Feed aggregator

Microsoft Releases July 2024 Security Updates

Jul 9, 2024

Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.   CISA encourages users and administrators to review the following and apply necessary updates:     Microsoft Security Update Guide for July

Continue Reading ›

Citrix Releases Security Updates for Multiple Products

Jul 9, 2024

Citrix released security updates to address vulnerabilities in multiple Citrix products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.   CISA encourages users and administrators to review the following and apply necessary updates:   NetScaler ADC and NetScaler Gateway Security Update for CVE-2024-5491 and CVE-2024-5492 NetScaler Console, Agent and SVM Security Update for CVE-2024-6235 and CVE-2024-6236 Citrix Workspace app for HTML5 Security Bulletin CVE-2024-6148 and CVE-2024-6149 Citrix Provisioning Security Bulletin CVE-2024-6150 Windows Virtual Delivery Agent for CVAD and Citrix DaaS Security Bulletin CVE-2024-6151 Citrix Workspace app for Windows Security Bulletin CVE-2024-6286

Continue Reading ›

CISA Releases Seven Industrial Control Systems Advisories

Jul 9, 2024

CISA released seven Industrial Control Systems (ICS) advisories on July 9, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-191-01 Delta Electronics CNCSoft-G2 ICSA-24-191-02 Mitsubishi Electric MELIPC Series MI5122-VW ICSA-24-191-03 Johnson Controls Illustra Pro Gen 4 ICSA-24-191-04 Johnson Controls Software House C●CURE 9000 ICSA-24-191-05 Johnson Controls Software House C●CURE 9000  ICSA-24-177-02 PTC Creo Elements/Direct License Server (Update A) ICSA-23-269-03 Mitsubishi Electric FA Engineering Software (Update A) CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.

Continue Reading ›

Adobe Releases Security Updates for Multiple Products

Jul 9, 2024

Adobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.   CISA encourages users and administrators to review the following Adobe Security Bulletins and apply necessary updates:  Security Updates Available for Adobe Premiere Pro | APSB24-46 Security Update Available for Adobe InDesign | APSB24-48 Security Updates Available for Adobe Bridge | APSB24-51

Continue Reading ›

CISA and Partners join ASD’S ACSC to Release Advisory on PRC State-Sponsored Group, APT 40

Jul 8, 2024

CISA has collaborated with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) to release an advisory, People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action outlining a PRC state-sponsored cyber group’s activity. The following organizations also collaborated with ASD's ACSC on the guidance: The National Security Agency (NSA); The Federal Bureau of Investigation (FBI); The United Kingdom’s National Cyber Security Centre (NCSC-UK); The Canadian Centre for Cyber Security (CCCS); The New Zealand National Cyber Security Centre (NCSC-NZ); The German Federal Intelligence Service (BND) and Federal Office for the Protection of the Constitution (BfV); The Republic of Korea’s National Intelligence Service (NIS) and NIS’ National Cyber Security Center (NCSC); and Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) and National Policy Agency (NPA). The advisory is based on current ACSC-led incident response investigations and shared understanding of a PRC state-sponsored cyber group, APT40—also known as Kryptonite Panda, GINGHAM TYPHOON, Leviathan and Bronze Mohawk in industry reporting. APT 40 has previously targeted organizations in various countries, including Australia and the United States. Notably, APT 40 possesses the ability to quickly transform and adapt vulnerability proofs of concept (POCs) for targeting, reconnaissance, and exploitation operations. APT 40 identifies new exploits within widely used public software such as Log4J, Atlassian Confluence and Microsoft Exchange to target the infrastructure of the associated vulnerability. CISA urges all organizations and software manufacturers to review the advisory to help identify, prevent, and remediate APT 40 intrusions. Software vendors are also urged to incorporate Secure by Design principles into their practices to limit the impact of threat actor techniques and to strengthen the security posture of their products for their customers. For more information on PRC state-sponsored threat actor activity, see CISA’s People's Republic of China Cyber Threat. To learn more about secure by design principles and practices, visit CISA’s Secure by Design webpage.

