Latest Alerts – Page 99

AA21-008A: Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments

Original release date: January 8, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and…

Comments Off

January 8, 2021

Current Activity

MS-ISAC Releases Cybersecurity Advisory on Zyxel Firewalls and AP Controllers

Original release date: January 8, 2021The Multi-State Information Sharing and Analysis Center (MS-ISAC) has released an advisory on a vulnerability in Zyxel firewalls and AP controllers. A remote attacker could exploit…

Comments Off

January 8, 2021

Current Activity

Mozilla Releases Security Updates for Firefox, Firefox for Android, and Firefox ESR

Original release date: January 7, 2021Mozilla has released security updates to address a vulnerability in Firefox, Firefox for Android, and Firefox ESR. An attacker could exploit this vulnerability to take…

Comments Off

January 7, 2021

Current Activity

CISA Updates Emergency Directive 21-01 Supplemental Guidance and Activity Alert on SolarWinds Orion Compromise

Original release date: January 6, 2021CISA has released Emergency Directive (ED) 21-01 Supplemental Guidance version 3: Mitigate SolarWinds Orion Code Compromise, providing guidance that supersedes Required Action 4 of ED…

Comments Off

January 7, 2021

Current Activity

NSA Releases Guidance on Eliminating Obsolete TLS Protocol Configurations

Original release date: January 5, 2021The National Security Agency (NSA) has released a Cybersecurity Information (CSI) sheet on eliminating obsolete Transport Layer Security (TLS) configurations. The information sheet identifies strategies…

Comments Off

January 6, 2021

Bulletins

Vulnerability Summary for the Week of December 28, 2020

Original release date: January 4, 2021 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not…

Comments Off

January 4, 2021

Bulletins

Vulnerability Summary for the Week of December 21, 2020

Original release date: December 28, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not…

Comments Off

December 28, 2020

Current Activity

CISA Releases Free Detection Tool for Azure/M365 Environment

Original release date: December 24, 2020CISA has created a free tool for detecting unusual and potentially malicious activity that threatens users and applications in an Azure/Microsoft O365 environment. The tool…

Comments Off

December 25, 2020

Current Activity

CISA Releases CISA Insights and Creates Webpage on Ongoing APT Cyber Activity

Original release date: December 23, 2020CISA is tracking a known compromise involving SolarWinds Orion products that are currently being exploited by a malicious actor. An advanced persistent threat (APT) actor…

Comments Off

December 23, 2020

Bulletins

Vulnerability Summary for the Week of December 14, 2020

Original release date: December 21, 2020 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info adremsoft -- netcrunch AdRem NetCrunch 10.6.0.4587 has a hardcoded SSL…

Comments Off

December 21, 2020