CISA Current Activity
Google Releases Security Updates for Chrome
Wed, 20 Oct 2021 14:55:15 +0000
Original release date: October 20, 2021

Google has released Chrome version 95.0.4638.54  for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update as soon as possible.

This product is provided subject to this Notification and this Privacy & Use policy.

Oracle Releases October 2021 Critical Patch Update
Tue, 19 Oct 2021 19:59:02 +0000
Original release date: October 19, 2021

Oracle has released its Critical Patch Update for October 2021 to address 419 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. 

CISA encourages users and administrators to review the Oracle October 2021 Critical Patch Update and apply the necessary updates. 

This product is provided subject to this Notification and this Privacy & Use policy.

CISA, FBI, and NSA Release Joint Cybersecurity Advisory on BlackMatter Ransomware
Tue, 19 Oct 2021 02:00:00 +0000
Original release date: October 18, 2021

CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released joint Cybersecurity Advisory (CSA): BlackMatter Ransomware.

Since July 2021, malicious cyber actors have used BlackMatter ransomware to target multiple U.S. critical infrastructure entities, including a U.S. Food and Agriculture Sector organization. Using an analyzed sample of BlackMatter ransomware and information from trusted third parties, this CSA provides cyber actor tactics, techniques, and procedures and outlines mitigations to improve ransomware protection, detection, and response.

To reduce the risk of BlackMatter ransomware, CISA, FBI, and NSA encourage organizations to implement the recommended mitigations in the joint CSA and visit StopRansomware.gov for more information on protecting against and responding to ransomware attacks.
 

This product is provided subject to this Notification and this Privacy & Use policy.

Apache Releases Security Advisory for Tomcat  
Fri, 15 Oct 2021 15:11:01 +0000
Original release date: October 15, 2021

The Apache Software Foundation has released a security advisory to address a vulnerability in multiple versions of Tomcat. An attacker could exploit this vulnerability to cause a denial of service condition.

CISA encourages users and administrators to review Apache’s security advisory for CVE-2021-42340 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Ongoing Cyber Threats to U.S. Water and Wastewater Systems Sector Facilities
Thu, 14 Oct 2021 18:57:00 +0000
Original release date: October 14, 2021

CISA, the Federal Bureau of Investigation (FBI), the Environmental Protection Agency (EPA), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA) that details ongoing cyber threats to U.S. Water and Wastewater Systems (WWS) Sector. This activity—which includes cyber intrusions leading to ransomware attacks—threatens the ability of WWS facilities to provide clean, potable water to, and effectively manage the wastewater of, their communities. The joint CSA provides extensive mitigations and resources to assist WWS Sector facilities in strengthening operational resilience and cybersecurity practices.

CISA has also released a Cyber Risks & Resources for the Water and Wastewater Systems Sector infographic that details both information technology and operational technology risks the WWS Sector faces and provides select resources.

This product is provided subject to this Notification and this Privacy & Use policy.

Juniper Networks Releases Security Updates for Multiple Products
Thu, 14 Oct 2021 15:53:32 +0000
Original release date: October 14, 2021

Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.
 
CISA encourages users and administrators to review the Juniper Networks security advisories page and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Microsoft Releases October 2021 Security Updates
Tue, 12 Oct 2021 21:11:31 +0000
Original release date: October 12, 2021

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review Microsoft’s October 2021 Security Update Summary and Deployment Information and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Adobe Releases Security Updates for Multiple Products
Tue, 12 Oct 2021 19:37:36 +0000
Original release date: October 12, 2021

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.

Apple Releases Security Update to Address CVE-2021-30883
Tue, 12 Oct 2021 16:56:22 +0000
Original release date: October 12, 2021

Apple has released a security update to address a vulnerability—CVE-2021-30883—in multiple products. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability has been detected in exploits in the wild.

CISA encourages users to review the Apple security page for iOS 15.0.2 and iPadOS 15.0.2 and apply the necessary updates as soon as possible.

This product is provided subject to this Notification and this Privacy & Use policy.

Google Releases Security Updates for Chrome
Tue, 12 Oct 2021 11:12:54 +0000
Original release date: October 12, 2021

Google has updated the Stable channel to 94.0.4606.81 for Windows, Mac and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.
 
CISA encourages users and administrators to review the Chrome Release and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Feed Fetched by RSS Dog.