Malware

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-37450 Apple Multiple Products WebKit Code Execution Vulnerability CVE-2022-29303 SolarView Compact Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view other newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column—which will sort by descending…

Read More

Cisco has released a security update to address a critical vulnerability affecting SD-WAN vManage API. A remote attacker can exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Cisco security release Cisco SD-WAN vManage Unauthenticated REST API Access Vulnerability and apply the necessary updates.

Read More

Juniper has released updates to address multiple vulnerabilities in Juno OS. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Juniper’s Support Portal and apply the necessary updates.

Read More

The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA), Enhanced Monitoring to Detect APT Activity Targeting Outlook Online, to provide guidance to agencies and critical infrastructure organizations on enhancing monitoring in Microsoft Exchange Online environments.  In June 2023, a Federal Civilian Executive Branch (FCEB) agency observed unexpected events in Microsoft 365 (M365) audit logs. After reporting the incident to Microsoft, network defenders deemed the…

Read More

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s July 2023 Security Update Guide and Deployment Information and apply the necessary updates.

Read More

Adobe has released security updates to address vulnerabilities affecting ColdFusion and InDesign. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Adobe security releases APSB23-38 and APSB23-40 and apply the necessary updates.

Read More

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-32046 Microsoft Windows MSHTML Platform Privilege Escalation Vulnerability CVE-2023-32049 Microsoft Windows Defender SmartScreen Security Feature Bypass Vulnerability CVE-2023-35311 Microsoft Outlook Security Feature Bypass Vulnerability CVE-2023-36874 Microsoft Windows Error Reporting Service Privilege Escalation Vulnerability CVE-2022-31199 Netwrix Auditor Insecure Object Deserialization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To…

Read More

Fortinet has released a security update to address a critical vulnerability (CVE-2023-33308) affecting FortiOS and FortiProxy. A remote attacker can exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Fortinet security release FG-IR-23-183 and apply the necessary updates.

Read More

Mozilla has released a security update to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Mozilla Security Advisory MFSA 2023-26 and apply the necessary update.

Read More

Progress Software has released a Service Pack to address three newly disclosed vulnerabilities (CVE-2023-36934, CVE-2023-36932, CVE-2023-36933) in MOVEit Transfer. A cyber threat actor could exploit some of these vulnerabilities to obtain sensitive information.  CISA encourages users to review Progress Software’s MOVEit Transfer article and apply product updates as applicable for security improvements.

Read More