Original release date: September 16, 2021Drupal has released security updates to address multiple vulnerabilities affecting Drupal 8.9, 9.1, and 9.2. An attacker could exploit some of these vulnerabilities to take…
Original release date: September 13, 2021Apple has released security updates to address vulnerabilities—CVE-2021-30858 and CVE-2021-30860—in multiple products. An attacker could exploit these vulnerabilities to take control of an affected device.…
Original release date: September 13, 2021CISA will host its fourth annual National Cybersecurity Summit on Wednesdays during the month of October. The 2021 Summit will be held as a series…
Original release date: September 7, 2021Microsoft has released mitigations and workarounds to address a remote code execution vulnerability (CVE-2021-40444) in Microsoft Windows. Exploitation of this vulnerability may allow a remote…
Original release date: September 3, 2021CISA has released a new CISA Insights, Risk Considerations for Managed Service Provider Customers (MSPs), which provides Managed Service Provider (MSP) customers a framework for…
Original release date: September 3, 2021On August 25, 2021, Atlassian released security updates to address a remote code execution vulnerability (CVE-2021-26084) affecting Confluence Server and Data Center. Recently, CVE-2021-26084 has…
Original release date: September 2, 2021Cisco has released security updates to address a critical vulnerability affecting Cisco Enterprise Network Function Virtualization Infrastructure Software (NFVIS) Release 4.5.1. A remote attacker could…
Original release date: August 31, 2021Today, the Federal Bureau of Investigation (FBI) and CISA released a Joint Cybersecurity Advisory (CSA) to urge organizations to ensure they protect themselves against ransomware attacks…
Original release date: August 30, 2021Today, CISA added the use of single-factor authentication for remote or administrative access systems to our Bad Practices list of exceptionally risky cybersecurity practices. Single-factor authentication…
Original release date: August 27, 2021CISA is aware of a misconfiguration vulnerability in Microsoft’s Azure Cosmos DB that may have exposed customer data. Although the misconfiguration appears to have been…
