Cybersecurity and Physical Security Convergence Guide
The Cybersecurity and Infrastructure Security Agency (CISA) is pleased to announce the publication of the Cybersecurity and Physical Security Convergence Action Guide, which provides guidance on converging cybersecurity and physical security functions to better position organizations to mitigate cyber-physical threats. Convergence is defined as formal collaboration between previously disjointed security functions, and is anchored by…
Vulnerabilities in PHP
DATE(S) ISSUED: 01/08/2020 SUBJECT: Multiple Vulnerabilities in PHP Could Allow for Arbitrary Code Execution OVERVIEW: Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow for arbitrary code execution. PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms…
Vulnerabilities in Fortinet FortiWeb
DATE(S) ISSUED: 01/06/2021 SUBJECT: Multiple Vulnerabilities in Fortinet FortiWeb Could Allow for Arbitrary Code Execution OVERVIEW: Multiple vulnerabilities have been discovered in the Fortinet FortiWeb, the most severe of which could allow for arbitrary code execution. Fortinet FortiWeb is a firewall for web applications which provides threat protection for medium and large enterprises. Successful exploitation…
Mitigate SolarWinds Orion Code Compromise
DATE: January 6, 2021 Message from CISA: Good evening state, local, tribal, and territorial partners, CISA has released Emergency Directive (ED) 21-01 Supplemental Guidance version 3: Mitigate SolarWinds Orion Code Compromise, providing guidance that supersedes Required Action 4 of ED 21-01 and Supplemental Guidance versions 1 and 2. Federal agencies without evidence of adversary follow-on activity…
MS-ISAC End-of-Support Software Report List
DATE: January 4, 2021 SUBJECT: MS-ISAC End-of-Support Software Report List It is critical to replace software before its End-of-Support (EOS). EOS occurs when the manufacturer discontinues software updates, patches, and other forms of support, resulting in software becoming prone to future vulnerabilities. Using unsupported software and firmware/hardware puts organizations at risk in the following ways:…
Zyxel Firewall and AP Controllers Could Allow for Administrative Access
DATE(S) ISSUED: 01/04/2021 SUBJECT: A vulnerability in Zyxel Firewall and AP Controllers Could Allow for Administrative Access OVERVIEW: A vulnerability has been discovered in Zyxel Firewall and AP Controllers, which could allow for remote administrative access. Zyxel is a manufacturer of networking devices that provides networking equipment globally. Successful exploitation of this vulnerability could allow…
SolarWinds N-Central Could Allow for Remote Code Execution
DATE(S) ISSUED: 12/18/2020 SUBJECT: Multiple Vulnerabilities in SolarWinds N-Central Could Allow for Remote Code Execution OVERVIEW: Multiple Vulnerabilities have been discovered in SolarWinds N-Central. Two of these vulnerabilities, when used in conjunction with each other, could allow for remote code execution. SolarWinds N-Central is a remote monitoring and management automation platform for MSPs and IT…
Treck TCP/IP Stack Could Allow for Arbitrary Code Execution
SUBJECT: Multiple Vulnerabilities in Treck TCP/IP Stack Could Allow for Arbitrary Code Execution OVERVIEW: Multiple vulnerabilities have been discovered in Treck TCP/IP Stack, the most severe of which could result in arbitrary code execution. Treck TCP/IP Stack are networking protocols libraries specifically designed for embedded systems and are widely used. Successful exploitation of the most…
Avoid COVID-19 Vaccine Scams
Some states have been reporting scams related to COVID-19 vaccine Points of Dispensing (POD) and people offering help to expedite the process – for a fee. The government will not send an email, voice mail, or text offering to expedite the process for a fee. If you have any questions about the vaccine process, please…
Beware of “Zoom-Bombing”
FBI Warns of Teleconferencing and Online Classroom Hijacking During COVID-19 Pandemic As large numbers of people turn to video-teleconferencing (VTC) platforms to stay connected in the wake of the COVID-19 crisis, reports of VTC hijacking (also called “Zoom-bombing”) are emerging nationwide. The FBI has received multiple reports of conferences being disrupted by pornographic and/or hate…
Working From Home: Increase Productivity and Efficiency and Reduce Cost
Increase Productivity and Efficiency While Reducing Cost Work From Home / Remote Workers Small Business owners are usually wary about allowing their employees to work from home. How do I know if they are actually working or watching YouTube? The fact of the matter is… if you have that worry you either hired the wrong…
COVID-19 Coronavirus Cyber Scams: Don’t Be a Victim
Avoid COVID-19 Phishing Campaigns Be Vigilant Online Malicious cyber threat actors are capitalizing on the global attention surrounding the novel 2019 Coronavirus (COVID-19) to facilitate scams, distribute malware, and send phishing emails. To date, Anomali researchers have identified 39 different malware families distributed by at least 15 distinct campaigns associated with 11 threat actor groups.…
