Current Activity

Oracle Releases October 2021 Critical Patch Update

7 hours 17 minutes ago
Original release date: October 19, 2021

Oracle has released its Critical Patch Update for October 2021 to address 419 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. 

CISA encourages users and administrators to review the Oracle October 2021 Critical Patch Update and apply the necessary updates. 

This product is provided subject to this Notification and this Privacy & Use policy.

CISA

CISA, FBI, and NSA Release Joint Cybersecurity Advisory on BlackMatter Ransomware

1 day 1 hour ago
Original release date: October 18, 2021

CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released joint Cybersecurity Advisory (CSA): BlackMatter Ransomware.

Since July 2021, malicious cyber actors have used BlackMatter ransomware to target multiple U.S. critical infrastructure entities, including a U.S. Food and Agriculture Sector organization. Using an analyzed sample of BlackMatter ransomware and information from trusted third parties, this CSA provides cyber actor tactics, techniques, and procedures and outlines mitigations to improve ransomware protection, detection, and response.

To reduce the risk of BlackMatter ransomware, CISA, FBI, and NSA encourage organizations to implement the recommended mitigations in the joint CSA and visit StopRansomware.gov for more information on protecting against and responding to ransomware attacks.
 

This product is provided subject to this Notification and this Privacy & Use policy.

CISA

Apache Releases Security Advisory for Tomcat  

4 days 12 hours ago
Original release date: October 15, 2021

The Apache Software Foundation has released a security advisory to address a vulnerability in multiple versions of Tomcat. An attacker could exploit this vulnerability to cause a denial of service condition.

CISA encourages users and administrators to review Apache’s security advisory for CVE-2021-42340 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA

Ongoing Cyber Threats to U.S. Water and Wastewater Systems Sector Facilities

5 days 8 hours ago
Original release date: October 14, 2021

CISA, the Federal Bureau of Investigation (FBI), the Environmental Protection Agency (EPA), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA) that details ongoing cyber threats to U.S. Water and Wastewater Systems (WWS) Sector. This activity—which includes cyber intrusions leading to ransomware attacks—threatens the ability of WWS facilities to provide clean, potable water to, and effectively manage the wastewater of, their communities. The joint CSA provides extensive mitigations and resources to assist WWS Sector facilities in strengthening operational resilience and cybersecurity practices.

CISA has also released a Cyber Risks & Resources for the Water and Wastewater Systems Sector infographic that details both information technology and operational technology risks the WWS Sector faces and provides select resources.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA

Juniper Networks Releases Security Updates for Multiple Products

5 days 11 hours ago
Original release date: October 14, 2021

Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.
 
CISA encourages users and administrators to review the Juniper Networks security advisories page and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA

Microsoft Releases October 2021 Security Updates

1 week ago
Original release date: October 12, 2021

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review Microsoft’s October 2021 Security Update Summary and Deployment Information and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA

Adobe Releases Security Updates for Multiple Products

1 week ago
Original release date: October 12, 2021

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.

CISA

Apple Releases Security Update to Address CVE-2021-30883

1 week ago
Original release date: October 12, 2021

Apple has released a security update to address a vulnerability—CVE-2021-30883—in multiple products. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability has been detected in exploits in the wild.

CISA encourages users to review the Apple security page for iOS 15.0.2 and iPadOS 15.0.2 and apply the necessary updates as soon as possible.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA

Google Releases Security Updates for Chrome

1 week ago
Original release date: October 12, 2021

Google has updated the Stable channel to 94.0.4606.81 for Windows, Mac and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.
 
CISA encourages users and administrators to review the Chrome Release and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA

NSA Releases Guidance on Avoiding the Dangers of Wildcard TLS Certificates and ALPACA Techniques

1 week 4 days ago
Original release date: October 8, 2021

The National Security Agency (NSA) has released a Cybersecurity Information (CSI) sheet with guidance to help secure the Department of Defense, National Security Systems, and Defense Industrial Base organizations from poorly implemented wildcard Transport Layer Security (TLS) certificates and the exploitation of Application Layer Protocols Allowing Cross-Protocol Attacks (ALPACA). A malicious cyber actor with network access can exploit this vulnerability to access sensitive information.

CISA encourages administrators and users to review NSA's CSI sheet on Avoiding Dangers of Wildcard TLS Certificates and the ALPACA Technique for more information.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA

Apache Releases HTTP Server version 2.4.51 to Address Vulnerabilities Under Exploitation

1 week 5 days ago
Original release date: October 7, 2021

On October 7, 2021, the Apache Software Foundation released Apache HTTP Server version 2.4.51 to address Path Traversal and Remote Code Execution vulnerabilities (CVE-2021-41773, CVE-2021-42013) in Apache HTTP Server 2.4.49 and 2.4.50. These vulnerabilities have been exploited in the wild. 

CISA is also seeing ongoing scanning of vulnerable systems, which is expected to accelerate, likely leading to exploitation. CISA urges organizations to patch immediately if they haven’t already—this cannot wait until after the holiday weekend.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA

Cisco Releases Security Updates for Multiple Products

1 week 5 days ago
Original release date: October 7, 2021

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

CISA encourages users and administrators to review the following Cisco advisories and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.

