CISA released one Industrial Control Systems (ICS) advisory on March 21, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-081-01 Advantech WebAccess/SCADA CISA encourages users and administrators to review the newly released ICS advisory for technical details and…
Today, CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released an updated joint guide, Understanding and Responding to Distributed Denial-Of-Service Attacks, to address the specific needs and challenges faced by organizations in defending against DDoS attacks. The…
Today, CISA, the National Security Agency (NSA), Federal Bureau of Investigation (FBI), and other U.S. and international partners are issuing a joint fact sheet, People’s Republic of China State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders. Partners of this publication include: U.S. Department of Energy…
Software producers who partner with the federal government can now upload their Secure Software Development Attestation Forms to CISA’s Repository for Software Attestation and Artifacts. Software producers that provide the government software can fill out the form to attest to implementation of specific security practices….
Cisco released security updates to address vulnerabilities in Cisco IOS XR software. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the following advisories and apply the necessary updates: Cisco…
CISA released fifteen Industrial Control Systems (ICS) advisories on March 14, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-074-01 Siemens SENTRON 7KM PAC3x20 ICSA-24-074-02 Siemens Solid Edge ICSA-24-074-03 Siemens SINEMA Remote Connect Server ICSA-24-074-04 Siemens SINEMA Remote…
Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply the necessary updates: Microsoft Security…
Today, CISA and the National Security Agency (NSA) released five joint Cybersecurity Information Sheets (CSIs) to provide organizations with recommended best practices and/or mitigations to improve the security of their cloud environment(s). Use Secure Cloud Identity and Access Management Practices Use Secure Cloud Key Management…
