Our news
-
Guidance: Assembling a Group of Products for SBOM
Today, CISA published Guidance on Assembling a Group of Products created by the Software Bill of Materials (SBOM) Tooling & Implementation Working Group, one of the five SBOM community-driven workstreams facilitated by CISA. CISA’s community-driven working groups publish documents and reports to advance and refine SBOM and ultimately promote adoption. Specifically, software producers often need to assemble…
-
Mozilla Releases Security Updates for Thunderbird and Firefox
Mozilla has released security updates to address vulnerabilities in Thunderbird and Firefox. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary updates: Thunderbird 115.7 Firefox ESR 115.7 Firefox 122
-
Vulnerability Summary for the Week of January 15, 2024
High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info argoproj — argo-cd Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The Argo CD API prior to versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15 are vulnerable to a cross-server request forgery (CSRF) attack when the attacker has the ability…
-
CISA Issues Emergency Directive on Ivanti Vulnerabilities
CISA has issued Emergency Directive (ED) 24-01 Mitigate Ivanti Connect Secure and Ivanti Policy Secure Vulnerabilities in response to active vulnerabilities in the following Ivanti products: Ivanti Connect Secure and Ivanti Policy Secure. ED 24-01 directs all Federal Civilian Executive Branch (FCEB) agencies running Ivanti Connect Secure and Ivanti Policy Secure to: Implement the mitigations…
-
Incident Response Guide for the WWS Sector
Today, CISA, the Federal Bureau of Investigation (FBI), and the Environmental Protection Agency released a joint Incident Response Guide for the Water and Wastewater Systems (WWS) Sector. The guide includes contributions from over 25 WWS Sector organizations spanning private industry, nonprofit, and government entities. This coordination enabled CISA, FBI, and EPA to develop a guide…
-
Drupal Releases Security Advisory for Drupal Core
Drupal released a security advisory to address a vulnerability affecting multiple Drupal core versions. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review Drupal security advisory SA-CORE-2024-001 for more information and apply the necessary update.
-
CISA and FBI Release Known IOCs Associated with Androxgh0st Malware
Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), Known Indicators of Compromise Associated with Androxgh0st Malware, to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with threat actors deploying Androxgh0st malware. Androxgh0st malware establishes a botnet for victim identification and exploitation in vulnerable…
-
Known Indicators of Compromise Associated with Androxgh0st Malware
SUMMARY The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with threat actors deploying Androxgh0st malware. Multiple, ongoing investigations and trusted third party reporting yielded the IOCs and TTPs,…
-
The Danger of Deepfake Scams
The rise of artificial intelligence (AI) has enhanced our lives in many ways. In the realm of cybersecurity, AI has bolstered defenses against threats. There are machine learning algorithms, enhanced anomaly detection, and automated response mechanisms for rapid response to and neutralizing threats. However, AI is also being used maliciously by threat actors. A popular…