Cyber Security Information Portal
01/28/2022 11:32 AM EST Original release date: January 28, 2022 CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and …
Continue reading “CISA Adds Eight Known Exploited Vulnerabilities to Catalog”
Apple Releases Security Updates for Multiple Products 01/27/2022 01:40 PM EST Original release date: January 27, 2022 Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security pages for …
Continue reading “Apple Releases Security Updates for Multiple Products”
Fresenius Kabi Agilia Connect Infusion System (Update A) 01/27/2022 1:05 PM EST This updated advisory is a follow-up to the original advisory titled ICSMA-21-355-01 Fresenius Kabi Agilia Connect Infusion System that was published December 21, 2021, to the ICS webpage on www.cisa.gov/uscert. This advisory contains mitigations for several vulnerabilities in the Fresenius Kabi Agilia Connect …
Continue reading “Fresenius Kabi Agilia Connect Infusion System (Update A)”
CISA releases 2 Industrial Control Systems Advisories 1/27/2022 12:05 PM EST
FBI Releases PIN on Iranian Cyber Group Emennet Pasargad 01/27/2022 10:14 AM EST Original release date: January 27, 2022 The Federal Bureau of Investigation (FBI) has released a Private Industry Notification (PIN) that provides a historical overview of Iran-based cyber company Emennet Pasargad’s tactics, techniques, and procedures to enable readers to identify and defend against …
Continue reading “FBI Releases PIN on Iranian Cyber Group Emennet Pasargad”
CISA releases 1 Industrial Control Systems Advisory 1/25/2022 12:34 PM EST
Vulnerability Summary for the Week of January 17, 2022 01/24/2022 08:41 AM EST Original release date: January 24, 2022 High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info adobe — acrobat_dc Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free …
Continue reading “Vulnerability Summary for the Week of January 17, 2022”
CISA Publishes Infographic on Layering Network Security Through Segmentation 01/24/2022 09:59 AM EST Original release date: January 24, 2022 CISA has published an infographic to emphasize the importance of implementing network segmentation—a physical or virtual architectural approach that divides a network into multiple segments, each acting as its own subnetwork, to provide additional security and …
Continue reading “CISA Publishes Infographic on Layering Network Security Through Segmentation”
01/21/2022 10:19 AM EST Original release date: January 21, 2022 CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose …
Continue reading “CISA Adds Four Known Exploited Vulnerabilities to Catalog”
McAfee Releases Security Update for McAfee Agent for Windows 01/21/2022 01:32 PM EST Original release date: January 21, 2022 Note: the broken links are corrected in the below notification. McAfee has released McAfee Agent for Windows version 5.7.5, which addresses vulnerabilities CVE-2021-31854 and CVE-2022-0166. An attacker could exploit these vulnerabilities to take control of an …
Continue reading “[Correction] McAfee Releases Security Update for McAfee Agent for Windows “