Current Activity

CISA and FBI Release Alert on Active Exploitation of CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus

Original release date: December 2, 2021CISA and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory identifying active exploitation of a vulnerability—CVE-2021-44077—in Zoho ManageEngine ServiceDesk Plus. CVE-2021-44077 is…

Comments Off

December 3, 2021

Current Activity

NSA and CISA Release Part III of Guidance on Securing 5G Cloud Infrastructures

Original release date: December 2, 2021CISA has announced the joint National Security Agency (NSA) and CISA publication of the third of a four-part series, Security Guidance for 5G Cloud Infrastructures. Part…

Comments Off

December 3, 2021

Current Activity

Mozilla Releases Security Updates for Network Security Services

Original release date: December 2, 2021Mozilla has released security updates to address a vulnerability in Network Security Services (NSS). An attacker could exploit this vulnerability to take control of an…

Comments Off

December 3, 2021

Current Activity

CISA Adds Five Known Exploited Vulnerabilities to Catalog

Original release date: December 1, 2021CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the…

Comments Off

December 1, 2021

Current Activity

CISA Releases Capacity Enhancement Guides to Enhance Mobile Device Cybersecurity for Consumers and Organizations

Original release date: November 24, 2021CISA has released actionable Capacity Enhancement Guides (CEGs) to help users and organizations improve mobile device cybersecurity. The CEG: Mobile Device Cybersecurity Checklist for Consumers…

Comments Off

November 24, 2021

Current Activity

Reminder for Critical Infrastructure to Stay Vigilant Against Threats During Holidays and Weekends

Original release date: November 22, 2021As Americans prepare to hit the highways and airports this Thanksgiving holiday, CISA and the Federal Bureau of Investigation (FBI) are reminding critical infrastructure partners…

Comments Off

November 22, 2021

Current Activity

Updated: APT Exploitation of ManageEngine ADSelfService Plus Vulnerability

Original release date: November 19, 2021The Federal Bureau of Investigation (FBI), CISA, and Coast Guard Cyber Command (CGCYBER) have updated the Joint Cybersecurity Advisory (CSA) published on September 16, 2021,…

Comments Off

November 20, 2021

Current Activity

NSA and CISA Release Guidance on Securing 5G Cloud Infrastructures

Original release date: November 19, 2021CISA has announced the joint National Security Agency (NSA) and CISA publication of the second of a four-part series, Security Guidance for 5G Cloud Infrastructures.…

Comments Off

November 19, 2021

Current Activity

CISA Adds Four Known Exploited Vulnerabilities to Catalog

Original release date: November 17, 2021CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, which require remediation from federal civilian executive branch (FCEB) agencies by December 1,…

Comments Off

November 17, 2021

Current Activity

Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities

Original release date: November 17, 2021CISA, the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) have released a…

Comments Off

November 17, 2021