Cyber Security Information Portal
Vulnerability Summary for the Week of November 13, 2023 11/21/2023 11:00 AM EST The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not …
Continue reading “Vulnerability Summary for the Week of November 13, 2023”
CISA and NSA Release New Guidance on Identity and Access Management 10/04/2023 08:00 AM EDT Today, CISA and the National Security Agency (NSA) published Identity and Access Management: Developer and Vendor Challenges, authored by the Enduring Security Framework (ESF), a CISA- and NSA-led working panel that includes a public-private cross-sector partnership. ESF aims to address …
Continue reading “CISA and NSA Release New Guidance on Identity and Access Management”
CISA Releases Continuous Diagnostics and Mitigation Program: Identity, Credential, and Access Management (ICAM) Reference Architecture 09/15/2023 08:00 AM EDT Today, CISA released the Continuous Diagnostics and Mitigation Program: Identity, Credential, and Access Management (ICAM) Reference Architecture to help federal civilian departments and agencies integrate their identity and access management (IDAM) capabilities into their ICAM architectures. Prior …
Vulnerability Summary for the Week of August 14, 2023 08/21/2023 3:00 PM EDT The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not …
Continue reading “Vulnerability Summary for the Week of August 14, 2023”
Vulnerability Summary for the Week of August 7, 2023 08/14/2023 05:00 PM EDT The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not …
Continue reading “Vulnerability Summary for the Week of August 7, 2023”
Vulnerability Summary for the Week of July 17, 2023 07/24/2023 03:00 PM EDT High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info oliva_expertise — oliva_expertise_eks Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Oliva Expertise Oliva Expertise EKS allows SQL Injection.This issue affects Oliva …
Continue reading “Vulnerability Summary for the Week of July 17, 2023”
AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization 10/04/2022 01:58 PM EDT Original release date: October 4, 2022 Summary Actions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity: • Enforce multifactor authentication (MFA) on all user accounts.• Implement network segmentation to separate network segments based on role …
CISA and NSA Publish Open Radio Access Network Security Considerations 09/15/2022 09:52 AM EDT Original release date: September 15, 2022 CISA and the National Security Agency (NSA) have published Open Radio Access Network Security Considerations. This product—generated by the Enduring Security Framework (ESF) Open Radio Access Network (RAN) Working Panel, a subgroup within the cross-sector …
Continue reading “CISA and NSA Publish Open Radio Access Network Security Considerations”
Vulnerability Summary for the Week of August 29, 2022 09/06/2022 10:49 AM EDT Original release date: September 6, 2022 | Last revised: September 8, 2022 High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info There were no high vulnerabilities recorded this week. Back to top Medium Vulnerabilities PrimaryVendor — …
Continue reading “Vulnerability Summary for the Week of August 29, 2022”
Vulnerability Summary for the Week of August 1, 2022 08/08/2022 08:33 AM EDT Original release date: August 8, 2022 | Last revised: August 9, 2022 High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info There were no high vulnerabilities recorded this week. Back to top Medium Vulnerabilities PrimaryVendor — …
Continue reading “Vulnerability Summary for the Week of August 1, 2022”