computer security

The Federal Bureau of Investigation (FBI) has released a Flash report detailing indicators of compromise (IOCs) associated with attacks involving BlackCat/ALPHV, a Ransomware-as-a-Service that has compromised at least 60 entities…

python -- python  In Python (aka CPython) through 3.10.4, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that…

Russian State-Sponsored Cyber Operations Russian state-sponsored cyber actors have demonstrated capabilities to compromise IT networks; develop mechanisms to maintain long-term, persistent access to IT networks; exfiltrate sensitive…

Oracle has released its Critical Patch Update for April 2022 to address 520 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages…

CISA has released draft versions of two guidance documents—along with a request for comment (RFC)—that are a part of the recently launched Secure Cloud Business Applications (SCuBA) project: Secure Cloud Business Applications (SCuBA)…

Original release date: April 18, 2022CISA, the Federal Bureau of Investigation (FBI), and the U.S. Treasury Department have released a joint Cybersecurity Advisory (CSA) that details cyber threats associated with…

Actions to take today to mitigate cyber threats to cryptocurrency:• Patch all systems.• Prioritize patching known exploited vulnerabilities.• Train users to recognize and report phishing attempts.• Use multifactor authentication. The…

Author: Ralph Barnett, III, Cybersecurity and Infrastructure Security Agency (CISA) The National Emergency Communications Plan (NECP) highlighted the need for robust and inclusive governance structures to ensure effective…

VMware has released security updates to address a remote code execution vulnerability in Cloud Director. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to…

By: Joshua Black, Federal 911 Working Group Chair, Cybersecurity and Infrastructure Security Agency (CISA) and John Holloway, Deputy Director of Public Safety Communications, Defense Information Systems Agency (DISA), Department of…

Original release date: April 14, 2022Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.…

Microsoft has released an advisory to address CVE-2022-26809, a critical remote code execution vulnerability in Remote Procedure Call Runtime Library. A remote, unauthenticated attacker could exploit this vulnerability to take control of…

Citrix has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the…

Author: Josh Black, Joint SAFECOM-NCSWIC NG911 Working Group Federal Lead, Cybersecurity and Infrastructure Security Agency (CISA) As CISA continues to celebrate National Public Safety Telecommunicators Week (NPSTW), and Emergency…

CISA, the Department of Energy (DOE), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA), warning that certain advanced persistent threat (APT) actors have…

Summary Actions to Take Today to Protect ICS/SCADA Devices:• Enforce multifactor authentication for all remote access to ICS networks and devices whenever possible.• Change all passwords to ICS/SCADA…

The Industrial Control Systems Joint Working Group (ICSJWG) will hold its Spring 2022 Virtual Meeting April 26–27. ICSJWG meetings facilitate relationship building among critical infrastructure stakeholders and owners/operators of…

CISA has added 10 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant…

The Apache Software Foundation has released a security advisory to address a vulnerability in Struts in the version range 2.0.0 to 2.5.29. An attacker could exploit this vulnerability to take control of an affected system.   CISA…

Citrix has released security updates to address vulnerabilities in multiple SD-WAN products. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to…

Original release date: April 12, 2022Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages…

Author: Billy Bob Brown, Jr., Executive Assistant Director for Emergency Communications, Cybersecurity and Infrastructure Security Agency (CISA) It is our honor to celebrate Emergency Communications Month and National Public Safety…

jeesite -- jeesite  Jeesite 1.2.7 uses the apache shiro version 1.2.3 affected by CVE-2016-4437. Because of this version of the java deserialization vulnerability, an attacker could exploit the vulnerability to execute arbitrary…

April is Emergency Communications Month! Throughout the month, we’ll be recognizing the important work of both CISA and the emergency response community. The 911 operating system only begins to scratch the surface of emergency…

CISA’s Sharing Cyber Event Information Fact Sheet provides our stakeholders with clear guidance and information about what to share, who should share, and how to share information about unusual cyber incidents or activity.   CISA uses…

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose…

By the National Risk Management Center The world is constantly changing and while predicting the future with 100 percent accuracy is impossible, we can use strategic foresight to be prepared for possible futures. For CISA, identifying…

iss -- blackice_pc_protection  ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in ISS BlackICE PC Protection and classified as critical. Affected by this issue is the component Cross Site Scripting Detection. The…

Spring by VMWare has released Spring Cloud Function versions 3.1.7 and 3.2.3 to address remote code execution (RCE) vulnerability CVE-2022-22963 as well as Spring Framework versions 5.3.18 and 5.2.20 to address RCE vulnerability…

Apple has released security updates to address vulnerabilities—CVE-2022-22674 and CVE-2022-22675—in multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected device. These vulnerabilities…

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose…

The CERT Coordination Center (CERT/CC) has released information on a vulnerability (CVE-2022-22965), known as “Spring4Shell,” affecting Spring Framework, a Java framework that creates applications, including web applications. A remote…

Official websites use .govA .gov website belongs to an official government organization in the United States. Secure .gov websites use HTTPS A lock () or https:// means you've safely connected to the .gov website. Share sensitive…

CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose…

The Federal Bureau of Investigation (FBI) has released a Private Industry Notification (PIN) to inform U.S. Government Facilities Sector partners of cyber actors conducting ransomware attacks on local government agencies that have…

Original release date: March 30, 2022The Federal Bureau of Investigation (FBI) has released a Private Industry Notification (PIN) to warn U.S. election and other state and local government officials about invoice-themed phishing emails…

CISA and the Department of Energy (DOE) are aware of threat actors gaining access to a variety of internet-connected uninterruptable power supply (UPS) devices, often through unchanged default usernames and passwords. Organizations can…

Cary Martin, Cybersecurity and Infrastructure Security Agency (CISA) Statewide Interoperability Coordinators (SWICs) and other emergency preparedness personnel may decide they wish to include a third-party evaluator in an upcoming…

CISA has added 32 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant…

/admin -- show.php  A stored cross-site scripting (XSS) vulnerability in the upload function of /admin/show.php allows attackers to execute arbitrary web scripts or HTML via a crafted image file. 2022-03-25 not yet calculated…

Deploying an unmanned aircraft systems (UAS) unit, or drone, requires collaboration across multiple agencies. The latest National Emergency Communications Plan (NECP) Spotlight demonstrates how the NECP's recommendations enhance…

CISA has added 66 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant…

CISA, the Federal Bureau of Investigation, and the Department of Energy have released a joint Cybersecurity Advisory (CSA) detailing campaigns conducted by state-sponsored Russian cyber actors from 2011 to 2018 that targeted U.S. and…

Tactic Technique Use  Detection/Mitigations Reconnaissance Gather Victim Identity Information: Credentials The threat actor harvested credentials of third-party commercial organizations by sending spearphishing…

VMware has released security updates to address multiple vulnerabilities in VMware Carbon Black App Control software. A remote attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and…

The Federal Bureau of Investigation (FBI) and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) have released a joint Cybersecurity Advisory identifying indicators of compromise associated with AvosLocker…

<!-- Vulnerability Summary for the Week of March 14, 2022 - Inergency …

<!-- Vulnerability Summary for the Week of March 14, 2022 …

389_directory_server -- 389_directory_server  A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service…

OpenSSL has released security updates addressing a vulnerability affecting multiple versions of OpenSSL. An attacker could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to…