US National Cyber Awareness System Current Activity

  • Cisco Releases Security Updates for Multiple Products
    by CISA on March 28, 2024 at 12:00 pm

    Cisco released security updates to address vulnerabilities in Cisco IOS, IOS XE, and AP software. A cyber threat actor could exploit some of these vulnerabilities to cause a denial-of-service. CISA encourages users and administrators to review the following advisories and apply the necessary updates: Cisco Event Response: March 2024 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication Cisco Access Point Software Secure Boot Bypass Vulnerability Cisco Access Point Software Denial of Service Vulnerability

  • Apple Released Security Updates for Safari and macOS
    by CISA on March 27, 2024 at 12:00 pm

    Apple released security updates to address a vulnerability (CVE-2024-1580) in Safari and macOS. A cyber threat actor could exploit this vulnerability to take control of an affected system.  CISA encourages users and administrators to review the following advisories and apply the necessary updates:  Safari 17.4.1 macOS Sonoma 14.4.1   macOS Ventura 13.6.6

  • CISA Adds One Known Exploited Vulnerability to Catalog
    by CISA on March 26, 2024 at 12:00 pm

    CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-24955 Microsoft SharePoint Server Code Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

  • CISA Releases Four Industrial Control Systems Advisories
    by CISA on March 26, 2024 at 12:00 pm

    CISA released four Industrial Control Systems (ICS) advisories on March 26, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-086-01 Automation-Direct C-MORE EA9 HMI ICSA-24-086-02 Rockwell Automation PowerFlex 527 ICSA-24-086-03 Rockwell Automation Arena Simulation ICSA-24-086-04 Rockwell Automation FactoryTalk View ME CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.

  • CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate SQL Injection Vulnerabilities
    by CISA on March 25, 2024 at 12:00 pm

    Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Secure by Design Alert, Eliminating SQL Injection Vulnerabilities in Software. This Alert was crafted in response to a recent, well-publicized exploitation of SQL injection (SQLi) defects in a managed file transfer application that impacted thousands of organizations. Additionally, the Alert highlights the prevalence of this class of vulnerability. Despite widespread knowledge and documentation of SQLi vulnerabilities over the past two decades, along with the availability of effective mitigations, software manufacturers continue to develop products with this defect, which puts many customers at risk. CISA and the FBI urge senior executives at technology manufacturing companies to mount a formal review of their code to determine its susceptibility to SQLi compromises. If found vulnerable, senior executives should ensure their organizations’ software developers begin immediate implementation of mitigations to eliminate this entire class of defect from all current and future software products. For more information on recommended principles and best practices to achieve this goal, visit CISA’s Secure by Design page. To catch up on the publications in this series, visit Secure by Design Alerts.

  • CISA Adds Three Known Exploited Vulnerabilities to Catalog
    by CISA on March 25, 2024 at 12:00 pm

    CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-48788 Fortinet FortiClient EMS SQL Injection Vulnerability CVE-2021-44529 Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability CVE-2019-7256 Nice Linear eMerge E3-Series OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.  Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

  • CISA, FBI, and MS-ISAC Release Update to Joint Guidance on Distributed Denial-of-Service Techniques
    by CISA on March 21, 2024 at 12:00 pm

    Today, CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released an updated joint guide, Understanding and Responding to Distributed Denial-Of-Service Attacks, to address the specific needs and challenges faced by organizations in defending against DDoS attacks. The guidance now includes detailed insight into three different types of DDoS techniques:  Volumetric, attacks aiming to consume available bandwidth.  Protocol, attacks which exploit vulnerabilities in network protocols.  Application, attacks targeting vulnerabilities in specific applications or running services.  CISA, FBI, and MS-ISAC urge network defenders and leaders of critical infrastructure organizations to read the guidance provided to defend against this threat. For more actionable recommendations, best practices, and operational insights designed to address common challenges, visit CISA’s Capacity Enhancement Guides for Federal Agencies page. 

  • CISA Releases One Industrial Control Systems Advisory
    by CISA on March 21, 2024 at 12:00 pm

    CISA released one Industrial Control Systems (ICS) advisory on March 21, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-081-01 Advantech WebAccess/SCADA CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations.

  • Ivanti Releases Security Updates for Neurons for ITSM and Standalone Sentry
    by CISA on March 21, 2024 at 12:00 pm

    Ivanti has released security advisories to address vulnerabilities in Ivanti Neurons for ITSM and Standalone Sentry. A cyber threat actor could exploit these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the following Ivanti advisories and apply the necessary updates:  CVE-2023-46808 (Authenticated Remote File Write) for Ivanti Neurons for ITSM CVE-2023-41724 (Remote Code Execution) for Ivanti Standalone Sentry

  • CISA Releases One Industrial Control Systems Advisory
    by CISA on March 19, 2024 at 12:00 pm

    CISA released one Industrial Control Systems (ICS) advisory on March 19, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-079-01 Franklin Fueling System EVO 550/5000 CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations.

Websitecyber related posts:

McAfee Advanced Threat Research Demo Chamberlain MyQ

This video demonstrates advanced threat research and how an attacker could jam radio frequency signals to manipulate the state of a connected garage door.

Cyber

Read the latest cyber news, cybersecurity training strategies, data privacy insights, information security leadership features and more.

School District Cyber Attack

Some school operations are offline after a cyber attack at the Durham District School Board.

Security Magazine

Security magazine provides security industry news and trends on video surveillance, cyber security, physical security for executives and the security industry.

Help Net Security

Help Net Security Daily information security news with a focus on enterprise security.

The Corner Office

The Corner Office How can you earn your Corner Office in the enterprise?

Singular Security

We help organisations with actionable knowledge about emerging information security threats and regulatory mandates.

Federal Emergency Management Agency

Federal Emergency Management Agency News.

Medibank Hackers Show Data

The suspected Medibank hackers have released a sample of customer details including phone numbers and Medicare numbers early on Wednesday morning.

Tesla Data Breach of 75,000 People

Tesla's May data breach impacted more than 75,000 people, included employee-related records and was a result of “insider wrongdoing,” according to a notice.

Laurentian University Cyber Attack

On February 18, 2024, Laurentian University was hit with a cyber attack that resulted in the shutdown of many of its IT services.

World’s Most Dangerous Arms Dealer

The world's most dangerous arms dealer Karl Lee. He’s a key figure in the clandestine wranglings of two superpowers the United States and China.
Share Websitecyber