InfoSec News & Tutorials
Top CVEs Actively Exploited by People’s Republic of China State-Sponsored Cyber Actors CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released a joint Cybersecurity…
FBI and CISA Publish a PSA on Malicious Cyber Activity Against Election Infrastructure The Federal Bureau of Investigation (FBI) and CISA have published a joint public service announcement that: Assesses malicious cyber activity…
Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released a…
CISA Issues Binding Operational Directive 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks CISA has issued Binding Operational Directive (BOD) 23-01: Improving Asset Visibility and Vulnerability Detection on…
Hurricane-Related Scams CISA warns users to remain on alert for malicious cyber activity targeting potential disaster victims and charitable donors following a hurricane. Fraudulent emails—often containing malicious links or attachments—are…
Microsoft Releases Guidance on Zero-Day Vulnerabilities in Microsoft Exchange Server Microsoft has released Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server. According to the blog post, “Microsoft is…
VMWare Releases Guidance for VirtualPITA, VirtualPIE, and VirtualGATE Malware Targeting vSphere VMWare has released Protecting vSphere From Specialized Malware, addressing malware artifacts known as VirtualPITA (ESXi & Linux), VirtualPIE (ESXi),…
CISA Publishes User Guide to Prepare for Nov. 1 Move to TLP 2.0 CISA has published its Traffic Light Protocol 2.0 User Guide and Traffic Light Protocol: Moving to Version…
CISA Releases Six Industrial Control Systems Advisories CISA has released six (6) Industrial Control Systems (ICS) advisories on September 29, 2022. These advisories provide timely information about current security issues,…
CISA Has Added One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to it's Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities…
CISA Releases Three Industrial Control Systems Advisories CISA has released three Industrial Control Systems (ICS) advisories on September 22, 2022. These advisories provide timely information about current security issues, vulnerabilities,…
CISA and NSA Publish Joint Cybersecurity Advisory on Control System Defense CISA and the National Security Agency (NSA) have published a joint cybersecurity advisory about control system defense for operational…
ISC Releases Security Advisories for Multiple Versions of BIND 9 The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of the ISC’s Berkeley Internet…
Microsoft Releases Out-of-Band Security Update for Microsoft Endpoint Configuration Manager Microsoft has released a security update to address a vulnerability in Microsoft Endpoint Configuration Manager, versions 2103-2207. An attacker could…
Iranian State Actors Conduct Cyber Operations Against the Government of Albania CISA and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA), Iranian State Actors Conduct…
CISA Releases Eight industrial Control Systems Advisories CISA has released eight (8) Industrial Control Systems (ICS) advisories on September 20, 2022. These advisories provide timely information about current security issues,…
CISA Adds Six Known Exploited Vulnerabilities to Catalog CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are…
CISA and NSA Publish Open Radio Access Network Security Considerations CISA and the National Security Agency (NSA) have published Open Radio Access Network Security Considerations. This product—generated by the Enduring…
CISA Releases Eleven Industrial Control Systems Advisories CISA has released eleven (11) Industrial Control Systems (ICS) advisories on September 15, 2022. These advisories provide timely information about current security issues,…
Iranian Islamic Revolutionary Guard Corps Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations CISA, Federal Bureau of Investigation (FBI), National Security Agency (NSA), U.S.…
Microsoft Releases September 2022 Security Updates Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an…
CISA Adds Twelve Known Exploited Vulnerabilities to Catalog CISA has added twelve new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are…
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on September 08, 2022. These advisories provide timely information about current security issues, vulnerabilities, and…
#StopRansomware: Vice Society CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have released a joint Cybersecurity Advisory (CSA), #StopRansomware: Vice Society, to…