Current Activity

GPS Daemon (GPSD) Rollover Bug

Original release date: October 21, 2021Critical Infrastructure (CI) owners and operators, and other users who obtain Coordinated Universal Time (UTC) from Global Positioning System (GPS) devices, should be aware of…

Comments Off

October 21, 2021

Current Activity

Cisco Releases Security Updates for IOS XE SD-WAN Software

Original release date: October 21, 2021Cisco has released security updates to address a vulnerability in IOS XE SD-WAN Software. An authenticated local attacker could exploit this vulnerability to take control…

Comments Off

October 21, 2021

Current Activity

Oracle Releases October 2021 Critical Patch Update

Original release date: October 19, 2021Oracle has released its Critical Patch Update for October 2021 to address 419 vulnerabilities across multiple products. A remote attacker could exploit some of these…

Comments Off

October 19, 2021

Current Activity

CISA, FBI, and NSA Release Joint Cybersecurity Advisory on BlackMatter Ransomware

Original release date: October 18, 2021CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released joint Cybersecurity Advisory (CSA): BlackMatter Ransomware. Since July 2021, malicious…

Comments Off

October 19, 2021

Current Activity

Apache Releases Security Advisory for Tomcat  

Original release date: October 15, 2021The Apache Software Foundation has released a security advisory to address a vulnerability in multiple versions of Tomcat. An attacker could exploit this vulnerability to…

Comments Off

October 15, 2021

Current Activity

Ongoing Cyber Threats to U.S. Water and Wastewater Systems Sector Facilities

Original release date: October 14, 2021CISA, the Federal Bureau of Investigation (FBI), the Environmental Protection Agency (EPA), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA) that…

Comments Off

October 14, 2021

Current Activity

Microsoft Releases October 2021 Security Updates

Original release date: October 12, 2021Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected…

Comments Off

October 12, 2021

Current Activity

NSA Releases Guidance on Avoiding the Dangers of Wildcard TLS Certificates and ALPACA Techniques

Original release date: October 8, 2021The National Security Agency (NSA) has released a Cybersecurity Information (CSI) sheet with guidance to help secure the Department of Defense, National Security Systems, and…

Comments Off

October 8, 2021

Current Activity

Apache Releases HTTP Server version 2.4.51 to Address Vulnerabilities Under Exploitation

Original release date: October 7, 2021On October 7, 2021, the Apache Software Foundation released Apache HTTP Server version 2.4.51 to address Path Traversal and Remote Code Execution vulnerabilities (CVE-2021-41773, CVE-2021-42013)…

Comments Off

October 7, 2021

Current Activity

CISA Releases Security Advisory for Honeywell Experion and ACE Controllers

Original release date: October 5, 2021CISA has released an Industrial Controls Systems (ICS) advisory detailing multiple vulnerabilities affecting all versions of Honeywell Experion Process Knowledge System C200, C200E, C300, and…

Comments Off

October 6, 2021