  Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Continue Reading ›

Juniper Releases Security Advisory for Juniper Secure Analytics

Jan 2, 2024

Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure Analytics. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Juniper advisory JSA75636 and apply the necessary updates.

Continue Reading ›

Pages

Related Content

Best Practices

10 Best Pactices

Our 10 Best Pactices

Contact Us

Contact Information Security at 756-7000

Contacts

Did you know?

Stay Safe Online Tips