Home > Cyber Threat Advisory

Cyber Threat Advisory

Cyber Threat Updates

OpenSSL Releases Patch for High-Severity Bug that Could Lead to RCE Attacks
The maintainers of the OpenSSL project have released patches to address a high-severity bug in the cryptographic library that could potentially lead to remote code execution under certain scenarios. T …

Hackers Abusing BRc4 Red Team Penetration Tool in Attacks to Evade Detection
Malicious actors have been observed abusing legitimate adversary simulation software in their attacks in an attempt to stay under the radar and evade detection. Palo Alto Networks Unit 42 said a malwa …

The End of False Positives for Web and API Security Scanning?
July may positively disrupt and adrenalize the old-fashioned Dynamic Application Security Scanning (DAST) market, despite the coming holiday season. The pathbreaking innovation comes from ImmuniWeb, a …

Bitter APT Hackers Continue to Target Bangladesh Military Entities
Military entities located in Bangladesh continue to be at the receiving end of sustained cyberattacks by an advanced persistent threat tracked as Bitter. "Through malicious document files and int …

Hive Ransomware Upgrades to Rust for More Sophisticated Encryption Method
The operators of the Hive ransomware-as-a-service (RaaS) scheme have overhauled their file-encrypting software to fully migrate to Rust and adopt a more sophisticated encryption method. "With its …

MS-ISAC Updates

CIS Benchmarks July 2022 Update
The CIS Benchmarks development team has been hard at work preparing several brand new Benchmarks and updates for July 2022.

CIS Controls Enterprise Asset Management Policy Template
To implement an enterprise asset management process, enterprises can use a policy template based on the CIS Critical Security Controls.

How to Build Cybersecurity Compliance with Free CIS Resources
Cybersecurity compliance doesn't have to be overwhelming. Organizations can use free CIS resources to build a plan that works for them.

Explore Cloud Security with CIS at AWS re:Inforce 2022
CIS Hardened Images can assist with your cloud security. That's one of the messages we're bringing to AWS re:Inforce 2022.

Making Time for Ongoing Security Awareness Training
The key to emphasizing security awareness training is making the most of what's already available, including CIS's partnership with SANS.

Subscribe to receive our monthly “Be Cyber Aware” report focused on regional cyber topics related to the Coastal Cyber District which includes Bryan, Bulloch, Camden, Chatham, Effingham, Glynn, Jenkins, Liberty, Long, McIntosh and Screven counties:

Last updated: 3/21/2022

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could […]
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla Firefox, Firefox Extended Support Release (ESR) and […]
Multiple Vulnerabilities in WatchGuard Firebox and XTM appliances Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in WatchGuard Firebox and XTM appliances, the most severe […]
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could […]
A Vulnerability in Splunk Enterprise Deployment Servers Could Allow for Arbitrary Code Execution
A vulnerability in Splunk Enterprise Deployment Servers Could Allow for Arbitrary Code Execution. Splunk […]
A Vulnerability in Cisco Email Security Appliance, Cisco Secure Email & Web Manager Could Allow for an Authentication Bypass - PATCH: NOW - TLP: WHITE
A vulnerability in Cisco Email Security Appliance, Cisco Secure Email & Web Manager could […]
A Vulnerability in Citrix Application Delivery Management (Citrix ADM) Could Allow for an Unauthenticated Attacker to Reset the Administrator Password
Multiple vulnerabilities have been discovered in Citrix ADM. Citrix ADM is a web-based solution […]
MS-ISAC CYBERSECURITY ADVISORY - Critical Patches Issued for Microsoft Products, June 14, 2022 - PATCH: NOW - TLP: WHITE
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could […]
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could […]
Multiple Vulnerabilities in Google Android OS Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which […]

Cyber Threat Advisory

Cyber Advisory