CISA released twenty-one Industrial Control Systems (ICS) advisories on July 11, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-193-01 Siemens Remote Connect…
Today, CISA released CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth in coordination with the assessed organization. This Cybersecurity Advisory (CSA) details…
EXECUTIVE SUMMARY In early 2023, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a SILENTSHIELD red team assessment against a Federal Civilian Executive Branch (FCEB) organization. During SILENTSHIELD assessments, the…
Today, CISA and FBI are releasing their newest Secure by Design Alert in the series, Eliminating OS Command Injection Vulnerabilities, in response to recent well-publicized threat actor campaigns that exploited OS…
CISA has collaborated with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) to release an advisory, People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in…
Overview Background This advisory, authored by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the United States Cybersecurity and Infrastructure Security Agency (CISA), the United States National Security…
High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info 2code -- wpqa_builder The WPQA Builder WordPress plugin before 6.1.1 does not have CSRF checks in some…
High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info access_management_specialist_project -- access_management_specialist An issue in Shenzhen Weitillage Industrial Co., Ltd the access management specialist V6.62.51215 allows…
Progress Software released a security bulletin to address a vulnerability in MOVEit Transfer. A cyber threat actor could exploit this vulnerability to take control of an affected system. Users and…
High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info 3uu--Shariff Wrapper The Shariff Wrapper plugin for WordPress is vulnerable to Local File Inclusion in versions up…
