CISA Releases Security Advisory on WebHMI Vulnerabilities

Original release date: December 6, 2021CISA has released an Industrial Controls Systems (ICS) advisory detailing vulnerabilities in Distributed Data Systems WebHMI products. A remote attacker could exploit these vulnerabilities to…

Comments Off on CISA Releases Security Advisory on WebHMI Vulnerabilities

Vulnerability Summary for the Week of November 29, 2021

Original release date: December 6, 2021  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info abb -- rtu500_firmware Improper Input Validation vulnerability in the APDU…

Comments Off on Vulnerability Summary for the Week of November 29, 2021

CISA and FBI Release Alert on Active Exploitation of CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus

Original release date: December 2, 2021CISA and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory identifying active exploitation of a vulnerability—CVE-2021-44077—in Zoho ManageEngine ServiceDesk Plus. CVE-2021-44077 is…

Comments Off on CISA and FBI Release Alert on Active Exploitation of CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus

CISA Adds Five Known Exploited Vulnerabilities to Catalog

Original release date: December 1, 2021CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the…

Comments Off on CISA Adds Five Known Exploited Vulnerabilities to Catalog

Vulnerability Summary for the Week of November 22, 2021

Original release date: November 29, 2021  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info 4mosan -- gcb_doctor 4MOSAn GCB Doctor’s login page has improper…

Comments Off on Vulnerability Summary for the Week of November 22, 2021

CISA Releases Capacity Enhancement Guides to Enhance Mobile Device Cybersecurity for Consumers and Organizations

Original release date: November 24, 2021CISA has released actionable Capacity Enhancement Guides (CEGs) to help users and organizations improve mobile device cybersecurity. The CEG: Mobile Device Cybersecurity Checklist for Consumers…

Comments Off on CISA Releases Capacity Enhancement Guides to Enhance Mobile Device Cybersecurity for Consumers and Organizations