-
Multiple vulnerabilities in Adobe products could allow arbitrary code execution
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow arbitrary code execution. Adobe is software used to create and publish a wide variety of…
-
Microsoft releases August 2024 security updates
Microsoft has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and…
-
CISA Adds Six Known and Exploited Vulnerabilities to Its Catalog
CISA has added six new vulnerabilities to its catalog of known exploited vulnerabilities, based on evidence of active exploitation. CVE-2024-38189 Microsoft Project Remote Code Execution Vulnerability CVE-2024-38178 Microsoft Windows Scripting…
-
Multiple vulnerabilities in Google's Android operating system could allow elevation of privilege
Multiple vulnerabilities have been discovered in Google products that could allow elevation of privilege and remote code execution in the context of the affected component. According to the MITRE ATT&CK…
-
Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization
Executive Summary The Cybersecurity and Infrastructure Security Agency (CISA) conducted a red team assessment (RTA) at the request of a critical infrastructure organization. During RTAs, CISAs red team simulates real-world…
-
CISA Issues Nine Advisories on Industrial Control Systems
CISA published nine Industrial Control Systems (ICS) advisories on August 1, 2024. These advisories provide up-to-date information on current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and…
-
Multiple vulnerabilities in Apple products could allow arbitrary code execution
Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow arbitrary code execution. Details of the vulnerabilities are as follows: Tactical: Execution (TA0002): Technical: Exploitation…
-
North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regimes Military and Nuclear Programs
The U.S. Federal Bureau of Investigation (FBI) and the following authoring partners are releasing this Cybersecurity Advisory to highlight cyber espionage activity associated with the Democratic Peoples Republic of Korea…
-
CISA Adds Two Known and Exploited Vulnerabilities to Its Catalog
CISA has added two new vulnerabilities to its catalog of known exploited vulnerabilities, based on evidence of active exploitation. CVE-2012-4792 Microsoft Internet Explorer Use-After-Free Vulnerability CVE-2024-39891 Twilio Authy Information Disclosure…
