Security Bulletin

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: AVEVA Equipment: PI Server Vulnerabilities: Improper Check or Handling of Exceptional Conditions, Missing Release of Resource after Effective...

Oracle released its Critical Patch Update Advisory for January 2024 to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and...

CISA released one Industrial Control Systems (ICS) advisory on January 18, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-018-01 AVEVA PI Server CISA encourages...

Drupal released a security advisory to address a vulnerability affecting multiple Drupal core versions. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review...

Atlassian released a security advisory to address a vulnerability (CVE-2023-22527) in out-of-date versions of Confluence Data Center and Server as well as its January 2024 security bulletin to address vulnerabilities in multiple products. A malicious...

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-35082 Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability These types of...

Citrix released security updates to address vulnerabilities (CVE-2023-6548 and CVE-2023-6549) in NetScaler ADC and NetScaler Gateway. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

As zero days and complex networks create gaps for cyberattacks, software developers and agencies such as CISA look to secure by design for building in defenses.

Data is the most valuable asset for any organization, and protecting it is crucial to maintaining business continuity.

SiliconAngle reports that cybersecurity compliance startup Strike Graph and all-in-one cybersecurity solution provider Judy Security have entered a partnership deal to strengthen the former's compliance and certification program with Judy Security's...