Cyber Security Information Portal
CISA and UK NCSC Unveil Joint Guidelines for Secure AI System Development 11/26/2023 07:00 AM EST Today, in a landmark collaboration, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the UK National Cyber Security Centre (NCSC) are proud to announce the release of the Guidelines for Secure AI System Development. Co-sealed by 23 domestic …
Continue reading “CISA and UK NCSC Unveil Joint Guidelines for Secure AI System Development”
CISA Releases Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities 10/20/2023 08:00 AM EDT Today, CISA, in response to active, widespread exploitation, released guidance addressing two vulnerabilities, CVE-2023-20198 and CVE-2023-20273, affecting Cisco’s Internetworking Operating System (IOS) XE Software Web User Interface (UI). An unauthenticated remote actor could exploit these vulnerabilities to take control of …
Continue reading “CISA Releases Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities”
Vulnerability Summary for the Week of September 25, 2023 10/03/2023 08:00 AM EDT The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not …
Continue reading “Vulnerability Summary for the Week of September 25, 2023”
Vulnerability Summary for the Week of September 4, 2023 09/11/2023 04:30 PM EDT The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not …
Continue reading “Vulnerability Summary for the Week of September 4, 2023”
Vulnerability Summary for the Week of August 7, 2023 08/14/2023 05:00 PM EDT The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not …
Continue reading “Vulnerability Summary for the Week of August 7, 2023”
Vulnerability Summary for the Week of July 31, 2023 08/08/2023 09:00 AM EDT High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info yunyecms — yunyecms SQL injection vulnerability in yunyecms 2.0.2 allows remote attackers to run arbitrary SQL commands via XFF. 2023-07-31 9.8 CVE-2020-21662MISC raspap — raspap A Command injection …
Continue reading “Vulnerability Summary for the Week of July 31, 2023”
Vulnerability Summary for the Week of July 24, 2023 08/1/2023 08:00 AM EDT The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not …
Continue reading “Vulnerability Summary for the Week of July 24, 2023”
Vulnerability Summary for the Week of September 26, 2022 10/03/2022 08:56 AM EDT Original release date: October 3, 2022 | Last revised: October 5, 2022 High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info acer — altos_t110_f3 There is a stack buffer overflow vulnerability, which could lead to arbitrary code …
Continue reading “Vulnerability Summary for the Week of September 26, 2022”
AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization 10/04/2022 01:58 PM EDT Original release date: October 4, 2022 Summary Actions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity: • Enforce multifactor authentication (MFA) on all user accounts.• Implement network segmentation to separate network segments based on role …
Vulnerability Summary for the Week of September 19, 2022 09/26/2022 10:09 AM EDT Original release date: September 26, 2022 | Last revised: September 27, 2022 High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info There were no high vulnerabilities recorded this week. Back to top Medium Vulnerabilities PrimaryVendor — …
Continue reading “Vulnerability Summary for the Week of September 19, 2022”