Current security issues, vulnerabilities, and exploits

  • FBI Releases Indicators of Compromise Associated with Ranzy Locker Ransomware
    on October 27, 2021

    Original release date: October 27, 2021The Federal Bureau of Investigation (FBI) has released a Flash report detailing indicators of compromise (IOCs) associated with attacks using Ranzy Locker, a ransomware variant first identified targeting victims in the United States in late 2020. CISA encourages users and administrators to review the IOCs and technical details in FBI Flash CU-000153-MW and apply the recommend mitigations. This product is provided subject to this Notification and this Privacy & Use policy.



  • Adobe Releases Security Updates for Multiple Products
    on October 27, 2021

    Original release date: October 27, 2021Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Adobe’s Security Bulletins and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

  • Apple Releases Security Updates for Multiple Products
    on October 27, 2021

    Original release date: October 27, 2021Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates. iOS 14.8.1 and iPadOS 14.8.1 macOS Monterey 12.0.1 macOS Big Sur 11.6.1 Security Update 2021-007 Catalina watchOS 8.1 iOS 15.1 and iPadOS 15.1 tvOS 15.1 This product is provided subject to this Notification and this Privacy & Use policy.

  • NOBELIUM Attacks on Cloud Services and other Technologies
    on October 25, 2021

    Original release date: October 25, 2021Microsoft has released a blog on NOBELIUM attacks on cloud services and other technologies. CISA urges users and administrators to review [NOBELIUM targeting delegated administrative privileges to facilitate broader attacks] and apply the necessary mitigations. This product is provided subject to this Notification and this Privacy & Use policy.

  • Critical RCE Vulnerability in Discourse 
    on October 24, 2021

    Original release date: October 24, 2021Discourse—an open source discussion platform—has released a security advisory to address a critical remote code execution (RCE) vulnerability (CVE-2021-41163) in Discourse versions 2.7.8 and earlier.  CISA urges developers to update to patched versions 2.7.9 or later or apply the necessary workarounds.  For more information, see RCE via malicious SNS subscription payload. This product is provided subject to this Notification and this Privacy & Use policy.

  • Malware Discovered in Popular NPM Package, ua-parser-js
    on October 23, 2021

    Original release date: October 22, 2021Versions of a popular NPM package named ua-parser-js was found to contain malicious code. ua-parser-js is used in apps and websites to discover the type of device or browser a person is using from User-Agent data. A computer or device with the affected software installed or running could allow a remote attacker to obtain sensitive information or take control of the system.  CISA urges users and administers using compromised ua-parser-js versions 0.7.29, 0.8.0, and 1.0.0 to update to the respective patched versions: 0.7.30, 0.8.1, 1.0.1    For more information, see Embedded malware in ua-parser-js.   This product is provided subject to this Notification and this Privacy & Use policy.

  • GPS Daemon (GPSD) Rollover Bug
    on October 21, 2021

    Original release date: October 21, 2021Critical Infrastructure (CI) owners and operators, and other users who obtain Coordinated Universal Time (UTC) from Global Positioning System (GPS) devices, should be aware of a GPS Daemon (GPSD) bug in GPSD versions 3.20 (released December 31, 2019) through 3.22 (released January 8, 2021).    On October 24, 2021, Network Time Protocol (NTP) servers using bugged GPSD versions 3.20-3.22 may rollback the date 1,024 weeks—to March 2002—which may cause systems and services to become unavailable or unresponsive.     CISA urges affected CI owners and operators to ensure systems—that use GPSD to obtain timing information from GPS devices—are using GPSD version 3.23 (released August 8, 2021) or newer.   For more information, see Keeping Track of Time: Network Time Protocol and a GPSD Bug. This product is provided subject to this Notification and this Privacy & Use policy.