Xerox Releases Security Updates for DocuShare

Original release date: December 2, 2020Xerox has released security updates for DocuShare 6.6.1, 7.0, and 7.5 to address a vulnerability that could allow an unauthenticated attacker to obtain sensitive information.…

Comments Off on Xerox Releases Security Updates for DocuShare

AA20-336A: Advanced Persistent Threat Actors Targeting U.S. Think Tanks

Original release date: December 1, 2020<br/><h3>Summary</h3><p class="tip-intro" style="font-size: 15px;"><em>This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&amp;CK®) framework. See the <a href="https://attack.mitre.org/versions/v7/techniques/enterprise/">ATT&amp;CK for Enterprise</a> for all referenced…

Comments Off on AA20-336A: Advanced Persistent Threat Actors Targeting U.S. Think Tanks

Vulnerability Summary for the Week of November 23, 2020

Original release date: November 30, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not…

Comments Off on Vulnerability Summary for the Week of November 23, 2020

Fortinet FortiOS System File Leak

Original release date: November 27, 2020The Cybersecurity and Infrastructure Security Agency (CISA) is aware of the possible exposure of passwords on Fortinet devices that are vulnerable to CVE 2018-13379. Exploitation…

Comments Off on Fortinet FortiOS System File Leak

Fortinet FortiOS System File Leak

Original release date: November 27, 2020The Cybersecurity and Infrastructure Security Agency (CISA) is aware of the possible exposure of passwords on Fortinet devices that are vulnerable to CVE 2018-13379. Exploitation…

Comments Off on Fortinet FortiOS System File Leak

Online Holiday Shopping Scams

Original release date: November 24, 2020With more commerce occurring online this year, and with the holiday season upon us, the Cybersecurity and Infrastructure Security Agency (CISA) reminds shoppers to remain…

Comments Off on Online Holiday Shopping Scams

VMware Releases Workarounds for CVE-2020-4006

Original release date: November 23, 2020VMware has released workarounds to address a vulnerability—CVE-2020-4006—in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. An attacker could exploit this…

Comments Off on VMware Releases Workarounds for CVE-2020-4006

VMware Releases Workarounds for CVE-2020-4006

Original release date: November 23, 2020VMware has released workarounds to address a vulnerability—CVE-2020-4006—in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. An attacker could exploit this…

Comments Off on VMware Releases Workarounds for CVE-2020-4006

Vulnerability Summary for the Week of November 16, 2020

Original release date: November 23, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not…

Comments Off on Vulnerability Summary for the Week of November 16, 2020

VMware Releases Security Updates for VMware SD-WAN Orchestrator

Original release date: November 19, 2020VMware has released security updates to address multiple vulnerabilities in VMware SD-WAN Orchestrator. An attacker could exploit some of these vulnerabilities to take control of…

Comments Off on VMware Releases Security Updates for VMware SD-WAN Orchestrator