-
CISA Releases New Resources Identifying Known Exploited Vulnerabilities and Misconfigurations Linked to Ransomware
Today, as part of the Ransomware Vulnerability Warning Pilot (RVWP), CISA launched two new resources for combating ransomware campaigns: A Known to be Used in Ransomware Campaigns column in the…
-
#StopRansomware: AvosLocker Ransomware (Update) | CISA
SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These…
-
A Vulnerability in Apple Products Could Allow for Privilege Escalation
Apply the stable channel update provided by Apple to vulnerable systems immediately after appropriate testing. (M1051: Update Software)o Safeguard 7.1 : Establish and Maintain a Vulnerability Management Process: Establish and…
-
Enhanced Monitoring to Detect APT Activity Targeting Outlook Online
SUMMARY In June 2023, a Federal Civilian Executive Branch (FCEB) agency identified suspicious activity in their Microsoft 365 (M365) cloud environment. The agency reported the activity to Microsoft and the…
-
NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations
A plea for network defenders and software manufacturers to fix common problems. EXECUTIVE SUMMARY The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint…
-
NVD – CVE-2023-32828
CVE-2023-32828 Detail Description In vpu, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of…
-
People’s Republic of China-Linked Cyber Actors Hide in Router Firmware
Executive Summary The United States National Security Agency (NSA), the U.S. Federal Bureau of Investigation (FBI), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Japan National Police Agency (NPA),…
-
VMSA-2023-0020
Moderate Advisory ID: VMSA-2023-0020 CVSSv3 Range: 6.7 Issue Date: 2023-09-26 Updated On: 2023-09-26 (Initial Advisory) CVE(s): CVE-2023-34043 Synopsis: VMware Aria Operations updates address local privilege escalation vulnerability. (CVE-2023-34043) 1. Impacted…
-
Apple Releases Security Updates for Multiple Products
Apple has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected device. CISA encourages…
Search
Recent Posts
- Vulnerability in Dell RecoverPoint for Virtual Machines could allow arbitrary code execution
- Multiple vulnerabilities in Ivanti Endpoint Manager Mobile could allow remote code execution
- A vulnerability in the WatchGuard Fireware operating system could allow arbitrary code execution.
- Vulnerability in Cisco AsyncOS Could Allow Remote Code Execution
