Insights

CISA Releases Fourteen Industrial Control Systems Advisories

CISA released fourteen Industrial Control Systems (ICS) advisories on June 15, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.  ICSA-23-166-01 SUBNET PowerSYSTEM Center ICSA-23-166-02 Advantech WebAccessSCADA ICSA-23-166-03 Siemens SICAM Q200 Devices ICSA-23-166-04 Siemens SIMOTION ICSA-23-166-05 Siemens SIMATIC WinCC ICSA-23-166-06 Siemens TIA Portal ICSA-23-166-07 Siemens SIMATIC WinCC V7 ICSA-23-166-08 Siemens SIMATIC STEP 7 and Derived Products ICSA-23-166-09 Siemens Solid Edge ICSA-23-166-10 Siemens SIMATIC S7-1500 TM MFP BIOS ICSA-23-166-11 Siemens…

Read More

Progress Software Releases Security Advisory for MOVEit Transfer Vulnerability

Progress Software has released a security advisory for a privilege escalation vulnerability (CVE-2023-35708) in MOVEit Transfer—a Managed File Transfer Software. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA urges users and organizations to review the MOVEit Transfer advisory, follow the mitigation steps, and apply the necessary updates when available.

Read More

CISA and Partners Release Joint Advisory on Understanding Ransomware Threat Actors: LockBit

Today, CISA, the Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and international partners released Understanding Ransomware Threat Actors: LockBit, a joint Cybersecurity Advisory (CSA) to help organizations understand and defend against threat actors using LockBit, the most globally used and prolific Ransomware-as-a-Service (RaaS) in 2022 and 2023. This guide is a comprehensive resource detailing the observed common vulnerabilities and exposures (CVEs) exploited, as well as the tools, and tactics,…

Read More

CISA and NSA Release Joint Guidance on Hardening Baseboard Management Controllers (BMCs)

Today, CISA, together with the National Security Agency (NSA), released a Cybersecurity Information Sheet (CSI), highlighting threats to Baseboard Management Controller (BMC) implementations and detailing actions organizations can use to harden them.  BMCs are trusted components designed into a computer’s hardware that operate separately from the operating system (OS) and firmware to allow for remote management and control, even when the system is shut down. Hardened credentials, firmware updates, and network segmentation options are often…

Read More

Microsoft Patch Tuesday, June 2023 Edition

Microsoft Corp. today released software updates to fix dozens of security vulnerabilities in its Windows operating systems and other software. This month’s relatively light patch load has another added bonus for system administrators everywhere: It appears to be the first Patch Tuesday since March 2022 that isn’t marred by the active exploitation of a zero-day vulnerability in Microsoft’s products. June’s Patch Tuesday features updates to plug at least 70 security holes, and while none of…

Read More

Fortinet Releases June 2023 Vulnerability Advisories

Fortinet has released its June 2023 Vulnerability Advisories to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Fortinet June 2023 Vulnerability Advisories page for more information and apply the necessary updates.

Read More

CISA Issues BOD 23-02: Mitigating the Risk from Internet-Exposed Management Interfaces

Today, CISA issued Binding Operational Directive (BOD) 23-02: Mitigating the Risk from Internet-Exposed Management Interfaces, requiring Federal Civilian Executive Branch (FCEB) agencies to reduce risks posed by internet-exposed networked management interfaces on federal information systems. This Directive applies to dedicated device interfaces that are accessible over network protocols and are meant exclusively for authorized users to perform administrative activities on a device, a group of devices, or the network itself.  Agencies must be prepared to…

Read More

Fortinet Releases Security Updates for FortiOS and FortiProxy

Fortinet has released security updates to address a heap-based buffer overflow vulnerability CVE-2023-27997 in FortiOS and FortiProxy. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Fortinet security advisory FG-IR-23-097 and apply the necessary updates. For more information, see Fortinet’s Analysis of CVE-2023-27997 and Clarifications on Volt Typhoon Campaign.

Read More

Barracuda Urges Replacing — Not Patching — Its Email Security Gateways

It’s not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware — as opposed to just applying software updates. But experts say that is exactly what transpired this week with Barracuda Networks, as the company struggled to combat a sprawling malware threat which appears to have undermined its email security appliances in such a fundamental way that they can no…

Read More

VMware Releases Security Update for Aria Operations for Networks

VMware has released a security update to address multiple vulnerabilities in Aria Operations for Networks (Formerly vRealize Network Insight). The vulnerabilities were evaluated to fall within the critical severity range, as a malicious actor with network access may be able to perform a command injection attack resulting in remote code execution. Patches have been made available to remediate the vulnerabilities found in VMWare products.    CISA encourages users and administrators to review VMware Security Advisory VMSA-2023-0012 and…

Read More