Current high-impact types of security incidents

  • Adobe Releases Security Updates for Multiple Products 
    by CISA on May 11, 2021 at 11:53 pm

    Original release date: May 11, 2021Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Adobe’s Security Bulletins and apply the necessary updates.  This product is provided subject to this Notification and this Privacy & Use policy.

  • Microsoft Releases May 2021 Security Updates
    by CISA on May 11, 2021 at 11:49 pm

    Original release date: May 11, 2021Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s May 2021 Security Update Summary and Deployment Information and apply the necessary updates.   This product is provided subject to this Notification and this Privacy & Use policy.

  • Citrix Releases Security Updates for Workspace App for Windows
    by CISA on May 11, 2021 at 11:43 pm

    Original release date: May 11, 2021Citrix has released security updates to address a vulnerability in Citrix Workspace App for Windows. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Citrix Security Update CTX307794 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

  • Juniper Networks Releases Security Updates
    by CISA on May 11, 2021 at 11:34 pm

    Original release date: May 11, 2021Juniper Networks has released security updates to address multiple vulnerabilities in various Juniper products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Juniper's 2021-05 Out-of-Cycle Security Bulletin and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

  • Joint CISA-FBI Cybersecurity Advisory on DarkSide Ransomware
    by CISA on May 11, 2021 at 5:42 pm

    Original release date: May 11, 2021CISA and the Federal Bureau of Investigation (FBI) have released a Joint Cybersecurity Advisory (CSA) on a ransomware-as-a-service (RaaS) variant—referred to as DarkSide—recently used in a ransomware attack against a critical infrastructure (CI) company.  Cybercriminal groups use DarkSide to gain access to a victim’s network to encrypt and exfiltrate data. These groups then threaten to expose data if the victim does not pay the ransom. Groups leveraging DarkSide have recently been targeting organizations across various CI sectors including manufacturing, legal, insurance, healthcare, and energy.  Prevention is the most effective defense against ransomware. It is critical to follow best practices to protect against ransomware attacks, which can be devastating to an individual or organization and recovery may be a difficult process. In addition to the Joint CSA, CISA and FBI urge CI asset owners and operators to review the following resources for best practices on strengthening cybersecurity posture: CISA and Multi-State Information Sharing and Analysis Center: Joint Ransomware Guide CISA webpage: Ransomware Guidance and Resources CISA Insights: Ransomware Outbreak CISA Pipeline Cybersecurity Initiative CISA Pipeline Cybersecurity Resources Library Victims of ransomware should report it immediately to CISA, a local FBI Field Office, or a Secret Service Field Office. This product is provided subject to this Notification and this Privacy & Use policy.

  • Google Releases Security Updates for Chrome
    by CISA on May 11, 2021 at 2:27 pm

    Original release date: May 11, 2021Google has released Chrome version 90.0.4430.212 for Windows, Mac, and Linux.   This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates.   This product is provided subject to this Notification and this Privacy & Use policy.

  • Exim Releases Security Update
    by CISA on May 7, 2021 at 3:46 pm

    Original release date: May 7, 2021Exim has released a security update to address multiple vulnerabilities in Exim versions prior to 4.94.2. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Exim 4.94.2 update page and apply the necessary update. CISA also encourages users and administrators to review Center for Internet Security Advisory 2021-064 for more information.   This product is provided subject to this Notification and this Privacy & Use policy.

  • Joint NCSC-CISA-FBI-NSA Cybersecurity Advisory on Russian SVR Activity
    by CISA on May 7, 2021 at 11:31 am

    Original release date: May 7, 2021CISA has joined with the United Kingdom's National Cyber Security Centre (NCSC), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA), in releasing a Joint Cybersecurity Advisory on Russian Foreign Intelligence Service (SVR) tactics, techniques, and procedures. Further TTPs associated with SVR cyber actors provides additional details on SVR activity including exploitation activity following their initial compromise of SolarWinds Orion software supply chain. CISA has also released Fact Sheet: Russian SVR Activities Related to SolarWinds Compromise that provides summaries of three key joint publications that focus on SVR activities related to the SolarWinds Orion supply chain compromise. CISA strongly encourages users and administrators to review the joint advisory as well as the other two advisories summarized on the fact sheet for mitigation strategies to aid organizations in securing their networks against Russian SVR activity. This product is provided subject to this Notification and this Privacy & Use policy.

  •  Cisco Releases Security Updates for Multiple Products 
    by CISA on May 6, 2021 at 8:04 pm

    Original release date: May 6, 2021Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to review the following Cisco advisories and apply the necessary updates: •    Cisco SD-WAN vManage Software Vulnerabilities cisco-sa-sd-wan-vmanage-4TbynnhZ •    Cisco HyperFlex HX Command Injection Vulnerabilities cisco-sa-hyperflex-rce-TjjNrkpR •    Cisco SD-WAN Software vDaemon Denial of Service Vulnerability cisco-sa-sdwan-dos-Ckn5cVqW •    Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities cisco-sa-sdwan-buffover-MWGucjtO •    Cisco SD-WAN vManage Software Authentication Bypass Vulnerability cisco-sa-sdw-auth-bypass-65aYqcS2 •    Cisco Small Business 100, 300, and 500 Series Wireless Access Points Vulnerabilities cisco-sa-sb-wap-multi-ZAfKGXhF •    Cisco Enterprise NFV Infrastructure Software Command Injection Vulnerability cisco-sa-nfvis-cmdinj-DkFjqg2j •    Cisco Unified Communications Manager IM & Presence Service SQL Injection Vulnerabilities cisco-sa-imp-inj-ereCOKjR •    Cisco AnyConnect Secure Mobility Client for Windows DLL and Executable Hijacking Vulnerabilities cisco-sa-anyconnect-code-exec-jR3tWTA6 This product is provided subject to this Notification and this Privacy & Use policy.

  • Mozilla Releases Security Updates for Firefox
    by CISA on May 6, 2021 at 1:55 pm

    Original release date: May 6, 2021Mozilla has released security updates to address vulnerabilities in Firefox. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla Security Advisory for Firefox 88.0.1 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.