Yearly Archives: 2020

Current Activity

WordPress Releases Security Update

WordPress 5.4 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website. The Cybersecurity and Infrastructure Security…

Comments Off on WordPress Releases Security Update
April 30, 2020
Current Activity

VMware Releases Security Updates for ESXi

VMware has released security updates to address a vulnerability in ESXi. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency…

Comments Off on VMware Releases Security Updates for ESXi
April 29, 2020
Alerts

AA20-120A: Microsoft Office 365 Security Recommendations

As organizations adapt or change their enterprise collaboration capabilities to meet “telework” requirements, many organizations are migrating to Microsoft Office 365 (O365) and other cloud collaboration services. Due to the…

Comments Off on AA20-120A: Microsoft Office 365 Security Recommendations
April 29, 2020
Current Activity

Juniper Releases Security Updates for Junos OS

Juniper has released security updates to address a vulnerability affecting multiple versions of Junos operating systems. A remote attacker can exploit this vulnerability to take control of an affected system.…

Comments Off on Juniper Releases Security Updates for Junos OS
April 28, 2020
Bulletins

Vulnerability Summary for the Week of April 20, 2020

Original release date: April 27, 2020The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet…

Comments Off on Vulnerability Summary for the Week of April 20, 2020
April 27, 2020
Current Activity

OpenSSL Releases Security Update

OpenSSL version 1.1.1g has been released to address a vulnerability affecting versions 1.1.1d–1.1.1f. An attacker could exploit this vulnerability to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency…

Comments Off on OpenSSL Releases Security Update
April 22, 2020
Current Activity

Microsoft Releases Security Updates for Multiple Products

Microsoft has released security updates to address multiple vulnerabilities in products that use the Autodesk FBX library. These include Office 2016, Office 2019, Office 365 ProPlus, and Paint 3D. A…

Comments Off on Microsoft Releases Security Updates for Multiple Products
April 22, 2020
Current Activity

NSA, ASD Release Guidance for Mitigating Web Shell Malware

The U.S. National Security Agency (NSA) and the Australian Signals Directorate (ASD) have jointly released a Cybersecurity Information Sheet (CSI) on mitigating web shell malware. Malicious cyber actors are increasingly…

Comments Off on NSA, ASD Release Guidance for Mitigating Web Shell Malware
April 22, 2020
Current Activity

IC3 Releases Alert on Extortion Email Scams

The Internet Crime Complaint Center (IC3) has released an alert warning of a recent increase in extortion email scams. Cyber criminals threaten to release sexually explicit photos or videos of…

Comments Off on IC3 Releases Alert on Extortion Email Scams
April 21, 2020
Bulletins

Vulnerability Summary for the Week of April 13, 2020

Original release date: April 20, 2020The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet…

Comments Off on Vulnerability Summary for the Week of April 13, 2020
April 20, 2020