Cyber Security Information Portal
CISA and NSA Release Guidance on Selecting and Hardening VPNs 09/28/2021 02:00 PM EDT Original release date: September 28, 2021 The National Security Agency (NSA) and CISA have released the cybersecurity information sheet Selecting and Hardening Standards-based Remote Access VPN Solutions to address the potential security risks associated with using Virtual Private Networks (VPNs). Remote-access VPN …
Continue reading “CISA and NSA Release Guidance on Selecting and Hardening VPNs”
RCE Vulnerability in Hikvision Cameras (CVE-2021-36260) 09/28/2021 11:43 AM EDT Original release date: September 28, 2021 Hikvision has released updates to mitigate a command injection vulnerability—CVE-2021-36260—in Hikvision cameras that use a web server service. A remote attacker could exploit this vulnerability to take control of an affected device. CISA encourages users and administrators to review Hikvision’s …
Continue reading “RCE Vulnerability in Hikvision Cameras (CVE36260)”
Vulnerability Summary for the Week of September 20, 2021 09/27/2021 07:18 AM EDT Original release date: September 27, 2021 High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info There were no high vulnerabilities recorded this week. Back to top Medium Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source …
Continue reading “Vulnerability Summary for the Week of September 20, 2021”
Google Releases Security Updates for Chrome 09/24/2021 02:42 PM EDT Original release date: September 24, 2021 Google has released Chrome version 94.0.4606.61 for Windows, Mac, and Linux. This version addresses a vulnerability—CVE-2021-37973—that an attacker could exploit to take control of an affected system. An exploit for this vulnerability exists in the wild. CISA encourages users …
Continue reading “Google Releases Security Updates for Chrome”
Apple Releases Security Updates 09/23/2021 06:11 PM EDT Original release date: September 23, 2021 Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to take control of an affected system. These vulnerabilities have been detected in exploits in the wild. CISA encourages users and administrators to review …
Cisco Releases Security Updates for Multiple Products 09/23/2021 10:06 AM EDT Original release date: September 23, 2021 Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Cisco Security Advisories …
Continue reading “Cisco Releases Security Updates for Multiple Products”
CISA Releases Guidance: IPv6 Considerations for TIC 3.0 09/23/2021 09:45 AM EDT Original release date: September 23, 2021 The federal government has prioritized the transition of federal networks to Internet Protocol version 6 (IPv6) since the release of Office of Management and Budget (OMB) Memorandum 05-22 in 2005. In 2020, OMB renewed its focus on IPv6 …
Continue reading “CISA Releases Guidance: IPv6 Considerations for TIC 3.0”
CISA, FBI, and NSA Release Joint Cybersecurity Advisory on Conti Ransomware 09/22/2021 01:00 PM EDT Original release date: September 22, 2021 CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA) alerting organizations of increased Conti ransomware attacks. Malicious cyber actors use Conti ransomware to steal sensitive …
Continue reading “CISA, FBI, and NSA Release Joint Cybersecurity Advisory on Conti Ransomware ”
Google Releases Security Updates for Chrome 09/22/2021 11:36 AM EDT Original release date: September 22, 2021 Google has released Chrome version 94.0.4606.54 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and …
Continue reading “Google Releases Security Updates for Chrome”
NETGEAR Releases Security Updates for RCE Vulnerability 09/21/2021 02:06 PM EDT Original release date: September 21, 2021 NETGEAR has released security updates to address a remote code execution vulnerability—CVE-2021-40847—in multiple NETGEAR routers. A remote attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review NETGEAR’s Security …
Continue reading “NETGEAR Releases Security Updates for RCE Vulnerability”