Security Bulletin

Members of Cisco's Connected Black Professionals Inclusive Community share how their passions are supported and how they can show up as their true selves daily.

CISA released one Industrial Control Systems (ICS) advisory on March 12, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-072-01 Schneider Electric EcoStruxure...

CISA has published Secure Cloud Business Applications (SCuBA) Hybrid Identity Solutions Guidance (HISG) to help users better understand identity management capabilities and securely integrate their traditional on-premises enterprise networks with...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low Attack Complexity Vendor: Schneider Electric Equipment: EcoStruxure Power Design Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this...

Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the...

Adobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the...

Fortinet released security updates to address vulnerabilities in multiple Fortinet products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review...

Aside from calling for immediate action from UnitedHealth, both Department of Health and Human Services Secretary Xavier Becerra and Labor Department Acting Secretary Julie Su also sought cooperation among insurance firms through the provision of...

Despite the elevated number of potentially vulnerable Fortinet instances, most of which were in the U.S. and India.

Attackers leveraging the 'no-reply@dropbox[.]com' domain sent emails with a Dropbox-hosted PDF to employees using the Darktrace SaaS environment.

Attackers leveraged phishing emails using contract-themed DocuSign lures that included PDF attachments.

Included in the affected entities were some of the country's ministerial services, according to a statement from the French Prime Minister's Office.