Category: Good news

MS-ISAC ADVISORY NUMBER: 2024-011 DATE(S) ISSUED: 01/23/2024 OVERVIEW: Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an…

Cisco has released security advisories for vulnerabilities in the Cisco integrated management controller. A remote cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.  Users and administrators are encouraged to review the following advisories and apply the necessary updates:  Cisco Integrated Management Controller CLI Command Injection Vulnerability Cisco…

Today, CISA, the Federal Bureau of Investigation (FBI), Europol’s European Cybercrime Centre (EC3), and the Netherlands’ National Cyber Security Centre (NCSC-NL) released a joint Cybersecurity Advisory (CSA), #StopRansomware: Akira Ransomware, to disseminate known Akira ransomware tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) identified through FBI investigations as recently as February 2024. Evolving…

SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to…

CISA released three Industrial Control Systems (ICS) advisories on April 18, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations. Source link wse3 wse3 wse3 wse3 wse3 wse3 wse3 wse3 wse3 wse3…

Oracle released its quarterly Critical Patch Update Advisory for April 2024 to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.  Users and administrators are encouraged to review the following Critical Patch Update Advisory and apply the necessary updates:   Source link…

Apply appropriate patches or appropriate mitigations provided by Oracle to vulnerable systems immediately after appropriate testing. (M1051: Update Software)o Safeguard 7.1: Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard.o…

MS-ISAC ADVISORY NUMBER: 2024-041 DATE(S) ISSUED: 04/17/2024 OVERVIEW: Multiple vulnerabilities have been discovered in Ivanti Avalanche, the most severe of which could allow for remote code execution. Ivanti Avalanche is a mobile device management system. Network security features allow one to manage wireless settings (including encryption and authentication), and apply those settings on a schedule…

MS-ISAC ADVISORY NUMBER: 2024-040 DATE(S) ISSUED: 04/17/2024 OVERVIEW: Multiple vulnerabilities have been discovered in Google Chrome, which could allow for remote code execution. Successful exploitation of these vulnerabilities could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install…

Apply appropriate updates provided by Mozilla to vulnerable systems immediately after appropriate testing. (M1051: Update Software) Safeguard 7.1: Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard.o Safeguard 7.4: Perform…