Latest Alerts – Page 17

IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities

SUMMARY The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Environmental Protection Agency (EPA), and the Israel National Cyber Directorate (INCD)—hereafter referred to…

Comments Off

December 2, 2023

Current Activity

CISA Removes One Known Exploited Vulnerability From Catalog

CISA is continually collaborating with partners across government and the private sector. As a result of this collaboration, CISA has concluded that there is insufficient evidence to keep the following…

Comments Off

December 2, 2023

Current Activity

Multiple Vulnerabilities Affecting Web-Based Court Case and Document Management Systems

CISA has assisted a researcher with coordinating the disclosure of multiple researcher-discovered vulnerabilities affecting web-based case and document management systems used by multiple state, county, and municipal courts. Affected systems…

Comments Off

December 1, 2023

Current Activity

CISA Releases First Secure by Design Alert

Today, CISA published guidance on How Software Manufacturers Can Shield Web Management Interfaces From Malicious Cyber Activity as a part of a new Secure by Design (SbD) Alert series. …

Comments Off

November 30, 2023

Bulletins

Vulnerability Summary for the Week of November 20, 2023

High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info adobe -- after_effects Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are…

Comments Off

November 27, 2023

Current Activity

CISA and UK NCSC Unveil Joint Guidelines for Secure AI System Development

Today, in a landmark collaboration, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the UK National Cyber Security Centre (NCSC) are proud to announce the release of the Guidelines…

Comments Off

November 27, 2023

Current Activity

Mozilla Releases Security Updates for Firefox and Thunderbird

Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA…

Comments Off

November 23, 2023

Current Activity

CISA, FBI, MS-ISAC, and ASD’s ACSC Release Advisory on LockBit Affiliates Exploiting Citrix Bleed

Today, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Multi-State Information Sharing & Analysis Center (MS-ISAC), and Australian Signals Directorate’s Australian Cyber Security Center (ASD’s ACSC)…

Comments Off

November 22, 2023

Bulletins

Vulnerability Summary for the Week of November 13, 2023

High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info checkpoint -- endpoint_security Local attacker can escalate privileges on affected installations of Check Point Harmony Endpoint/ZoneAlarm…

Comments Off

November 22, 2023

Analysis Reports

MAR-10478915-1.v1 Citrix Bleed

Notification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained…

Comments Off

November 21, 2023