Malware Targeting Pulse Secure Devices

Original release date: July 21, 2021As part of CISA’s ongoing response to Pulse Secure compromises, CISA has analyzed 13 malware samples related to exploited Pulse Secure devices. CISA encourages users…

Comments Off on Malware Targeting Pulse Secure Devices

Significant Historical Cyber-Intrusion Campaigns Targeting ICS

Original release date: July 20, 2021Protecting our Nation’s critical infrastructure is the responsibility of federal and state, local, tribal, and territorial (SLTT) governments and owners and operators of that infrastructure.…

Comments Off on Significant Historical Cyber-Intrusion Campaigns Targeting ICS

Citrix Releases Security Updates 

Original release date: July 20, 2021Citrix has released security updates to address multiple vulnerabilities in Application Delivery Controller, Gateway, and SD-WAN WANOP Edition. An attacker could exploit some of these vulnerabilities to take control of an affected system.…

Comments Off on Citrix Releases Security Updates 

Oracle Releases July 2021 Critical Patch Update

Original release date: July 20, 2021Oracle has released its Critical Patch Update for July 2021 to address 327 vulnerabilities across multiple products. A remote attacker could exploit some of these…

Comments Off on Oracle Releases July 2021 Critical Patch Update

AA21-201A: Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013

Original release date: July 20, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor…

Comments Off on AA21-201A: Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013

AA21-200B: Chinese State-Sponsored Cyber Operations: Observed TTPs

Original release date: July 19, 2021SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9, and MITRE D3FEND™ framework, version 0.9.2-BETA-3. See the ATT&CK for Enterprise…

Comments Off on AA21-200B: Chinese State-Sponsored Cyber Operations: Observed TTPs

AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department

Original release date: July 19, 2021SummaryThis Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to provide information on…

Comments Off on AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department

Vulnerability Summary for the Week of July 12, 2021

Original release date: July 19, 2021  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info echobh -- sharecare Echo ShareCare 8.15.5 is susceptible to SQL…

Comments Off on Vulnerability Summary for the Week of July 12, 2021