The US Cybersecurity and Infrastructure Security Agency (CISA) has released a report and a toolkit to help K-12 schools better protect their systems from cybersecurity threats. The report makes three recommendations: investing in most impactful security measures and building toward a mature cybersecurity plan; recognizing and actively address resource constraints; and focusing on collaboration and …
In a joint cybersecurity advisory, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) warn that threat actors used legitimate remote monitoring and management software to gain access to the networks of multiple federal civilian executive branch agencies. The advisory includes technical details, indicators of …
The US Cybersecurity and Infrastructure Security Agency (CISA) has published a dozen advisories warning of vulnerabilities in various Industrial Control Systems (ICS). Affected products include Sewio RTLS Studio, 2 RONDS Equipment Predictive Maintenance Solution, InHand Networks InRouter, Panasonic Sanyo CCTV Network Camera, SAUTER Controls Nova 200 – 220 Series (PLC 6), Johnson Controls Metasys, Hitachi …
The US Cybersecurity and Infrastructure Security Agency (CISA) has added two privilege elevation vulnerabilities – one in Microsoft Exchange Server and one in Windows – to its Known Exploited Vulnerabilities (KDEV) Catalog. US Federal Civilian Executive Branch Agencies have until January 31 to mitigate the flaws. Note CVE-2022-41080 – an Exchange privilege escalation flaw from …
Updated on 2023-01-09: Hitachi Energy Vulnerabilities The US Cybersecurity and Infrastructure Security Agency (CISA) has published three Industrial Control System (ICS) advisories regarding vulnerabilities in Hitachi Energy products. The flaws affect Hitachi Energy UNEM, Hitachi Energy FOXMAN-UN, and Hitachi Energy Lumada Asset Performance Management. Hitachi has addressed the vulnerabilities and urges users to update to …
Updated on 2022-12-30 The US Cybersecurity and Infrastructure Security Agency (CISA) has added two JasperReports vulnerabilities to its known exploited vulnerabilities catalog: CVE-2018-5430 (CVSS score: 7.7) and CVE-2018-18809 (CVSS score: 9.9). The flaws were disclosed in 2018; fixes are available for both flaws. CISA says it has become aware that the vulnerabilities – an information …
The US Cybersecurity and Infrastructure Security Agency (CISA) has published three advisories regarding vulnerabilities in Rockwell Automation controllers. Rockwell has released updates to address two of the vulnerabilities: an improper access control issue in Rockwell Automation Studio 5000 Logix Emulate and an improper input validation issue in Rockwell Automation GuardLogix and ControlLogix controllers. Rockwell has …
Updated on 2022-12-15: 5G network slicing guidance CISA and the NSA have released new guidance this week for 5G network operators as part of a larger series they started earlier this week. This new one [PDF] touches on how mobile networks can best set up and defend 5G networks that have been split into smaller …
The US Cybersecurity and Infrastructure Security Agency (CISA) has added an unspecified vulnerability in Oracle Fusion Middleware to its Known Exploited Vulnerabilities (KEV) catalog. The flaw affects Oracle Fusion Middleware Access Manager and “allows an unauthenticated attacker with network access via HTTP to take over the Access Manager product.” CISA has specified a mitigation due …
Updated on 2022-12-12 The Hive ransomware group claimed responsibility for ongoing disruptions to computer systems at Knox College, Illinois. It claimed to have encrypted critical infrastructure and data. Read more: Knox College president addresses ransomware incident as notorious group claims credit Updated on 2022-12-09 The Hive ransomware group claimed to have posted the customer data …
In a report, the US Government Accountability Office (GAO) makes recommendations that “could help the federal government improve coordination and assistance” to help protect state, local, tribal, and territorial (SLTT) government organizations from ransomware attacks. Ransomware: Federal Coordination and Assistance Challenges recommends that the Cybersecurity and Infrastructure Security Agency (CISA), Secret Service, and FBI improve …
The Information Technology Industry Council (ITIC) has responded to a CISA Request for Information on the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) regarding the scope of CIRCIA incident reporting requirements. In its response ITIC writes, “CISA should develop criteria based on criticality assessment to national and economic security when entities are …
Updated on 2022-12-29 The Log4Shell vulnerability remains a big threat to organizations even after a year since it received security patches. It is found that around 40% of software continues to use vulnerable versions of Apache Log4j. Read more: Lessons Learned: The Log4J Vulnerability 12 Months On Updated on 2022-12-12: Log4Shell one-year anniversary Happy birthday …
The US Cybersecurity and Infrastructure Security Agency (CISA) has updated its August 16 alert, Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite, to include additional indicators of compromise (IoCs). In the August version of the alert, CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) urge organizations that did not immediately update Zimbra …
Updated on 2022-11-14: CISA Publishes Stakeholder-Specific Vulnerability Categorization Guide The US Cybersecurity and Infrastructure Security Agency (CISA) has published a Stakeholder-Specific Vulnerability Categorization Guide to help government agencies and other organizations prioritize vulnerability management. The guide includes information about how CISA scores vulnerabilities, and describes its decision tree model. Note The SVCC guide derives from …
