Category: Insights

MS-ISAC consultancy number: 2024-097 Published date (s): 08/08/2025 PREVIEW: Vulnerability has been discovered in access to Sonicwall Sonicos Management and SSLVPN, which could allow access to unauthorized resources and under specific conditions, causing the firewall crash. Sonicos is the Sonicwalls operating system designed for their firewalls and other security devices. The successful exploitation of the…

Continue Reading

CISA, in partnership with the American Coast Guard (USCG), published a joint cybersecurity opinion aimed at helping organizations of critical infrastructure to improve their cyber hygiene. This follows a proactive commitment to hunting threats carried out in a critical infrastructure establishment in the United States. During this commitment, the CISA and the USCG did not…

Continue Reading

Summary The Cybersecurity and Infrastructure Security Agency (CISA) and U.S. Coast Guard (USCG) are issuing this Cybersecurity Advisory to present findings from a recent CISA and USCG hunt engagement. The purpose of this advisory is to highlight identified cybersecurity issues, thereby informing security defenders in other organizations of potential similar issues and encouraging them to…

Continue Reading

Several vulnerabilities have been discovered in Adobe products, the most serious of which could allow arbitrary code execution. Adobe After Effects used to create animated graphics, visual effects and composits in cinema, television and online content. 3D Adobe Substance viewer A 3D visualization and editing tool for the opening, adjustment and rendering of 3D models.…

Continue Reading

Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to…

Continue Reading

Cisa has added a new vulnerability to itsKnown catalog of exploited vulnerabilities (KEV)Based on the evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber-actors and have significant risks for the federal enterprise. Although the BOB 22-01 only applies to FCEB agencies, the CISA greatly urges all organizations to reduce…

Continue Reading

The CISA has published opinions of thirteen industrial control systems (ICS) on July 10, 2025. This tips provide timely information on current security problems, vulnerabilities and exploits surrounding the CIs. Cisa encourages users and administrators to examine ICS reviews recently published for technical details and attenuations.

Continue Reading

MS-ISAC consultancy number: 2025-064 Published date (s): 09/07/2025 PREVIEW: Several vulnerabilities have been discovered in Mozilla Thunderbird, the most serious of which could allow arbitrary execution of code. Mozilla Thunderbird is a messaging client. The successful exploitation of these most serious vulnerabilities could allow arbitrary execution of code. According to the privileges associated with the…

Continue Reading

MS-ISAC consultancy number: 2025-061 Published date (s): 02/07/2025 PREVIEW: Vulnerability has been discovered in Google Chrome which could allow arbitrary execution of code. The successful exploitation of vulnerability could allow an execution of arbitrary code in the context of the connected user. According to the privileges associated with the user, an attacker could then install…

Continue Reading