Vulnerability Summary for the Week of July 20, 2020

Original release date: July 27, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not…

Comments Off on Vulnerability Summary for the Week of July 20, 2020

AA20-209A: Potential Legacy Risk from Malware Targeting QNAP NAS Devices

Original release date: July 27, 2020SummaryThis is a joint alert from the United States Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). CISA…

Comments Off on AA20-209A: Potential Legacy Risk from Malware Targeting QNAP NAS Devices

AA20-206A: Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902

Original release date: July 24, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is issuing this alert in response to recently disclosed exploits that target F5 BIG-IP devices that are vulnerable…

Comments Off on AA20-206A: Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902

Cisco Releases Security Updates for ASA and FTD Software

Original release date: July 23, 2020Cisco has released security updates to address a vulnerability in Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software Web Service. A remote…

Comments Off on Cisco Releases Security Updates for ASA and FTD Software

AA20-205A: NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems

Original release date: July 23, 2020SummaryNote: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise and ATT&CK for Industrial Control Systems frameworks…

Comments Off on AA20-205A: NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems

Vulnerability Summary for the Week of July 13, 2020

Original release date: July 20, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not…

Comments Off on Vulnerability Summary for the Week of July 13, 2020

CISA Releases Emergency Directive on Critical Microsoft Vulnerability

Original release date: July 16, 2020The Cybersecurity and Infrastructure Security Agency (CISA) has released Emergency Directive 20-03 addressing a critical vulnerability—CVE-2020-1350—affecting all versions of Windows Server with the Domain Name…

Comments Off on CISA Releases Emergency Directive on Critical Microsoft Vulnerability

AR20-198B: MAR-10296782-2.v1 – WELLMESS

Original release date: July 16, 2020DescriptionNotification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind…

Comments Off on AR20-198B: MAR-10296782-2.v1 – WELLMESS