Feed aggregator

Apple Releases Security Updates for Multiple Products

Jan 23, 2024

Apple has released security updates for iOS and iPadOS, macOS, watchOS, and tvOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security release and apply the necessary updates: iOS 17.3 and iPadOS 17.3 iOS 16.7.5 and iPadOS 16.7.5 iOS 15.8.1 and iPadOS 15.8.1 macOS Sonoma 14.3 macOS Ventura 13.6.4 macOS Monterey 12.7.3 watchOS 10.3 tvOS 17.3

Continue Reading ›

CISA Releases Six Industrial Control Systems Advisories

Jan 23, 2024

CISA released six Industrial Control Systems (ICS) advisories on January 23, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-023-01 APsystems Energy Communication Unit (ECU-C) Power Control Software ICSA-24-023-02 Crestron AM-300 ICSA-24-023-03 Voltronic Power ViewPower Pro ICSA-23-023-04 Westermo Lynx 206-F2G ICSA-24-023-05 Lantronix XPort ICSMA-24-023-01 Orthanc Osimis DICOM Web Viewer CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.

Continue Reading ›

CISA Adds One Known Exploited Vulnerability to Catalog

Jan 23, 2024

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-23222 Apple Multiple Products Type Confusion Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Continue Reading ›

CISA Adds One Known Exploited Vulnerability to Catalog

Jan 22, 2024

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-34048 VMware vCenter Server Out-of-Bounds Write Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Continue Reading ›

CISA Issues Emergency Directive on Ivanti Vulnerabilities

Jan 19, 2024

CISA has issued Emergency Directive (ED) 24-01 Mitigate Ivanti Connect Secure and Ivanti Policy Secure Vulnerabilities in response to active vulnerabilities in the following Ivanti products: Ivanti Connect Secure and Ivanti Policy Secure. ED 24-01 directs all Federal Civilian Executive Branch (FCEB) agencies running Ivanti Connect Secure and Ivanti Policy Secure to: Implement the mitigations as detailed in the ED. Report indications of compromise to CISA. Remove compromised products from agency networks and follow the ED’s comprehensive instructions for restoring and bringing the products back into service. Apply the updates to the products within 48 hours of Ivanti releasing the updates. Provide CISA with a report that includes: A complete inventory of all instances of Ivanti Connect Secure and Ivanti Policy Secure products on agency networks. Details on actions taken and results. Although this directive is only for FCEB agencies, CISA strongly encourages all organizations to address the vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure. For additional details, see CISA’s Alert, Ivanti Releases Security Update for Connect Secure and Policy Secure Gateways, which CISA will update with further mitigations and patches as these become available.  

Continue Reading ›

Oracle Releases Critical Patch Update Advisory for January 2024

Jan 18, 2024

Oracle released its Critical Patch Update Advisory for January 2024 to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Oracle’s January 2024 Critical Patch Update Advisory and apply the necessary updates.

Continue Reading ›

CISA Releases One Industrial Control Systems Advisory

Jan 18, 2024

CISA released one Industrial Control Systems (ICS) advisory on January 18, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-018-01 AVEVA PI Server CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations.

Continue Reading ›

Atlassian Releases Security Updates for Multiple Products

Jan 18, 2024

Atlassian released a security advisory to address a vulnerability (CVE-2023-22527) in out-of-date versions of Confluence Data Center and Server as well as its January 2024 security bulletin to address vulnerabilities in multiple products. A malicious cyber actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Atlassian Confluence Vulnerability advisory and Atlassian’s January 2024 Security Bulletin and apply the necessary updates.

Continue Reading ›

CISA Adds One Known Exploited Vulnerability to Catalog

Jan 18, 2024

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-35082 Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability  These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Continue Reading ›

Incident Response Guide for the WWS Sector

Jan 18, 2024

Today, CISA, the Federal Bureau of Investigation (FBI), and the Environmental Protection Agency released a joint Incident Response Guide for the Water and Wastewater Systems (WWS) Sector. The guide includes contributions from over 25 WWS Sector organizations spanning private industry, nonprofit, and government entities. This coordination enabled CISA, FBI, and EPA to develop a guide with meaningful value to WWS Sector organizations. Specifically, the guide provides information about the federal support available at each stage of the cyber incident response (IR) lifecycle and aims to enhance WWS Sector cybersecurity by:     Establishing clear guidance for reporting cyber incidents;     Connecting utilities with available cybersecurity resources, services, and no-cost trainings;     Empowering utilities to build a strong cybersecurity baseline to improve cyber resilience and cyber hygiene; and     Encouraging utilities to integrate into their local cyber communities. CISA, FBI, and EPA urge all WWS Sector and critical infrastructure organizations to review this guidance and incorporate it into their organizational cyber incident response planning. Organizations can visit CISA.gov/water for additional sector tools, information, and resources.  

