Yearly Archives: 2025

Current Activity

CISA Releases Thirty-Two Industrial Control Systems Advisories

CISA released thirty-two Industrial Control Systems (ICS) advisories on August 14, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-226-01 Siemens SIMATIC RTLS Locating…

Comments Off on CISA Releases Thirty-Two Industrial Control Systems Advisories
August 15, 2025
Bulletins

Vulnerability Summary for the Week of August 4, 2025

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info Adobe--Adobe Experience Manager Adobe Experience Manager versions 6.5.23 and earlier are affected by a Misconfiguration vulnerability that could result…

Comments Off on Vulnerability Summary for the Week of August 4, 2025
August 11, 2025
Current Activity

CISA Issues ED 25-02: Mitigate Microsoft Exchange Vulnerability

Today, CISA issued Emergency Directive (ED) 25-02: Mitigate Microsoft Exchange Vulnerability in response to CVE-2025-53786, a vulnerability in Microsoft Exchange server hybrid deployments.   ED 25-02 directs all Federal Civilian…

Comments Off on CISA Issues ED 25-02: Mitigate Microsoft Exchange Vulnerability
August 8, 2025
Current Activity

CISA Releases Malware Analysis Report Associated with Microsoft SharePoint Vulnerabilities

CISA published a Malware Analysis Report (MAR) with analysis and associated detection signatures on files related to Microsoft SharePoint vulnerabilities: CVE-2025-49704 [CWE-94: Code Injection], CVE-2025-49706 [CWE-287: Improper Authentication], CVE-2025-53770 [CWE-502:…

Comments Off on CISA Releases Malware Analysis Report Associated with Microsoft SharePoint Vulnerabilities
August 7, 2025
Analysis Reports

MAR-251132.c1.v1 Exploitation of SharePoint Vulnerabilities

Notification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein.…

Comments Off on MAR-251132.c1.v1 Exploitation of SharePoint Vulnerabilities
August 6, 2025
Bulletins

Vulnerability Summary for the Week of July 28, 2025

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info 0x676e67--vproxy vproxy is an HTTP/HTTPS/SOCKS5 proxy server. In versions 2.3.3 and below, untrusted data is extracted from the user-controlled…

Comments Off on Vulnerability Summary for the Week of July 28, 2025
August 5, 2025
Alerts

CISA and USCG Identify Areas for Cyber Hygiene Improvement After Conducting Proactive Threat Hunt at US Critical Infrastructure Organization

Summary The Cybersecurity and Infrastructure Security Agency (CISA) and U.S. Coast Guard (USCG) are issuing this Cybersecurity Advisory to present findings from a recent CISA and USCG hunt engagement. The…

Comments Off on CISA and USCG Identify Areas for Cyber Hygiene Improvement After Conducting Proactive Threat Hunt at US Critical Infrastructure Organization
August 1, 2025
Current Activity

Eviction Strategies Tool Released

Today, CISA released the Eviction Strategies Tool to provide cyber defenders with critical support and assistance during the containment and eviction phases of incident response. This tool includes: Cyber Eviction…

Comments Off on Eviction Strategies Tool Released
July 31, 2025
Bulletins

Vulnerability Summary for the Week of July 21, 2025

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info 1000 Projects--ABC Courier Management System A vulnerability has been found in 1000 Projects ABC Courier Management System 1.0 and…

Comments Off on Vulnerability Summary for the Week of July 21, 2025
July 28, 2025