LokiBot Malware
Original release date: September 22, 2020 | Last revised: September 23, 2020This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK...
View ArticleMozilla Releases Security Updates for Firefox and Firefox ESR
Original release date: September 22, 2020Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take...
View ArticleUnpatched Domain Controllers Remain Vulnerable to Netlogon Vulnerability,...
Original release date: September 24, 2020The Cybersecurity and Infrastructure Security Agency (CISA) is aware of active exploitation of CVE-2020-1472, an elevation of privilege vulnerability in...
View ArticleClik here to view.
Federal Agency Compromised by Malicious Cyber Actor
Original release date: September 24, 2020CISA became aware—via EINSTEIN, CISA’s intrusion detection system that monitors federal civilian networks—of a potential compromise of a federal agency’s...
View ArticleApple Releases Security Updates
Original release date: September 25, 2020Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of...
View ArticleCisco Releases Security Updates for Multiple Products
Original release date: September 25, 2020Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take...
View ArticleVulnerability Summary for the Week of September 21, 2020
Original release date: September 28, 2020 High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoaveva -- edna_enterprise_data_historianAn SQL injection...
View ArticleCISA Releases Telework Essentials Toolkit
Original release date: September 30, 2020The Cybersecurity and Infrastructure Security Agency (CISA) has released the Telework Essentials Toolkit, a comprehensive resource of telework best practices....
View ArticleCISA and MS-ISAC Release Ransomware Guide
Original release date: September 30, 2020The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have released a joint...
View ArticleOctober is National Cybersecurity Awareness Month
Original release date: October 1, 2020October is National Cybersecurity Awareness Month (NCSAM), which is a collaborative effort between the Cybersecurity and Infrastructure Security Agency (CISA) and...
View ArticlePotential for China Cyber Response to Heightened U.S.–China Tensions
Original release date: October 1, 2020This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all...
View ArticleMAR-10303705-1.v1 – Remote Access Trojan: SLOTHFULMEDIA
Original release date: October 1, 2020 NotificationThis report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind...
View ArticleCISA and CNMF Identify a New Malware Variant
Original release date: October 1, 2020The Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Defense (DOD) Cyber National Mission Force (CNMF) have identified a malware...
View ArticleDepartment of Treasury Releases Advisory on Potential Sanctions Risks for...
Original release date: October 2, 2020The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has released an [Advisory on Potential Sanctions Risks for Facilitating Ransomware...
View ArticleVulnerability Summary for the Week of September 28, 2020
Original release date: October 5, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have...
View ArticleEmotet Malware
Original release date: October 6, 2020This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all...
View ArticleCISA Releases FY2019 Risk Vulnerability Assessment Infographic
Original release date: October 7, 2020The Cybersecurity and Information Security Agency (CISA) has released an infographic mapping analysis of 44 of its Risk and Vulnerability Assessments (RVAs)...
View ArticleGoogle Releases Security Updates for Chrome
Original release date: October 7, 2020Google has released Chrome version 86.0.4240.75 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control...
View ArticleCisco Releases Security Updates
Original release date: October 8, 2020Cisco has released security updates to address vulnerabilities in Cisco products. An attacker could exploit some of these vulnerabilities to take control of an...
View ArticleQNAP Releases Security Updates for QNAP Helpdesk
Original release date: October 8, 2020QNAP Systems has released security updates to address vulnerabilities in QNAP Helpdesk. An attacker could exploit these vulnerabilities to take control of an...
View Article