The Cybersecurity and Infrastructure Security Agency (CISA) is pleased to announce the publication of the Cybersecurity and Physical Security Convergence Action Guide, which provides guidance on converging cybersecurity and physical […]
Technology Alerts
Vulnerabilities in PHP
DATE(S) ISSUED: 01/08/2020 SUBJECT: Multiple Vulnerabilities in PHP Could Allow for Arbitrary Code Execution OVERVIEW: Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow for […]
Vulnerabilities in Fortinet FortiWeb
DATE(S) ISSUED: 01/06/2021 SUBJECT: Multiple Vulnerabilities in Fortinet FortiWeb Could Allow for Arbitrary Code Execution OVERVIEW: Multiple vulnerabilities have been discovered in the Fortinet FortiWeb, the most severe of which […]
Mitigate SolarWinds Orion Code Compromise
DATE: January 6, 2021 Message from CISA: Good evening state, local, tribal, and territorial partners, CISA has released Emergency Directive (ED) 21-01 Supplemental Guidance version 3: Mitigate SolarWinds Orion Code Compromise, […]
MS-ISAC End-of-Support Software Report List
DATE: January 4, 2021 SUBJECT: MS-ISAC End-of-Support Software Report List It is critical to replace software before its End-of-Support (EOS). EOS occurs when the manufacturer discontinues software updates, patches, and […]
Zyxel Firewall and AP Controllers Could Allow for Administrative Access
DATE(S) ISSUED: 01/04/2021 SUBJECT: A vulnerability in Zyxel Firewall and AP Controllers Could Allow for Administrative Access OVERVIEW: A vulnerability has been discovered in Zyxel Firewall and AP Controllers, which […]
SolarWinds N-Central Could Allow for Remote Code Execution
DATE(S) ISSUED: 12/18/2020 SUBJECT: Multiple Vulnerabilities in SolarWinds N-Central Could Allow for Remote Code Execution OVERVIEW: Multiple Vulnerabilities have been discovered in SolarWinds N-Central. Two of these vulnerabilities, when used […]
Treck TCP/IP Stack Could Allow for Arbitrary Code Execution
SUBJECT: Multiple Vulnerabilities in Treck TCP/IP Stack Could Allow for Arbitrary Code Execution OVERVIEW: Multiple vulnerabilities have been discovered in Treck TCP/IP Stack, the most severe of which could result […]
Avoid COVID-19 Vaccine Scams
Some states have been reporting scams related to COVID-19 vaccine Points of Dispensing (POD) and people offering help to expedite the process – for a fee. The government will not […]
Beware of “Zoom-Bombing”
FBI Warns of Teleconferencing and Online Classroom Hijacking During COVID-19 Pandemic As large numbers of people turn to video-teleconferencing (VTC) platforms to stay connected in the wake of the COVID-19 […]