Security Advisories

Please see Security Advisories for the week ending April 15, 2022 North Korean State-Sponsored APT Targets Blockchain Companies VMware Releases Security Updates for Cloud Director Google Releases Security Updates for Chrome Browser APT Actors Target ICS/SCADA Devices Cisco Releases Security Updates for Multiple Products Juniper Networks Releases Security Updates for Multiple Products Apache Releases Security Advisory for Struts 2 Citrix Releases Security Updates for SD-WAN Products Microsoft Releases April 2022 Security… Read More

Please see Security Advisories for the week ending April 8, 2022 Guidance on Sharing Cyber Incident Information Mozilla Releases Security Updates for Firefox and Firefox ESR Google Releases Security Updates for Chrome ________________________________ Guidance on Sharing Cyber Incident Information Situation CISA’s Sharing Cyber Event Information Fact Sheet provides federal or critical infrastructure partners with clear guidance and information about what to share, who should share, and how to share information about… Read More

Please see Security Advisories for the week ending April 1, 2022 Apple Releases Security Updates CISA Adds Eight Known Exploited Vulnerabilities to Catalog CISA Releases Security Advisories for Rockwell Automation Products Spring Releases Security Updates Addressing “Spring4Shell” and Spring Cloud Function Vulnerabilities Palo Alto Networks Security Advisory – March 30, 2022 FBI Releases PIN on Phishing Campaign against U.S. Election Officials Google Releases Security Updates for Chrome _______________________________ Apple Releases Security… Read More

FBI and FinCEN Release Advisory on AvosLocker Ransomware CISA Adds 66 Known Exploited Vulnerabilities to Catalog VMware Releases Security Updates _______________________________ FBI and FinCEN Release Advisory on AvosLocker Ransomware Situation The Federal Bureau of Investigation (FBI) and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) have released a joint Cybersecurity Advisory identifying indicators of compromise associated with AvosLocker ransomware. Problem AvosLocker is a ransomware-as-a-service affiliate-based group that has… Read More

CRITICAL Security Advisory: State-Sponsored Russian Cyber Actors Targeted Energy Sector from 2011 to 2018  Situation CISA, the Federal Bureau of Investigation, and the Department of Energy have released a joint Cybersecurity Advisory (CSA). Problem The joint advisory details campaigns conducted by state-sponsored Russian cyber actors from 2011 to 2018 that targeted U.S. and international Energy Sector organizations. Implication Organizations unaware of the latest security guidance will miss critical recommendations that may leave… Read More

Please see Security Advisories for the week ending March 18, 2022 Drupal Releases Security Updates TLStorm vulnerability found in APC Smart-UPS devices ISC Releases Security Advisories for BIND Apple Releases Security Updates for Multiple Products Russian State-Sponsored Cyber Actors Access Network Misconfigured with Default MFA Protocols Google Releases Security Updates for Chrome Updated: Kubernetes Hardening Guide _______________________________ OpenSSL Releases Security Updates Situation OpenSSL has released security updates addressing a vulnerability… Read More

Please see Security Advisories for the week ending March 11, 2021 FBI Releases Indicators of Compromise for RagnarLocker Ransomware Security Advisory on Conti Ransomware Palo Alto Networks Security Advisories – March 2022 CISA Releases Security Advisory on PTC Axeda Agent and Desktop Server CISA Adds 11 Known Exploited Vulnerabilities to Catalog Mozilla Releases Security Updates for Multiple Products Microsoft Releases March 2022 Security Updates SAP Releases March 2022 Security Updates _______________________________ FBI… Read More

Please see Security Advisories for the week ending March 4, 2022 NSA Releases Network Infrastructure Security Guidance CISA Adds 95 Known Exploited Vulnerabilities to Catalog Cisco Releases Security Updates for Multiple Products Google Releases Security Updates for Chrome _______________________________ NSA Releases Network Infrastructure Security Guidance Situation The National Security Agency (NSA) has released a new Cybersecurity Technical Report (CTR) on Network Infrastructure Security Guidance. Problem The cybersecurity report presents best practices… Read More

Please see Security Advisories for the week ending February 25, 2021 • CISA Releases Advisory on Destructive Malware Targeting Organizations in Ukraine • CISA Releases Joint Cybersecurity Advisory on The MuddyWater APT Conducting Malicious Cyber Operations • Mozilla Releases Security Update for Mozilla VPN • Cisco Releases Security Updates for Multiple Products • CISA Adds Four Known Exploited Vulnerabilities to Catalog CISA Releases Advisory on Destructive Malware Targeting Organizations in Ukraine… Read More

Please see Security Advisories for the week ending February 18, 2021 CISA Insights Released on Foreign Influence Operations Targeting Critical Infrastructure NSA Releases Best Practices for Selecting Cisco Password Types Drupal Releases Security Updates Cisco Has Released Security Updates for Their Email Security Appliance Mozilla Releases Security Update for Thunderbird Russian State-Sponsored Actors Target Cleared Defense Contractor Networks VMware Releases Security Updates for Multiple Products Google Releases Security Updates for Chrome CISA… Read More