CIS Security Advisories
CIS Security News
CISA News
ISACA SmartBrief
Cyber Security Advisories – MS-ISAC
- Multiple Vulnerabilities in HPE StoreOnce Software Could Allow for Remote Code Execution 2025-06-04Multiple Vulnerabilities have been discovered in HPE StoreOnce Software, which when chained together could allow for remote code execution, potentially leading to session hijacking and full system compromise. HPE StoreOnce is a data protection platform from Hewlett Packard Enterprise that uses deduplication to reduce backup storage requirements and improve backup and recovery speeds. Successful exploitation […]
- Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 2025-06-03Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the internet. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the privileges associated with the […]
- A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution 2025-05-15A vulnerability has been discovered in Google Chrome which could allow for arbitrary code execution. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create […]
- Multiple Vulnerabilities in Ivanti Endpoint Manager Mobile Could Allow for Remote Code Execution 2025-05-15Multiple vulnerabilities have been discovered in Ivanti Endpoint Manager Mobile, the most severe of which could allow for remote code execution. Ivanti Endpoint Manager Mobile (EPMM) is a unified endpoint management solution that enables organizations to securely manage and monitor mobile devices, applications, and content across multiple platforms from a centralized interface. Successful exploitation of […]
- Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 2025-05-14Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install […]
- Multiple Vulnerabilities in Fortinet Products Could Allow for Arbitrary Code Execution 2025-05-13Multiple vulnerabilities have been discovered in Fortinet Products, the most severe of which could allow for arbitrary code execution. The products affected by vulnerabilities in this round of monthly Fortinet patches is: FortiADC is an application delivery controller (ADC) from Fortinet that enhances application availability, performance, and security. It offers features like load balancing, SSL/TLS offloading, […]
- Critical Patches Issued for Microsoft Products, May 13, 2025 2025-05-13Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users […]
- Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution 2025-05-12Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution with no additional execution privileges needed. Android is an operating system developed by Google for mobile devices, such as smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for […]
- Multiple Vulnerabilities in SonicWall Secure Mobile Access (SMA) 100 Series Management Interface Could Allow for Remote Code Execution 2025-05-05Multiple vulnerabilities have been discovered in SonicWall Secure Mobile Access (SMA) 100 Management Interface, which could allow for remote code execution. SonicWall Secure Mobile Access (SMA) is a unified secure access gateway used by organizations to provide employees access to applications from anywhere. Successful exploitation of these vulnerabilities when chained together could allow for remote code […]
- Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution 2025-04-29Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution.Mozilla Firefox is a web browser used to access the Internet.Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations.Mozilla Thunderbird is an email client.Mozilla Thunderbird ESR is a version […]
Blog Feed – Center for Internet Security
- How Threat Modeling, Actor Attribution Grow Cyber Defenses 2025-05-15Want to enhance your threat modeling? By combining it with threat actor attribution, you can improve your cyber defenses. Read on to learn more.
- CIS Benchmarks May 2025 Update 2025-05-05Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for May 2025.
- Top 10 Malware Q1 2025 2025-04-23In Q1 2025, the Top 10 Malware observed via the MS-ISAC® changed slightly from the previous quarter. Read our blog post to learn more.
- Hacktivist Group DieNet Claims DDoS Attacks against U.S. CNI 2025-04-16DieNet is a hacktivist group that's claimed DDoS attacks against U.S. critical infrastructure. Read on to learn its ideology and attack activity.
- CIS Benchmarks April 2025 Update 2025-04-08Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for April 2025.
- FFIEC CAT Sunset: What You Need to Know 2025-04-07How are you preparing for the sunset of the FFIEC CAT? Read on to learn how another framework can guide you through this change.
- DeepSeek: A New Player in the Global AI Race 2025-03-24CIS analysts break down the rise of DeepSeek, a GenAI model that collects data and introduces security risks for users.
- Active Lumma Stealer Campaign Impacting U.S. SLTTs 2025-03-20The CIS CTI team spotted a Lumma Stealer campaign where SLTT victims were redirected to malicious webpages delivering fake CAPTCHA verifications.
- CIS Benchmarks March 2025 Update 2025-03-10Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for March 2025.
- CIS Benchmarks February 2025 Update 2025-02-05Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for February 2025.
