Cyber Security Information Portal
FBI-CISA Advisory on Ransomware Awareness for Holidays and Weekends 08/31/2021 01:00 PM EDT Original release date: August 31, 2021 Today, the Federal Bureau of Investigation (FBI) and CISA released a Joint Cybersecurity Advisory (CSA) to urge organizations to ensure they protect themselves against ransomware attacks during holidays and weekends—when offices are normally closed. Although FBI and …
Continue reading “FBI-CISA Advisory on Ransomware Awareness for Holidays and Weekends”
Vulnerability Summary for the Week of August 23, 2021 08/30/2021 07:04 AM EDT Original release date: August 30, 2021 High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info adobe — bridge Adobe Bridge version 11.0.2 (and earlier) are affected by a Heap-based Buffer overflow vulnerability. An unauthenticated attacker could leverage …
Continue reading “Vulnerability Summary for the Week of August 23, 2021”
Microsoft Azure Cosmos DB Guidance 08/27/2021 06:19 PM EDT Original release date: August 27, 2021 CISA is aware of a misconfiguration vulnerability in Microsoft’s Azure Cosmos DB that may have exposed customer data. Although the misconfiguration appears to have been fixed within the Azure cloud, CISA strongly encourages Azure Cosmos DB customers to roll and …
FBI Releases Indicators of Compromise Associated with Hive Ransomware 08/27/2021 11:19 AM EDT Original release date: August 27, 2021 The Federal Bureau of Investigation (FBI) has released a Flash report detailing indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with ransomware attacks by Hive, a likely Ransomware-as-a-Service organization consisting of a number …
Continue reading “FBI Releases Indicators of Compromise Associated with Hive Ransomware”
ICSJWG 2021 Fall Virtual Meeting 08/27/2021 11:04 AM EDT Original release date: August 27, 2021 The Industrial Control Systems Joint Working Group (ICSJWG) will hold the virtual 2021 ICSJWG Fall Meeting, September 21—22, 2021. ICSJWG meetings facilitate relationship building among critical infrastructure stakeholders and owners/operators of industrial control systems, idea exchange regarding critical issues affecting …
Cisco Releases Security Updates for Multiple Products 08/26/2021 10:23 AM EDT Original release date: August 26, 2021 Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. …
Continue reading “Cisco Releases Security Updates for Multiple Products”
VMware Releases Security Updates for Multiple Products 08/25/2021 11:04 AM EDT Original release date: August 25, 2021 VMware has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0018 and …
Continue reading “VMware Releases Security Updates for Multiple Products ”
OpenSSL Releases Security Update 08/25/2021 11:03 AM EDT Original release date: August 25, 2021 OpenSSL has released a security update to address vulnerabilities affecting versions 1.1.1k and below. An attacker could exploit these vulnerabilities to cause a denial-of-service condition. CISA encourages users and administrators to review the OpenSSL Security Advisory and apply the necessary update. …
F5 Releases August 2021 Security Advisory 08/25/2021 10:16 AM EDT Original release date: August 25, 2021 F5 has released a security advisory on vulnerabilities affecting multiple versions of BIG-IP and BIG-IQ for August 2021. CISA encourages users and administrators to review the F5 security advisory and install updated software or apply the necessary mitigations as …
Continue reading “F5 Releases August 2021 Security Advisory”
FBI Releases Indicators of Compromise Associated with OnePercent Group Ransomware 08/25/2021 10:34 AM EDT Original release date: August 25, 2021 The Federal Bureau of Investigation (FBI) has released a Flash report detailing indicators of compromise (IOCs) associated with ransomware attacks by the OnePercent Group, a cyber-criminal organization known since November 2020 for using Cobalt Strike …
Continue reading “FBI Releases Indicators of Compromise Associated with OnePercent Group Ransomware”