CIS Security Advisories
CIS Security News
CISA News
ISACA SmartBrief
Cyber Security Advisories – MS-ISAC
- Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution 2025-07-30Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install […]
- A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution 2025-07-30A Vulnerability has been discovered in Google Chrome which could allow for arbitrary code execution. Successful exploitation of the the vulnerability could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or […]
- Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 2025-07-23Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe After Effects – Used for creating motion graphics, visual effects, and compositing in film, television, and online content.Adobe Substance 3D Viewer – A 3D visualization and editing tool for opening, adjusting, and rendering 3D models.Adobe Audition – Professional […]
- Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 2025-07-23Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; […]
- Multiple Vulnerabilities in Microsoft SharePoint Server Could Allow for Remote Code Execution 2025-07-22Multiple Vulnerabilities have been discovered in Microsoft SharePoint Server, which could allow for remote code execution. Microsoft SharePoint Server is a web-based collaborative platform that integrates with Microsoft Office. Successful exploitation of these vulnerabilities allows for unauthenticated access to systems and enables malicious actors to fully access SharePoint content, including file systems and internal configurations, […]
- Multiple Vulnerabilities in Mozilla Thunderbird Could Allow for Arbitrary Code Execution 2025-07-09Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the most severe of which could allow for arbitrary code execution. Mozilla Thunderbird is an email client. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the user an attacker could then install programs; view, […]
- A Vulnerability in FortiWeb Could Allow for SQL Injection 2025-07-08A vulnerability has been discovered FortiWeb, which could allow for SQL injection. FortiWeb is a web application firewall (WAF) developed by Fortinet. It's designed to protect web applications and APIs from a wide range of attacks, including those targeting known vulnerabilities and zero-day exploits. Successful exploitation of this vulnerability could allow for SQL injection attacks that […]
- Critical Patches Issued for Microsoft Products, July 8, 2025 2025-07-08Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users […]
- A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution 2025-07-03A Vulnerability has been discovered in Google Chrome which could allow for arbitrary code execution. Successful exploitation of the the vulnerability could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or […]
- Multiple Vulnerabilities in Citrix Products Could Allow For Disclosure Of Sensitive Data 2025-06-27Multiple vulnerabilities have been discovered in Citrix products, the most severe of which could allow disclosure of sensitive data. Citrix ADC performs application-specific traffic analysis to intelligently distribute, optimize, and secure Layer 4 - Layer 7 network traffic for web applications. Successful exploitation of the most severe of these vulnerabilities could allow for memory overread, […]
Blog Feed – Center for Internet Security
- Automating the CIS Controls with OSCAL 2025-07-24Automation for Controls: Meet OSCAL, the Open Security Controls Assessment Language OSCAL, also known as the Open Security Controls Assessment.
- Top 10 Malware Q2 2025 2025-07-18Total malware notifications from MS-ISAC monitoring services decreased 18% from Q1 2025 to Q2 2025. Read our Top 10 Malware Q2 2025 for more.
- CIS Benchmarks July 2025 Update 2025-07-08Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for July 2025.
- What Makes CIS Hardened Images Secure Enough for the U.S. IC 2025-06-30How do U.S. IC organizations strengthen their cloud security in a way that meets their needs? See how the CIS Hardened Images® can help.
- Lay a Cybersecurity Foundation and Master CIS Controls IG1 2025-06-13Today’s digital threats don’t discriminate by size or sector. Building a solid cybersecurity foundation is no longer optional—it’s essential.
- CIS Benchmarks June 2025 Update 2025-06-11Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for June 2025.
- How Threat Modeling, Actor Attribution Grow Cyber Defenses 2025-05-15Want to enhance your threat modeling? By combining it with threat actor attribution, you can improve your cyber defenses. Read on to learn more.
- CIS Benchmarks May 2025 Update 2025-05-05Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for May 2025.
- Top 10 Malware Q1 2025 2025-04-23In Q1 2025, the Top 10 Malware observed via the MS-ISAC® changed slightly from the previous quarter. Read our blog post to learn more.
- Hacktivist Group DieNet Claims DDoS Attacks against U.S. CNI 2025-04-16DieNet is a hacktivist group that's claimed DDoS attacks against U.S. critical infrastructure. Read on to learn its ideology and attack activity.
