Original release date: October 22, 2020The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released two joint cybersecurity advisories on widespread advanced persistent threat (APT) activity. Joint Cybersecurity Advisory: AA20-296A Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets Joint Cybersecurity Advisory: AA20-296B Iranian State-Sponsored Advanced Persistent Threat […]

Original release date: October 22, 2020This joint cybersecurity advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor tactics and techniques This joint cybersecurity advisory—written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA)—provides information on

Original release date: October 22, 2020The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are warning that Iranian advanced persistent threat (APT) actors are likely intent on influencing and interfering with the U.S. elections to sow discord among voters and undermine public confidence in the U.S. electoral process. The APT

Original release date: October 21, 2020Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates. Illustrator

Original release date: October 21, 2020Google has released Chrome version 86.0.4240.111 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary changes. This product

Original release date: October 21, 2020Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisories for Firefox 82 and Firefox

Original release date: October 20, 2020Oracle has released its Critical Patch Update for October 2020 to address 402 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Oracle October 2020 Critical Patch Update and apply

Original release date: October 20, 2020The National Security Agency (NSA) has released a cybersecurity advisory on Chinese state-sponsored malicious cyber activity. This advisory provides 25 Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks. The Cybersecurity

Original release date: October 20, 2020VMware has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2020-0023 and apply the necessary updates or

Original release date: October 16, 2020Microsoft has released security updates to address remote code execution vulnerabilities affecting Windows Codecs Library and Visual Studio Code. An attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Microsoft security advisories for