CISA Identifies SUPERNOVA Malware During Incident Response
AR21-112A
AR21-112A
Original release date: April 22, 2021CISA has released AR21-112A: CISA Identifies SUPERNOVA Malware During Incident Response to provide analysis of a compromise in an organization’s enterprise network by an advance…
Original release date: April 21, 2021CISA is aware of three vulnerabilities affecting SonicWall Email Security products: CVE-2021-20021, CVE-2021-20022, and CVE-2021-20023. A remote attacker could exploit these vulnerabilities to take control…
Original release date: April 20, 2021CISA has issued Emergency Directive (ED) 21-03, as well as Alert AA21-110A, to address the exploitation of vulnerabilities affecting Pulse Connect Secure (PCS) software. An…
Original release date: April 20, 2021CISA is aware of ongoing exploitation of Ivanti Pulse Connect Secure vulnerabilities compromising U.S. government agencies, critical infrastructure entities, and private sector organizations. In response,…
Original release date: April 20, 2021Oracle has released its Critical Patch Update for April 2021 to address 384 vulnerabilities across multiple products. A remote attacker could exploit some of these…
Original release date: April 20, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations by a…
Original release date: April 19, 2021 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info dreamreport -- dream_report A privilege escalation vulnerability exists in Dream…
AR21-105A
Original release date: April 15, 2021CISA and the Department of Defense (DoD) Cyber National Mission Force (CNMF) have analyzed additional SolarWinds-related malware variants—referred to as SUNSHUTTLE and SOLARFLARE. One of…