All CISA Advisories
- MicroDicom DICOM Viewer 2025-06-10View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: MicroDicom Equipment: DICOM Viewer Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on affected installations of DICOM Viewer. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following MicroDicom products are affected: […]CISA
- CISA Releases Four Industrial Control Systems Advisories 2025-06-10CISA released four Industrial Control Systems (ICS) advisories on June 10, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-160-01 SinoTrack GPS Receiver ICSA-25-160-02 Hitachi Energy Relion 670, 650, SAM600-IO Series ICSMA-25-160-01 MicroDicom DICOM Viewer ICSA-25-140-11 Assured Telematics Inc (ATI) Fleet Management System (Update A) CISA encourages users […]CISA
- CISA Adds Two Known Exploited Vulnerabilities to Catalog 2025-06-10CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-24016 Wazuh Server Deserialization of Untrusted Data Vulnerability CVE-2025-33053 Web Distributed Authoring and Versioning (WebDAV) External Control of File Name or Path Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose […]CISA
- Hitachi Energy Relion 670, 650, SAM600-IO Series 2025-06-10View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION: Exploitable remotely Vendor: Hitachi Energy Equipment: Relion 670, 650, SAM600-IO Series Vulnerability: Observable Discrepancy 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to decrypt application data in transit. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Hitachi Energy reports that the following products are […]CISA
- SinoTrack GPS Receiver 2025-06-10View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION: Exploitable remotely/Low attack complexity Vendor: SinoTrack Equipment: All Known SinoTrack Devices Vulnerabilities: Weak Authentication, Observable Response Discrepency 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to access device profiles without authorization through the common web management interface. Access to the device profile […]CISA
- CISA Adds Two Known Exploited Vulnerabilities to Catalog 2025-06-09CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-32433 Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability CVE-2024-42009 RoundCube Webmail Cross-Site Scripting Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. […]CISA
- CISA Releases Seven Industrial Control Systems Advisories 2025-06-05CISA released seven Industrial Control Systems (ICS) advisories on June 5, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-155-01 CyberData 011209 SIP Emergency Intercom ICSA-25-155-02 Hitachi Energy Relion 670, 650 series and SAM600-IO Product ICSA-21-049-02 Mitsubishi Electric FA Engineering Software Products (Update H) ICSA-25-133-02 Hitachi Energy Relion […]CISA
- Hitachi Energy Relion 670, 650 Series and SAM600-IO Product 2025-06-05View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Relion 670, Relion 650, SAM600-IO Vulnerabilities: Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause memory corruption on the products. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Hitachi Energy reports […]CISA
- CyberData 011209 SIP Emergency Intercom 2025-06-05View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: CyberData Equipment: 011209 SIP Emergency Intercom Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Missing Authentication for Critical Function, SQL Injection, Insufficiently Protected Credentials, Path Traversal: '.../...//' 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to […]CISA
- CISA Adds One Known Exploited Vulnerability to Catalog 2025-06-05CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-5419 Google Chromium V8 Out-of-Bounds Read and Write Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the […]CISA
ISACA SmartBrief on Cybersecurity
- So it goes. 2025-06-10Kurt Vonnegut, writer
- Real-time compliance: The new face of data governance 2025-06-10AI-driven enterprises require a new model of data governance, one that replaces static policies and periodic audits with adap -More-
- Before AI can deliver, your data needs a reality check 2025-06-10Many companies are struggling to integrate AI due to inadequate data management, writes Maggie Laird, president of Pentaho. -More-
- Sensata Technologies discloses April data breach 2025-06-10Sensata Technologies has disclosed a data breach after an April ransomware attack that compromised personal information inclu -More-
- Tech talent could be hidden in plain sight 2025-06-10Linda Rosencrance looks at ways to discover tech talent within an organization, spotlighting efforts at Lexmark and HireVue. -More-
- Chrome extensions could be leaking sensitive data 2025-06-10Symantec research found some Chrome extensions for browser privacy could leak API keys and other sensitive data about the mac -More-
- Dozens of groups targeted by cyberespionage activity 2025-06-10More than 70 organizations were targeted by a cyberespionage group with ties to China, according to a report. -More-
- Mirai exploits Wazuh flaw for remote code execution 2025-06-10Akamai has identified that Mirai botnets are exploiting a critical remote code execution vulnerability in Wazuh servers. -More-