Continue Reading ›

Citrix Releases Security Updates for NetScaler ADC and NetScaler Gateway

Jan 18, 2024

Citrix released security updates to address vulnerabilities (CVE-2023-6548 and CVE-2023-6549) in NetScaler ADC and NetScaler Gateway. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Citrix CTX584986 Security Bulletin and apply the necessary updates.

Continue Reading ›

Drupal Releases Security Advisory for Drupal Core

Jan 18, 2024

Drupal released a security advisory to address a vulnerability affecting multiple Drupal core versions. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review Drupal security advisory SA-CORE-2024-001 for more information and apply the necessary update.

Continue Reading ›

CISA Adds Three Known Exploited Vulnerabilities to Catalog

Jan 17, 2024

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-6549 Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability CVE-2023-6548 Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability CVE-2024-0519 Google Chromium V8 Out-of-Bounds Memory Access Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.  Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. Please share your thoughts. We recently updated our anonymous Product Feedback Survey and we'd welcome your feedback.

Continue Reading ›

VMware Releases Security Advisory for Aria Operations

Jan 17, 2024

VMware released a security advisory to address a vulnerability (CVE-2023-34063) in Aria Operations. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2024-0001 and apply the necessary update.

Continue Reading ›

CISA Releases Two Industrial Control Systems Advisories

Jan 16, 2024

CISA released two Industrial Control Systems (ICS) advisories on January 16, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-016-01 SEW-EURODRIVE MOVITOOLS MotionStudio  ICSA-24-016-02 Integration Objects OPC UA Server Toolkit   CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.

Continue Reading ›

CISA Adds One Known Exploited Vulnerability to Catalog

Jan 16, 2024

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2018-15133 Laravel Deserialization of Untrusted Data Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.  Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Continue Reading ›

CISA and FBI Release Known IOCs Associated with Androxgh0st Malware

Jan 16, 2024

Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), Known Indicators of Compromise Associated with Androxgh0st Malware, to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with threat actors deploying Androxgh0st malware. Androxgh0st malware establishes a botnet for victim identification and exploitation in vulnerable networks, and targets files that contain confidential information, such as credentials, for various high profile applications. Threat actors deploying Androxgh0st malware have been observed exploiting specific vulnerabilities which could lead to remote code execution, including: CVE-2017-9841 (PHP Unit Command) CVE-2021-41773 (Apache HTTP Server versions), and CVE-2018-15133 (Laravel applications). In response, CISA is adding these CVEs to its Known Exploited Vulnerabilities Catalog. CISA and FBI encourage organizations to review and implement the mitigations found in the joint CSA to reduce the likelihood and impact of cybersecurity incidents caused by Androxgh0st malware. For more information, visit CISA's Malware, Phishing, and Ransomware page.

Continue Reading ›

Juniper Networks Releases Security Bulletin for Junos OS and Junos OS Evolved

Jan 11, 2024

Juniper Networks has released a security advisory to address a vulnerability (CVE-2024-21611) in Junos OS and Junos OS Evolved. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review the Juniper Advisory JSA75752 and apply the necessary updates.

Continue Reading ›

CISA Releases Nine Industrial Control Systems Advisories

Jan 11, 2024

CISA released nine Industrial Control Systems (ICS) advisories on January 11, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-011-03 Rapid Software LLC Rapid SCADA ICSA-24-011-04 Horner Automation Cscape ICSA-24-011-05 Schneider Electric Easergy Studio ICSA-24-011-06 Siemens Teamcenter Visualization and JT2Go ICSA-24-011-07 Siemens Spectrum Power 7 ICSA-24-011-08 Siemens SICAM A8000 ICSA-24-011-09 Siemens SIMATIC CN 4100 ICSA-24-011-10 Siemens SIMATIC ICSA-24-011-11 Siemens Solid Edge   CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.

Continue Reading ›

Cisco Releases Security Advisory for Cisco Unity Connection

Jan 11, 2024

Cisco released a security advisory to address a vulnerability (CVE-2024-20272) in Cisco Unity Connection. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Cisco Unity Connection Unauthenticated Arbitrary File Upload Vulnerability advisory and apply the necessary updates.

Continue Reading ›

Pages

Related Content

Best Practices

10 Best Pactices

Our 10 Best Pactices

Contact Us

Contact Information Security at 756-7000

Contacts

Did you know?

Stay Safe Online Tips