Insights

Citrix has released security updates to address vulnerabilities (CVE-2023-3519, CVE-2023-3466, and CVE-2023-3467) affecting NetScaler ADC and NetScaler Gateway. An attacker can exploit one of these vulnerabilities to take control of an affected system. According to Citrix, CVE-2023-3519 is being exploited on unmitigated appliances. CISA encourages users and administrators to review the Citrix security bulletin and apply the necessary updates.

Read More

Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for July 2023 to address vulnerabilities affecting multiple products. A remote attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Oracle’s July 2023 Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin and apply the necessary updates.

Read More

Adobe has released security updates to address a critical vulnerability (CVE-2023-38203) affecting ColdFusion. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Adobe security release APSB23-41 and apply the necessary updates.

Read More

CISA has developed and published a factsheet, Free Tools for Cloud Environments, to help businesses transitioning into a cloud environment identify proper tools and techniques necessary for the protection of critical assets and data security. Free Tools for Cloud Environments provides network defenders and incident response/analysts open-source tools, methods, and guidance for identifying, mitigating, and detecting cyber threats, known vulnerabilities, and anomalies while operating a cloud or hybrid environment.  Cloud service platforms and cloud service…

Read More

Today, the National Security Agency (NSA) and CISA published 5G Network Slicing: Security Considerations for Design, Deployment, and Maintenance. This guidance—created by the Enduring Security Framework (ESF), a public-private cross-sector working group led by the NSA and CISA—presents recommendations to address some identified threats to 5G standalone network slicing, and provides industry recognized practices for the design, deployment, operation, and maintenance of a hardened 5G standalone network slice(s). This guidance builds upon the 2022 ESF…

Read More

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-37450 Apple Multiple Products WebKit Code Execution Vulnerability CVE-2022-29303 SolarView Compact Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view other newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column—which will sort by descending…

Read More

Cisco has released a security update to address a critical vulnerability affecting SD-WAN vManage API. A remote attacker can exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Cisco security release Cisco SD-WAN vManage Unauthenticated REST API Access Vulnerability and apply the necessary updates.

Read More

Juniper has released updates to address multiple vulnerabilities in Juno OS. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Juniper’s Support Portal and apply the necessary updates.

Read More

The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA), Enhanced Monitoring to Detect APT Activity Targeting Outlook Online, to provide guidance to agencies and critical infrastructure organizations on enhancing monitoring in Microsoft Exchange Online environments.  In June 2023, a Federal Civilian Executive Branch (FCEB) agency observed unexpected events in Microsoft 365 (M365) audit logs. After reporting the incident to Microsoft, network defenders deemed the…

Read More