Heightened Awareness for Iranian Cyber Activity

Original release date: December 3, 2020Iranian cyber threat actors have been continuously improving their offensive cyber capabilities. They continue to engage in more conventional offensive cyber activities ranging from website…

Comments Off on Heightened Awareness for Iranian Cyber Activity

NCSC Releases 2020 Annual Review

Original release date: December 3, 2020The United Kingdom (UK) National Cyber Security Centre (NCSC) has released its Annual Review 2020, which focuses on its response to evolving and challenging cyber…

Comments Off on NCSC Releases 2020 Annual Review

Apple Releases Security Updates for iCloud for Windows

Original release date: December 3, 2020Apple has released security updates to address vulnerabilities in iCloud for Windows. An attacker could exploit some of these vulnerabilities to take control of an…

Comments Off on Apple Releases Security Updates for iCloud for Windows

Mozilla Releases Security Update for Thunderbird

Original release date: December 2, 2020Mozilla has released a security update to address a vulnerability in Thunderbird. An attacker could exploit this vulnerability to take control of an affected system.…

Comments Off on Mozilla Releases Security Update for Thunderbird

Xerox Releases Security Updates for DocuShare

Original release date: December 2, 2020Xerox has released security updates for DocuShare 6.6.1, 7.0, and 7.5 to address a vulnerability that could allow an unauthenticated attacker to obtain sensitive information.…

Comments Off on Xerox Releases Security Updates for DocuShare

AA20-336A: Advanced Persistent Threat Actors Targeting U.S. Think Tanks

Original release date: December 1, 2020<br/><h3>Summary</h3><p class="tip-intro" style="font-size: 15px;"><em>This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&amp;CK®) framework. See the <a href="https://attack.mitre.org/versions/v7/techniques/enterprise/">ATT&amp;CK for Enterprise</a> for all referenced…

Comments Off on AA20-336A: Advanced Persistent Threat Actors Targeting U.S. Think Tanks

Vulnerability Summary for the Week of November 23, 2020

Original release date: November 30, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not…

Comments Off on Vulnerability Summary for the Week of November 23, 2020

Fortinet FortiOS System File Leak

Original release date: November 27, 2020The Cybersecurity and Infrastructure Security Agency (CISA) is aware of the possible exposure of passwords on Fortinet devices that are vulnerable to CVE 2018-13379. Exploitation…

Comments Off on Fortinet FortiOS System File Leak

Fortinet FortiOS System File Leak

Original release date: November 27, 2020The Cybersecurity and Infrastructure Security Agency (CISA) is aware of the possible exposure of passwords on Fortinet devices that are vulnerable to CVE 2018-13379. Exploitation…

Comments Off on Fortinet FortiOS System File Leak