Continue Reading ›

CISA Releases Seven Industrial Control Systems Advisories

Jul 2, 2024

CISA released seven Industrial Control Systems (ICS) advisories on July 2, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-184-01 Johnson Controls Kantech Door Controllers ICSA-24-184-02 mySCADA myPRO ICSA-24-184-03 ICONICS and Mitsubishi Electric Products ICSA-24-179-04 Johnson Controls Illustra Essentials Gen 4 (Update A) ICSA-24-179-05 Johnson Controls Illustra Essentials Gen 4 (Update A) ICSA-24-179-06 Johnson Controls Illustra Essentials Gen 4 (Update A) ICSA-24-179-07 Johnson Controls Illustra Essentials Gen 4 (Update A) CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.

Continue Reading ›

CISA Adds One Known Exploited Vulnerability to Catalog

Jul 2, 2024

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-20399 Cisco NX-OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Continue Reading ›

Juniper Networks Releases Security Bulletin for Junos OS: SRX Series

Jul 2, 2024

Juniper Networks released a security bulletin to address a vulnerability in Junos OS: SRX Series. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition.  Users and administrators are encouraged to review the following and apply the necessary updates: JSA83195 Juniper Security Bulletin

Continue Reading ›

Progress Software Releases Security Bulletin for MOVEit Transfer

Jun 28, 2024

Progress Software released a security bulletin to address a vulnerability in MOVEit Transfer. A cyber threat actor could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review the following bulletin and apply the necessary updates: MOVEit Transfer Critical Security Alert Bulletin – June 2024 – (CVE-2024-5806)

Continue Reading ›

CISA Releases Seven Industrial Control Systems Advisories

Jun 27, 2024

CISA released seven Industrial Control Systems (ICS) advisories on June 27, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-179-01 TELSAT marKoni FM Transmitter ICSA-24-179-02 SDG Technologies PnPSCADA ICSA-24-179-03 Yokogawa FAST/TOOLS and CI Server ICSA-24-179-04 Johnson Controls Illustra Essentials Gen 4 ICSA-24-179-05 Johnson Controls Illustra Essentials Gen 4 ICSA-24-179-06 Johnson Controls Illustra Essentials Gen 4 ICSA-24-179-07 Johnson Controls Illustra Essentials Gen 4 CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.

Continue Reading ›

CISA Adds Three Known Exploited Vulnerabilities to Catalog

Jun 26, 2024

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2022-24816 GeoSolutionsGroup JAI-EXT Code Injection Vulnerability CVE-2022-2586 Linux Kernel Use-After-Free Vulnerability CVE-2020-13965 Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Continue Reading ›

CISA and Partners Release Guidance for Exploring Memory Safety in Critical Open Source Projects

Jun 26, 2024

Today, CISA, in partnership with the Federal Bureau of Investigation, Australian Signals Directorate’s Australian Cyber Security Centre, and Canadian Cyber Security Center, released Exploring Memory Safety in Critical Open Source Projects. This guidance was crafted to provide organizations with findings on the scale of memory safety risk in selected open source software (OSS). This joint guidance builds on the guide The Case for Memory Safe Roadmaps by providing a starting point for software manufacturers to create memory safe roadmaps, including plans to address memory safety in external dependencies which commonly include OSS. Exploring Memory Safety in Critical Open Source Projects also aligns with the 2023 National Cybersecurity Strategy and corresponding implementation plan, which discusses investing in memory safety and collaborating with the open source community—including the establishment of the interagency Open Source Software Security Initiative (OS3I) and investment in memory-safe programming languages. CISA encourages all organizations and software manufacturers to review the methodology and results found in the guidance to: Reduce memory safety vulnerabilities; Make secure and informed choices; Understand the memory-unsafety risk in OSS; Evaluate approaches to reducing this risk; and Continue efforts to drive risk-reducing action by software manufacturers. To learn more about taking a top-down approach to developing secure products, visit CISA’s Secure by Design webpage.

Continue Reading ›

CISA Releases Two Industrial Control Systems Advisories

Jun 25, 2024

CISA released two Industrial Control Systems (ICS) advisories on June 25, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-177-01 ABB Ability System 800xA ICSA-24-177-02 PTC Creo Elements/Direct License Server CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.

Continue Reading ›

Pages

Related Content

Best Practices

10 Best Pactices

Our 10 Best Pactices

Contact Us

Contact Information Security at 756-7000

Contacts

Did you know?

Stay Safe Online Tips