Security Advisories

• Mozilla Releases Security Updates for Multiple Products • Palo Alto Networks Security Advisories – September 2023 • Microsoft Releases September 2023 Updates • Apple Releases Security Updates for iOS and macOS • NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats • Cisco warns of VPN Zero-Day Exploited by Ransomware Gangs Mozilla Releases Security Updates for Multiple Products Situation: Mozilla has released security updates to address a… Read More

• Ivanti Releases Security Updates for EPMM to address CVE-2023-35081 • Macs under attacks from password-stealing malware — how to stay safe • Apple Releases Security Updates for Multiple Products • CISA Releases Malware Analysis Reports on Barracuda Backdoors _______________________________________________ Ivanti Releases Security Updates for EPMM to address CVE-2023-35081 Situation: Ivanti has identified and released patches for a directory traversal vulnerability (CVE-2023-35081, CWE-22) in Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron… Read More

• Atlassian Releases Security Updates for Several Products • Oracle Releases Security Updates for Several Products • CISA Releases Cybersecurity Advisory on Threat Actors Exploiting Citrix CVE-2023-3519 • Adobe Releases Security Updates for ColdFusion Atlassian Releases Security Updates for Several Products Situation: Atlassian has released its Security Bulletin for July 2023. Problem: There are vulnerabilities in Confluence Data Center & Server (CVE-2023-22505 and CVE-2023-22508) and Bamboo Data Center (CVE-2023-22506). Implication:… Read More

Fortinet Releases Security Updates for FortiOS and FortiProxy Mozilla Releases Security Updates for Multiple Products CISA Adds One Known Exploited Vulnerability to Catalog CISA and FBI Release #StopRansomware: CL0P Ransomware Gang Exploits MOVEit Vulnerability CISA and Partners Release Joint Guide to Securing Remote Access Software Fortinet Releases Security Updates for FortiOS and FortiProxy Situation: Fortinet has released security updates to address a heap-based buffer overflow vulnerability CVE-2023-27997 in FortiOS and… Read More

• CISA Warns of Hurricane/Typhoon-Related Scams • CISA and Partners Release Cybersecurity Advisory Guidance detailing PRC state-sponsored actors evading detection by “Living off the Land” _________________________________________________ CISA Warns of Hurricane/Typhoon-Related Scams Situation: CISA urges users to remain on alert for malicious cyber activity following a natural disaster such as a hurricane or typhoon. Problem: Attackers target potential disaster victims by leveraging social engineering tactics, techniques, and procedures (TTPs). Implication: Disaster… Read More

CISA and FBI Release Joint Advisory in Response to Active Exploitation of PaperCut Vulnerability Palo Alto Networks Security Advisories – May 2023 Microsoft Releases May 2023 Security Updates Mozilla Releases Security Advisories for Multiple Products CISA and Partners Disclose Snake Malware Threat From Russian Cyber Actors CISA and Partners Release BianLian Ransomware Cybersecurity Advisory CISA and FBI Release Joint Advisory in Response to Active Exploitation of PaperCut Vulnerability Situation: According… Read More

CRITICAL: APT28 Exploits Known Vulnerability To Carry Out Reconnaissance and Deploy Malware on Cisco Routers Cisco Releases Security Advisories for Multiple Products Oracle Releases Security Updates VMware Releases Security Update for Aria Operations for Logs Drupal Releases Security Advisory to Address Vulnerability in Drupal Core CRITICAL: APT28 Exploits Known Vulnerability To Carry Out Reconnaissance and Deploy Malware on Cisco Routers Situation: NCSC, NSA, CISA, and FBI have released a joint… Read More

Palo Alto Networks Security Advisories – April 2023 Fortinet Releases April 2023 Vulnerability Advisories Adobe Releases Security Updates for Multiple Products Microsoft Releases April 2023 Security Updates Apple Releases Security Updates for Multiple Products Mozilla Releases Security Advisories for Multiple Products _______________________________ Palo Alto Networks Security Advisories – April 2023 Situation: Palo Alto Networks has published three new Security Advisories regarding vulnerabilities affecting their PAN-OS software and GlobalProtect App. Problem:… Read More

Mozilla Releases Security Update for Thunderbird 102.9.1 Samba Releases Security Updates for Multiple Versions of Samba Supply Chain Attack Against 3CXDesktopApp Apple Releases Security Updates for Multiple Products _______________________________ Mozilla Releases Security Update for Thunderbird 102.9.1 Situation: Mozilla has released a security update to address vulnerabilities in Thunderbird 102.9.1. Problem: An attacker could exploit some of these vulnerabilities to take control of an affected system. Implication: If not addressed, an… Read More

  Cisco Releases Security Advisories for Multiple Products JCDC Cultivates Pre-Ransomware Notification Capability Untitled Goose Tool Aids Hunt and Incident Response in Azure, Azure Active Directory, and Microsoft 365 Environments CISA and NSA Release Enduring Security Framework Guidance on Identity and Access Management _______________________________ Cisco Releases Security Advisories for Multiple Products Situation: Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. Problem: A remote cyber threat actor could… Read More