As part of the Enduring Security Framework (ESF), the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) has released Identity and Access Management Recommended Best Practices…
Drupal has released a security advisory to address an access bypass vulnerability affecting multiple Drupal versions. An attacker could exploit this vulnerability to take control of an affected system. CISA…
The Federal Bureau of Investigation (FBI), CISA, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) has released a joint cybersecurity advisory (CSA), #StopRansomware: LockBit 3.0. This joint advisory details…
CISA has released a draft Secure Cloud Business Applications (SCuBA) Hybrid Identity Solutions Architecture guidance document for public comment. The request for comment period is open until April 17, 2023.…
The Water Information Sharing and Analysis Center (WaterISAC) has released an advisory, Potential for Mandatory Microsoft DCOM Patch to Disrupt SCADA. ICS/OT/SCADA engineers and operators should assess the use of…
In light of recent bank failures, CISA warns consumers to beware of potential scams requesting your money or sensitive personal information. Exercise caution in handling emails with bank-related subject lines,…
Today, CISA is announcing the creation of the Ransomware Vulnerability Warning Pilot (RVWP). Through the RVWP, CISA: Proactively identifies information systems—belonging to critical infrastructure entities—that contain vulnerabilities commonly…
Fortinet has released its March 2023 Vulnerability Advisories to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages…
Original release date: February 23, 2023VMware has released security updates to address a vulnerability in Carbon Black App Control. A remote attacker could exploit this vulnerability to take control of…
