Apple Releases Security Updates for iCloud for Windows

Original release date: December 3, 2020Apple has released security updates to address vulnerabilities in iCloud for Windows. An attacker could exploit some of these vulnerabilities to take control of an…

Comments Off on Apple Releases Security Updates for iCloud for Windows

Mozilla Releases Security Update for Thunderbird

Original release date: December 2, 2020Mozilla has released a security update to address a vulnerability in Thunderbird. An attacker could exploit this vulnerability to take control of an affected system.…

Comments Off on Mozilla Releases Security Update for Thunderbird

Xerox Releases Security Updates for DocuShare

Original release date: December 2, 2020Xerox has released security updates for DocuShare 6.6.1, 7.0, and 7.5 to address a vulnerability that could allow an unauthenticated attacker to obtain sensitive information.…

Comments Off on Xerox Releases Security Updates for DocuShare

AA20-336A: Advanced Persistent Threat Actors Targeting U.S. Think Tanks

Original release date: December 1, 2020<br/><h3>Summary</h3><p class="tip-intro" style="font-size: 15px;"><em>This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&amp;CK®) framework. See the <a href="https://attack.mitre.org/versions/v7/techniques/enterprise/">ATT&amp;CK for Enterprise</a> for all referenced…

Comments Off on AA20-336A: Advanced Persistent Threat Actors Targeting U.S. Think Tanks

Vulnerability Summary for the Week of November 23, 2020

Original release date: November 30, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not…

Comments Off on Vulnerability Summary for the Week of November 23, 2020

Fortinet FortiOS System File Leak

Original release date: November 27, 2020The Cybersecurity and Infrastructure Security Agency (CISA) is aware of the possible exposure of passwords on Fortinet devices that are vulnerable to CVE 2018-13379. Exploitation…

Comments Off on Fortinet FortiOS System File Leak

Fortinet FortiOS System File Leak

Original release date: November 27, 2020The Cybersecurity and Infrastructure Security Agency (CISA) is aware of the possible exposure of passwords on Fortinet devices that are vulnerable to CVE 2018-13379. Exploitation…

Comments Off on Fortinet FortiOS System File Leak

Online Holiday Shopping Scams

Original release date: November 24, 2020With more commerce occurring online this year, and with the holiday season upon us, the Cybersecurity and Infrastructure Security Agency (CISA) reminds shoppers to remain…

Comments Off on Online Holiday Shopping Scams

VMware Releases Workarounds for CVE-2020-4006

Original release date: November 23, 2020VMware has released workarounds to address a vulnerability—CVE-2020-4006—in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. An attacker could exploit this…

Comments Off on VMware Releases Workarounds for CVE-2020-4006