CISA

CISA Releases Guidance: TIC 3.0 Remote User Use Case

1 week 5 days ago
Original release date: October 7, 2021

In coordination with the Office of Management and Budget (OMB), the Federal Chief Information Security Officer Council (FCISO) Trusted Internet Connections (TIC) Subcommittee, and the General Services Administration, CISA has released Trusted Internet Connections 3.0 Remote User Use Case. The Remote User Use Case provides federal agencies with guidance on applying network and multi-boundary security for agencies that permit remote users on their networks. In accordance with OMB Memorandum M-19-26, this use case builds off TIC 3.0 Interim Telework Guidance originally released in Spring 2020.

The TIC 3.0 Remote User Use Case considers additional security patterns agencies may face with remote users and includes four new security capabilities:

  • User Awareness and Training,
  • Domain Name Monitoring,
  • Application Container, and
  • Remote Desktop Access.

In conjunction with the Remote User Use Case, CISA has also released Response to Comments on TIC 3.0 Remote User Use Case and the Pilot Process Handbook. These additional documents provide feedback on the Remote User Use Case and describes the process by which agencies should conduct TIC 3.0 pilots.

CISA encourages all federal government agencies and organizations to review the TIC 3.0 Remote User Use Case and visit the CISA TIC page for updates and additional information on the TIC program.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA

Mozilla Releases Security Updates for Firefox and Firefox ESR

1 week 6 days ago
Original release date: October 6, 2021

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR . An attacker could exploit some of these vulnerabilities to take control of an affected system.  

CISA encourages users and administrators to review the Mozilla security advisories for Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA

Apache Releases Security Update for Apache HTTP Server

1 week 6 days ago
Original release date: October 6, 2021 | Last revised: October 7, 2021

(Updated October 7, 2021)

Apache has released additional fixes for CVE-2021-41773, which is tracked as CVE-2021-42013. For more information see the Apache vulnerabilities page

(Originally published October 6, 2021)

The Apache Software Foundation has released Apache HTTP Server version 2.4.50 to address two vulnerabilities. An attacker could exploit these vulnerabilities to take control of an affected system. One vulnerability, CVE-2021-41773, has been exploited in the wild.
 
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apache HTTP Server 2.4.50 vulnerabilities page and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA

CISA Releases Security Advisory for Honeywell Experion and ACE Controllers

2 weeks ago
Original release date: October 5, 2021

CISA has released an Industrial Controls Systems (ICS) advisory detailing multiple vulnerabilities affecting all versions of Honeywell Experion Process Knowledge System C200, C200E, C300, and ACE controllers. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review ICS advisory ICSA-21-278-04 Honeywell Experion and ACE Controllers as well as Experion Network and Security Planning Guide and Honeywell Support document SN2021-02-22-01 for more information and apply the necessary mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA

Be Cyber Smart During Cybersecurity Awareness Month

2 weeks ago
Original release date: October 5, 2021

CISA and the National Cybersecurity Alliance (NCSA) remind users to continue to “Do Your Part. #BeCyberSmart.” during October—2021’s Cybersecurity Awareness Month!
 
In 2021, CISA and NCSA will focus on different outreach themes each week to include:  

  • Be Cyber Smart
  • Phight the Phish!
  • Explore. Experience. Share. – Cybersecurity Career Awareness Week
  • Cybersecurity First

 As part of the STOP.THINK.CONNECT.™ national public awareness campaign, CISA is also sharing Cybersecurity Awareness Month Resources to reduce cybersecurity risks and protect you online. CISA reminds users that cybersecurity is a proactive responsibility, and individuals and organizations should implement strong security practices to stay safer and more secure online.
 
Visit CISA’s Cybersecurity Awareness Month webpage for more guidance and resources.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA

Google Releases Security Updates for Chrome

2 weeks 4 days ago
Original release date: October 1, 2021

Google has released Chrome version 94.0.4606.71  for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update as soon as possible.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA

CISA and NSA Release Guidance on Selecting and Hardening VPNs

3 weeks ago
Original release date: September 28, 2021

The National Security Agency (NSA) and CISA have released the cybersecurity information sheet Selecting and Hardening Standards-based Remote Access VPN Solutions to address the potential security risks associated with using Virtual Private Networks (VPNs). Remote-access VPN servers allow off-site users to tunnel into protected networks, making these entry points vulnerable to exploitation by malicious cyber actors.

Exploitation of these devices can enable:

  • Credential harvesting
  • Remote code execution on the VPN device
  • Cryptographic weakening of encrypted traffic sessions
  • Hijacking of encrypted traffic sessions
  • Arbitrary reads of sensitive data (e.g., configurations, credentials, keys) from the device

The information sheet helps organizations select standards-based (rather than proprietary) VPN solutions and provides hardening guidance to prevent compromise and respond to attacks.

CISA encourages organizations to review and adopt recommendations in the information sheet to reduce risk.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA

RCE Vulnerability in Hikvision Cameras (CVE-2021-36260)

3 weeks ago
Original release date: September 28, 2021 | Last revised: September 29, 2021

Hikvision has released updates to mitigate a command injection vulnerability—CVE-2021-36260—in Hikvision cameras that use a web server service. A remote attacker could exploit this vulnerability to take control of an affected device.
 
CISA encourages users and administrators to review Hikvision’s Security Advisory HSRC-202109-01 and apply the latest firmware updates. See security researcher Watchful IP’s technical blogpost for more information.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA
Checked
36 minutes 14 seconds ago
A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT.
Subscribe to Current Activity feed