Cyber Security Information Portal
Vulnerability Summary for the Week of November 27, 2023 12/04/2023 03:43 PM EST The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not …
Continue reading “Vulnerability Summary for the Week of November 27, 2023”
CISA, FBI, and MS-ISAC Release Advisory on Rhysida Ransomware 11/15/2023 11:00 AM EST Today, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), #StopRansomware: Rhysida Ransomware, to disseminate known Rhysida ransomware indicators of compromise (IOCs), detection …
Continue reading “CISA, FBI, and MS-ISAC Release Advisory on Rhysida Ransomware”
Vulnerability Summary for the Week of October 30, 2023 11/06/2023 05:00 PM EST The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not …
Continue reading “Vulnerability Summary for the Week of October 30, 2023”
CISA Published When to Issue VEX Information 11/06/2023 01:00 PM EST Today, CISA published When to Issue Vulnerability Exploitability eXchange (VEX) Information, developed by a community of industry and government experts with the goal to offer some guidance and structure for the software security world, including the large and growing global SBOM community. This guide …
Continue reading “CISA Published When to Issue VEX Information”
CISA, NSA, FBI, and MS-ISAC Release Update to #StopRansomware Guide 10/19/2023 03:00 PM EDT Today, the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released an updated version of the joint #StopRansomware Guide. The update includes new …
Continue reading “CISA, NSA, FBI, and MS-ISAC Release Update to #StopRansomware Guide”
CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance 10/18/2023 08:00 AM EDT Today, the Cybersecurity Infrastructure and Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint guide, Phishing Guidance: Stopping the Attack Cycle at Phase One. The …
Continue reading “CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance”
HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487 10/10/2023 08:00 AM EDT Researchers and vendors have disclosed a denial-of-service (DoS) vulnerability in HTTP/2 protocol. The vulnerability (CVE-2023-44487), known as Rapid Reset, has been exploited in the wild in August 2023 through October 2023. CISA recommends organizations that provide HTTP/2 services apply patches when available and consider configuration changes …
Continue reading “HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487”
Vulnerability Summary for the Week of September 18, 2023 09/29/2023 12:00 PM EDT The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not …
Continue reading “Vulnerability Summary for the Week of September 18, 2023”
NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats 09/12/2023 06:00 PM EDT Today, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity Information Sheet (CSI), Contextualizing Deepfake Threats to Organizations, which provides an overview of synthetic media threats, techniques, …
Continue reading “NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats”
CISA Publishes User Guide to Prepare for Nov. 1 Move to TLP 2.0 09/29/2022 12:15 PM EDT Original release date: September 29, 2022 CISA has published its Traffic Light Protocol 2.0 User Guide and Traffic Light Protocol: Moving to Version 2.0 fact sheet in preparation for its November 1, 2022 move from Traffic Light Protocol (TLP) …
Continue reading “CISA Publishes User Guide to Prepare for Nov. 1 Move to TLP 2.0”