All CISA Advisories
- CISA and USCG Identify Areas for Cyber Hygiene Improvement After Conducting Proactive Threat Hunt at US Critical Infrastructure Organization 2025-07-31Summary The Cybersecurity and Infrastructure Security Agency (CISA) and U.S. Coast Guard (USCG) are issuing this Cybersecurity Advisory to present findings from a recent CISA and USCG hunt engagement. The purpose of this advisory is to highlight identified cybersecurity issues, thereby informing security defenders in other organizations of potential similar issues and encouraging them to […]CISA
- Thorium Platform Public Availability 2025-07-31Today, CISA, in partnership with Sandia National Laboratories, announced the public availability of Thorium, a scalable and distributed platform for automated file analysis and result aggregation. Thorium enhances cybersecurity teams' capabilities by automating analysis workflows through seamless integration of commercial, open-source, and custom tools. It supports various mission functions, including software analysis, digital forensics, and […]CISA
- Rockwell Automation Lifecycle Services with VMware 2025-07-31View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.4 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: Lifecycle Services with VMware Vulnerabilities: Out-of-bounds Write, Use of Uninitialized Resource 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to code execution on the host or leakage of memory from processes communicating with vSockets. 3. TECHNICAL DETAILS […]CISA
- CISA Releases Two Industrial Control Systems Advisories 2025-07-31CISA released two Industrial Control Systems (ICS) advisories on July 31, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-212-01 Güralp FMUS Series Seismic Monitoring Devices ICSA-25-212-02 Rockwell Automation Lifecycle Services with VMware CISA encourages users and administrators to review newly released ICS advisories for technical details and […]CISA
- CISA and USCG Issue Joint Advisory to Strengthen Cyber Hygiene in Critical Infrastructure 2025-07-31CISA, in partnership with the U.S. Coast Guard (USCG), released a joint Cybersecurity Advisory aimed at helping critical infrastructure organizations improve their cyber hygiene. This follows a proactive threat hunt engagement conducted at a U.S. critical infrastructure facility. During this engagement, CISA and USCG did not find evidence of malicious cyber activity or actor presence […]CISA
- Güralp Systems Güralp FMUS series 2025-07-31View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Güralp Systems Equipment: Güralp FMUS Series Seismic Monitoring Devices Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device. 3. TECHNICAL DETAILS […]CISA
- Eviction Strategies Tool Released 2025-07-30Today, CISA released the Eviction Strategies Tool to provide cyber defenders with critical support and assistance during the containment and eviction phases of incident response. This tool includes: Cyber Eviction Strategies Playbook Next Generation (Playbook-NG): A web-based application for next-generation operations. COUN7ER: A database of atomic post-compromise countermeasures users can execute based on adversary tactics, […]CISA
- CISA Releases Part One of Zero Trust Microsegmentation Guidance 2025-07-29CISA released Microsegmentation in Zero Trust, Part One: Introduction and Planning as part of its ongoing efforts to support Federal Civilian Executive Branch (FCEB) agencies implementing zero trust architectures (ZTAs). This guidance provides a high-level overview of microsegmentation, focusing on its key concepts, associated challenges and potential benefits, and includes recommended actions to modernize network […]CISA
- CISA and Partners Release Updated Advisory on Scattered Spider Group 2025-07-29CISA, along with the Federal Bureau of Investigation, Canadian Centre for Cyber Security, Royal Canadian Mounted Police, the Australian Cyber Security Centre’s Australian Signals Directorate, and the Australian Federal Police and National Cyber Security Centre, released an updated joint Cybersecurity Advisory on Scattered Spider—a cybercriminal group targeting commercial facilities sectors and subsectors. This advisory provides […]CISA
- CISA Releases Five Industrial Control Systems Advisories 2025-07-29CISA released five Industrial Control Systems (ICS) advisories on July 29, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-210-01 National Instruments LabVIEW ICSA-25-210-02 Samsung HVAC DMS ICSA-25-210-03 Delta Electronics DTN Soft ICSA-24-158-04 Johnson Controls Software House iStar Pro Door Controller (Update A) ICSA-24-338-06 Fuji Electric Tellus Lite […]CISA
ISACA SmartBrief on Cybersecurity
- Truth is like the sun. You can shut it out for a time, but it ain't goin' away. 2025-08-04Elvis Presley, singer, actor Thanks to a reader who requested today's SmartQuote.
- Threat Modeling: A Proactive Security Approach 2025-08-04The ever-changing security landscape requires a more proactive approach to securing data. -More-
- Pi-hole blames WordPress plug-in flaw for data breach 2025-08-04Pi-hole has disclosed a data breach that exposed the names and emails of nearly 30,000 donors via a vulnerability in the Give -More-
- Summertime cyberthreats rise as businesses relax 2025-08-04Cyberattacks surge during summer as cybercriminals exploit relaxed vigilance, increased remote work and understaffed IT teams -More-
- Malicious browser extensions can exfiltrate sensitive data 2025-08-04Browser security company LayerX has revealed an attack method called Man-in-the-Prompt that leverages browser extensions to c -More-
- Android Trojan "DoubleTrouble" distributed via Discord 2025-08-04An Android banking Trojan known as "DoubleTrouble" has expanded its delivery methods beyond phishing websites. -More-
- "Shade BIOS" malware runs independently of OS 2025-08-04Researchers at FFRI Security have developed a malware technique called "Shade BIOS" that operates entirely within a computer' -More-
- Thorium tool unifies cybersecurity analysis 2025-08-04The Cybersecurity and Infrastructure Security Agency has partnered with Sandia National Laboratories to release Thorium, an o -More-




