CISA Releases Joint Guide for Software Manufacturers: The Case for Memory Safe Roadmaps 12/06/2023 07:00 AM EST Today, as part of the Secure by Design campaign, CISA published The Case for Memory Safe Roadmaps: Why Both C-Suite Executives and Technical Experts Need to Take Memory Safe Coding Seriously in collaboration with the following partners: United …
Tag Archives: software
CISA Requests Comment on Draft Secure Software Development Attestation Form
CISA Requests Comment on Draft Secure Software Development Attestation Form 11/16/2023 12:00 PM EST CISA has opened a 30-day Federal Register notice to receive public comment on the draft Secure Software Development Attestation Form. CISA developed this form in coordination with the Office of Management and Budget. With the Secure Software Development Attestation Form, federal …
Continue reading “CISA Requests Comment on Draft Secure Software Development Attestation Form”
CISA, NSA, and Partners Release New Guidance on Securing the Software Supply Chain
CISA, NSA, and Partners Release New Guidance on Securing the Software Supply Chain 11/09/2023 07:00 AM EST Today, CISA, the National Security Agency (NSA), and partners released Securing the Software Supply Chain: Recommended Practices for Software Bill of Materials Consumption. Developed through the Enduring Security Framework (ESF), this guidance provides software developers and suppliers with …
Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products 11/03/2023 08:00 AM EDT Cisco released security advisories for vulnerabilities affecting multiple Cisco products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary updates: Cisco Firepower …
Continue reading “Cisco Releases Security Advisories for Multiple Products”
CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities
CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities 11/01/2023 Today, CISA updated its guidance addressing two vulnerabilities, CVE-2023-20198 and CVE-2023-20273, affecting Cisco’s Internetworking Operating System (IOS) XE Software Web User Interface (UI). The guidance now notes that Cisco has fixed these vulnerabilities for the 17.3 Cisco IOS XE software release train with version …
Continue reading “CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities “
CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities
CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities 10/24/2023 09:30 AM EDT Today, CISA updated its guidance addressing two vulnerabilities, CVE-2023-20198 and CVE-2023-20273, affecting Cisco’s Internetworking Operating System (IOS) XE Software Web User Interface (UI). The guidance now notes that Cisco has fixed these vulnerabilities for the 17.9 Cisco IOS XE software …
Continue reading “CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities”
CISA Releases Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities
CISA Releases Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities 10/20/2023 08:00 AM EDT Today, CISA, in response to active, widespread exploitation, released guidance addressing two vulnerabilities, CVE-2023-20198 and CVE-2023-20273, affecting Cisco’s Internetworking Operating System (IOS) XE Software Web User Interface (UI). An unauthenticated remote actor could exploit these vulnerabilities to take control of …
Continue reading “CISA Releases Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities”
Cisco Releases Security Advisory for IOS XE Software Web UI
Cisco Releases Security Advisory for IOS XE Software Web UI 10/16/2023 08:00 AM EDT Cisco released a security advisory to address a vulnerability (CVE-2023-20198) affecting IOS XE Software Web UI. A cyber threat actor can exploit this vulnerability to take control of an affected device. CISA encourages users and administrators to review the Cisco security …
Continue reading “Cisco Releases Security Advisory for IOS XE Software Web UI”
Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products 09/28/2023 06:00 PM EDT Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A remote cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary updates: …
Continue reading “Cisco Releases Security Advisories for Multiple Products”
CISA Releases its Open Source Software Security Roadmap
CISA Releases its Open Source Software Security Roadmap 09/12/2023 11:00 AM EDT Today, CISA released an Open Source Software Security Roadmap to lay out—in alignment with the National Cybersecurity Strategy and the CISA Cybersecurity Strategic Plan—how we will partner with federal agencies, open source software (OSS) consumers, and the OSS community, to secure OSS infrastructure. …
Continue reading “CISA Releases its Open Source Software Security Roadmap”