October 2021 – Page 2

Vulnerability Summary for the Week of October 11, 2021

Original release date: October 18, 2021 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info ardour -- ardour Ardour v5.12 contains a use-after-free vulnerability in…

Comments Off

October 19, 2021

Alerts

AA21-291A: BlackMatter Ransomware

Original release date: October 18, 2021SummaryActions You Can Take Now to Protect Against BlackMatter Ransomware • Implement and enforce backup and restoration policies and procedures. • Use strong, unique passwords.…

Comments Off

October 18, 2021

Current Activity

Apache Releases Security Advisory for Tomcat  

Original release date: October 15, 2021The Apache Software Foundation has released a security advisory to address a vulnerability in multiple versions of Tomcat. An attacker could exploit this vulnerability to…

Comments Off

October 15, 2021

Current Activity

Ongoing Cyber Threats to U.S. Water and Wastewater Systems Sector Facilities

Original release date: October 14, 2021CISA, the Federal Bureau of Investigation (FBI), the Environmental Protection Agency (EPA), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA) that…

Comments Off

October 14, 2021

Alerts

AA21-287A: Ongoing Cyber Threats to U.S. Water and Wastewater Systems

Original release date: October 14, 2021SummaryImmediate Actions WWS Facilities Can Take Now to Protect Against Malicious Cyber Activity • Do not click on suspicious links.• If you use RDP, secure…

Comments Off

October 14, 2021

Current Activity

Microsoft Releases October 2021 Security Updates

Original release date: October 12, 2021Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected…

Comments Off

October 12, 2021

Bulletins

Vulnerability Summary for the Week of October 4, 2021

Original release date: October 11, 2021 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info archibus -- web_central ** UNSUPPORTED WHEN ASSIGNED ** In ARCHIBUS…

Comments Off

October 11, 2021

Current Activity

NSA Releases Guidance on Avoiding the Dangers of Wildcard TLS Certificates and ALPACA Techniques

Original release date: October 8, 2021The National Security Agency (NSA) has released a Cybersecurity Information (CSI) sheet with guidance to help secure the Department of Defense, National Security Systems, and…

Comments Off

October 8, 2021

Current Activity

Apache Releases HTTP Server version 2.4.51 to Address Vulnerabilities Under Exploitation

Original release date: October 7, 2021On October 7, 2021, the Apache Software Foundation released Apache HTTP Server version 2.4.51 to address Path Traversal and Remote Code Execution vulnerabilities (CVE-2021-41773, CVE-2021-42013)…

Comments Off

October 7, 2021

Current Activity

CISA Releases Security Advisory for Honeywell Experion and ACE Controllers

Original release date: October 5, 2021CISA has released an Industrial Controls Systems (ICS) advisory detailing multiple vulnerabilities affecting all versions of Honeywell Experion Process Knowledge System C200, C200E, C300, and…

Comments Off

October 6, 2021