IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities

SUMMARY The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Environmental Protection Agency (EPA), and the Israel National Cyber Directorate (INCD)—hereafter referred to…

Comments Off on IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities

CISA Removes One Known Exploited Vulnerability From Catalog

CISA is continually collaborating with partners across government and the private sector. As a result of this collaboration, CISA has concluded that there is insufficient evidence to keep the following…

Comments Off on CISA Removes One Known Exploited Vulnerability From Catalog

CISA Releases First Secure by Design Alert

Today, CISA published guidance on How Software Manufacturers Can Shield Web Management Interfaces From Malicious Cyber Activity as a part of a new Secure by Design (SbD) Alert series.   …

Comments Off on CISA Releases First Secure by Design Alert

Vulnerability Summary for the Week of November 20, 2023

  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info adobe -- after_effects Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are…

Comments Off on Vulnerability Summary for the Week of November 20, 2023

CISA, FBI, MS-ISAC, and ASD’s ACSC Release Advisory on LockBit Affiliates Exploiting Citrix Bleed

Today, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Multi-State Information Sharing & Analysis Center (MS-ISAC), and Australian Signals Directorate’s Australian Cyber Security Center (ASD’s ACSC)…

Comments Off on CISA, FBI, MS-ISAC, and ASD’s ACSC Release Advisory on LockBit Affiliates Exploiting Citrix Bleed

Vulnerability Summary for the Week of November 13, 2023

 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info checkpoint -- endpoint_security Local attacker can escalate privileges on affected installations of Check Point Harmony Endpoint/ZoneAlarm…

Comments Off on Vulnerability Summary for the Week of November 13, 2023

MAR-10478915-1.v1 Citrix Bleed

   Notification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained…

Comments Off on MAR-10478915-1.v1 Citrix Bleed