-
Multiple vulnerabilities in Google's Android operating system could allow elevation of privilege
Multiple vulnerabilities have been discovered in Google products that could allow elevation of privilege and remote code execution in the context of the affected component. According to the MITRE ATT&CK…
-
Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization
Executive Summary The Cybersecurity and Infrastructure Security Agency (CISA) conducted a red team assessment (RTA) at the request of a critical infrastructure organization. During RTAs, CISAs red team simulates real-world…
-
CISA Issues Nine Advisories on Industrial Control Systems
CISA published nine Industrial Control Systems (ICS) advisories on August 1, 2024. These advisories provide up-to-date information on current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and…
-
Multiple vulnerabilities in Apple products could allow arbitrary code execution
Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow arbitrary code execution. Details of the vulnerabilities are as follows: Tactical: Execution (TA0002): Technical: Exploitation…
-
North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regimes Military and Nuclear Programs
The U.S. Federal Bureau of Investigation (FBI) and the following authoring partners are releasing this Cybersecurity Advisory to highlight cyber espionage activity associated with the Democratic Peoples Republic of Korea…
-
CISA Adds Two Known and Exploited Vulnerabilities to Its Catalog
CISA has added two new vulnerabilities to its catalog of known exploited vulnerabilities, based on evidence of active exploitation. CVE-2012-4792 Microsoft Internet Explorer Use-After-Free Vulnerability CVE-2024-39891 Twilio Authy Information Disclosure…
-
Oracle Quarterly Critical Patches Released July 16, 2024
MS-ISAC NOTICE NUMBER: 2024-082 PUBLICATION DATES: 07/18/2024 PREVIEW: Multiple vulnerabilities have been discovered in Oracle products, the most serious of which could allow remote code execution. AFFECTED SYSTEMS: JD Edwards…
-
CISA Publishes Twenty-One Advisories on Industrial Control Systems
On July 11, 2024, CISA published twenty-one advisories on industrial control systems (ICS). These advisories provide up-to-date information on current security issues, vulnerabilities, and exploits surrounding ICS. Siemens ICSA-24-193-01 Remote…
-
CISA Red Teams Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth
EXECUTIVE SUMMARY In early 2023, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a SILENTSHIELD red team assessment against a Federal Civilian Executive Branch (FCEB) organization. During SILENTSHIELD assessments, the…
Search
Recent Posts
- A vulnerability in the WatchGuard Fireware operating system could allow arbitrary code execution.
- Vulnerability in Cisco AsyncOS Could Allow Remote Code Execution
- Vulnerability in SonicOS could allow denial of service (DoS)
- Several vulnerabilities in Google Chrome could allow arbitrary code execution
