Today, CISA released a Resource Guide for Cybersecurity Clinics to outline ways CISA can partner with and support cybersecurity clinics and their clients. University cybersecurity clinics train students from diverse…
High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info agronholm -- cbor2 cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) (RFC…
CISA, in partnership with UK National Cyber Security Centre (NCSC) and other U.S. and international partners released the joint advisory, SVR Cyber Actors Adapt Tactics for Initial Cloud Access. This…
How SVR-Attributed Actors are Adapting to the Move of Government and Corporations to Cloud Infrastructure OVERVIEW This advisory details recent tactics, techniques, and procedures (TTPs) of the group commonly known…
Today, CISA, the Environmental Protection Agency (EPA), and the Federal Bureau of Investigation (FBI) updated the joint fact sheet Top Cyber Actions for Securing Water Systems. This update includes additional…
High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info wp_swings -- coupon_referral_program Deserialization of Untrusted Data vulnerability in WP Swings Coupon Referral Program.…
SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) conducted an incident response assessment of a state government organization’s network environment after…
High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info allegro_ai -- clearml Lack of authentication in all versions of the fileserver component of Allegro…
JetBrains released a security advisory to address a vulnerability (CVE-2024-23917) in TeamCity On-Premises. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages…
Fortinet released security updates to address critical remote code execution vulnerabilities in FortiOS (CVE-2024-21762, CVE-2024-23313). A cyber threat actor could exploit these vulnerabilities to take control of an affected system.…
