Security Advisories

Please see Security Advisories for the week ending May 6, 2022 • F5 Releases Security Advisories Addressing Multiple Vulnerabilities • Cisco Releases Security Updates for Enterprise NFV Infrastructure Software • Mozilla Releases Security Updates for Firefox and Firefox ESR _______________________________ F5 Releases Security Advisories Addressing Multiple Vulnerabilities Situation F5 has released security advisories on vulnerabilities affecting multiple products, including various versions of BIG-IP. Problem This vulnerability may allow an unauthenticated attacker… Read More

Please see Security Advisories for the week ending April 29, 2022 Google Releases Security Updates for Chrome Browser Cisco Releases Security Updates for Multiple Products CISA and FBI Update Advisory on Destructive Malware Targeting Organizations in Ukraine ________________________________   Google Releases Security Updates for Chrome Browser Situation Google has released a new Chrome browser version 101.0.4951.41 for Windows, Mac, and Linux operating systems. Problem Google has patched 30 security vulnerabilities ranging… Read More

Please see Security Advisories for the week ending April 22, 2022 Spring Framework Vulnerability (CVE-2022-22965) in Veritas Products FBI Releases IOCs Associated with BlackCat/ALPHV Ransomware Cisco Releases Security Updates for Multiple Products Drupal Releases Security Updates Oracle Releases April 2022 Critical Patch Update Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure CISA Releases Secure Cloud Business Applications (SCuBA) Guidance Documents for Public Comment _______________________________ Spring Framework Vulnerability (CVE-2022-22965) in Veritas… Read More

Please see Security Advisories for the week ending April 15, 2022 North Korean State-Sponsored APT Targets Blockchain Companies VMware Releases Security Updates for Cloud Director Google Releases Security Updates for Chrome Browser APT Actors Target ICS/SCADA Devices Cisco Releases Security Updates for Multiple Products Juniper Networks Releases Security Updates for Multiple Products Apache Releases Security Advisory for Struts 2 Citrix Releases Security Updates for SD-WAN Products Microsoft Releases April 2022 Security… Read More

Please see Security Advisories for the week ending April 8, 2022 Guidance on Sharing Cyber Incident Information Mozilla Releases Security Updates for Firefox and Firefox ESR Google Releases Security Updates for Chrome ________________________________ Guidance on Sharing Cyber Incident Information Situation CISA’s Sharing Cyber Event Information Fact Sheet provides federal or critical infrastructure partners with clear guidance and information about what to share, who should share, and how to share information about… Read More

Please see Security Advisories for the week ending April 1, 2022 Apple Releases Security Updates CISA Adds Eight Known Exploited Vulnerabilities to Catalog CISA Releases Security Advisories for Rockwell Automation Products Spring Releases Security Updates Addressing “Spring4Shell” and Spring Cloud Function Vulnerabilities Palo Alto Networks Security Advisory – March 30, 2022 FBI Releases PIN on Phishing Campaign against U.S. Election Officials Google Releases Security Updates for Chrome _______________________________ Apple Releases Security… Read More

FBI and FinCEN Release Advisory on AvosLocker Ransomware CISA Adds 66 Known Exploited Vulnerabilities to Catalog VMware Releases Security Updates _______________________________ FBI and FinCEN Release Advisory on AvosLocker Ransomware Situation The Federal Bureau of Investigation (FBI) and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) have released a joint Cybersecurity Advisory identifying indicators of compromise associated with AvosLocker ransomware. Problem AvosLocker is a ransomware-as-a-service affiliate-based group that has… Read More

CRITICAL Security Advisory: State-Sponsored Russian Cyber Actors Targeted Energy Sector from 2011 to 2018  Situation CISA, the Federal Bureau of Investigation, and the Department of Energy have released a joint Cybersecurity Advisory (CSA). Problem The joint advisory details campaigns conducted by state-sponsored Russian cyber actors from 2011 to 2018 that targeted U.S. and international Energy Sector organizations. Implication Organizations unaware of the latest security guidance will miss critical recommendations that may leave… Read More

Please see Security Advisories for the week ending March 18, 2022 Drupal Releases Security Updates TLStorm vulnerability found in APC Smart-UPS devices ISC Releases Security Advisories for BIND Apple Releases Security Updates for Multiple Products Russian State-Sponsored Cyber Actors Access Network Misconfigured with Default MFA Protocols Google Releases Security Updates for Chrome Updated: Kubernetes Hardening Guide _______________________________ OpenSSL Releases Security Updates Situation OpenSSL has released security updates addressing a vulnerability… Read More

Please see Security Advisories for the week ending March 11, 2021 FBI Releases Indicators of Compromise for RagnarLocker Ransomware Security Advisory on Conti Ransomware Palo Alto Networks Security Advisories – March 2022 CISA Releases Security Advisory on PTC Axeda Agent and Desktop Server CISA Adds 11 Known Exploited Vulnerabilities to Catalog Mozilla Releases Security Updates for Multiple Products Microsoft Releases March 2022 Security Updates SAP Releases March 2022 Security Updates _______________________________ FBI… Read More