AA20-205A: NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems

Original release date: July 23, 2020SummaryNote: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise and ATT&CK for Industrial Control Systems frameworks…

Comments Off on AA20-205A: NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems

Vulnerability Summary for the Week of July 13, 2020

Original release date: July 20, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not…

Comments Off on Vulnerability Summary for the Week of July 13, 2020

CISA Releases Emergency Directive on Critical Microsoft Vulnerability

Original release date: July 16, 2020The Cybersecurity and Infrastructure Security Agency (CISA) has released Emergency Directive 20-03 addressing a critical vulnerability—CVE-2020-1350—affecting all versions of Windows Server with the Domain Name…

Comments Off on CISA Releases Emergency Directive on Critical Microsoft Vulnerability

AR20-198B: MAR-10296782-2.v1 – WELLMESS

Original release date: July 16, 2020DescriptionNotification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind…

Comments Off on AR20-198B: MAR-10296782-2.v1 – WELLMESS

AR20-198A: MAR-10296782-1.v1 – SOREFANG

Original release date: July 16, 2020DescriptionNotification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind…

Comments Off on AR20-198A: MAR-10296782-1.v1 – SOREFANG

AR20-198C: MAR-10296782-3.v1 – WELLMAIL

Original release date: July 16, 2020DescriptionNotification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind…

Comments Off on AR20-198C: MAR-10296782-3.v1 – WELLMAIL

Oracle Releases July 2020 Security Bulletin

Original release date: July 14, 2020Oracle has released its Critical Patch Update for July 2020 to address 433 vulnerabilities across multiple products. A remote attacker could exploit some of these…

Comments Off on Oracle Releases July 2020 Security Bulletin

AA20-195A: Critical Vulnerability in SAP NetWeaver AS Java

Original release date: July 13, 2020SummaryOn July 13, 2020 EST, SAP released a security update to address a critical vulnerability, CVE-2020-6287, affecting the SAP NetWeaver Application Server (AS) Java component…

Comments Off on AA20-195A: Critical Vulnerability in SAP NetWeaver AS Java

Vulnerability Summary for the Week of July 6, 2020

Original release date: July 13, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not…

Comments Off on Vulnerability Summary for the Week of July 6, 2020