Category: Good news
CISA, FBI, and MS-ISAC Release Update to Joint Guidance on Distributed Denial-of-Service Techniques | CISA
- by nlqip
Today, CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released an updated joint guide, Understanding and Responding to Distributed Denial-Of-Service Attacks, to address the specific needs and challenges faced by organizations in defending against DDoS attacks. The guidance now includes detailed insight into three different types of…
Read MoreApply appropriate updates provided by Mozilla to vulnerable systems immediately after appropriate testing. (M1051: Update Software)o Safeguard 7.1: Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard.o Safeguard 7.4: Perform…
Read MoreCISA and Partners Release Joint Fact Sheet for Leaders on PRC-sponsored Volt Typhoon Cyber Activity | CISA
- by nlqip
Today, CISA, the National Security Agency (NSA), Federal Bureau of Investigation (FBI), and other U.S. and international partners are issuing a joint fact sheet, People’s Republic of China State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders. Partners of this publication include: U.S. Department of Energy (DOE) U.S. Environmental Protection Agency (EPA) U.S. Transportation Security Administration…
Read MoreCISA released one Industrial Control Systems (ICS) advisory on March 19, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations. Source link ddde
Read MoreApply appropriate updates provided by Fortinet to vulnerable systems immediately after appropriate testing. (M1051: Update Software) Safeguard 7.1: Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard. Safeguard 7.2: Establish…
Read Moreaio-libs — aiosmtpd aiosmtpd is a reimplementation of the Python stdlib smtpd.py based on asyncio. aiosmtpd is vulnerable to inbound SMTP smuggling. SMTP smuggling is a novel vulnerability based on not so novel interpretation differences of the SMTP protocol. By exploiting SMTP smuggling, an attacker may send smuggle/spoof e-mails with fake sender addresses, allowing advanced…
Read MoreSoftware producers who partner with the federal government can now upload their Secure Software Development Attestation Forms to CISA’s Repository for Software Attestation and Artifacts. Software producers that provide the government software can fill out the form to attest to implementation of specific security practices. CISA and the Office of Management and Budget (OMB) released…
Read MoreCisco released security updates to address vulnerabilities in Cisco IOS XR software. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the following advisories and apply the necessary updates: Cisco IOS XR Software for ASR 9000 Series Aggregation Services Routers…
Read MoreCISA released fifteen Industrial Control Systems (ICS) advisories on March 14, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-074-01 Siemens SENTRON 7KM PAC3x20 ICSA-24-074-02 Siemens Solid Edge ICSA-24-074-03 Siemens SINEMA Remote Connect Server ICSA-24-074-04 Siemens SINEMA Remote Connect Client ICSA-24-074-05 Siemens RUGGEDCOM APE1808 ICSA-24-074-06 Siemens SENTRON ICSA-24-074-07…
Read MoreApply the stable channel update provided by Adobe to vulnerable systems immediately after appropriate testing. (M1051: Update Software)o Safeguard 7.1 : Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard.o…
Read MoreRecent Posts
- Exploit code released for critical Ivanti RCE flaw, patch now
- Amazon CEO: New Return-To-Office Policy Will ‘Require Some Adjustments’
- Microsoft rolls out Office LTSC 2024 for Windows and Mac
- New Microsoft Copilot Update Wave Focuses On Page, App Integration, Agents
- Here’s How Four MSPs Are Helping Clients Navigate AI