Cisco Releases Security Updates Addressing ArcaneDoor, Vulnerabilities in Cisco Firewall Platforms. [Published Date: 2024-04-24]

Cisco released security updates to address ArcaneDoor - exploitation of Cisco Adaptive Security Appliances (ASA) devices and Cisco Firepower Threat Defense (FTD) software. A cyber threat actor could exploit vulnerabilities (CVE-2024-20353 , CVE-2024-20359 , CVE-2024-20358) to take control of an affected system.

Cisco has reported active exploitation of CVE 2024-20353 and CVE-2024-20359.

Review the following advisories and apply the necessary updates:

• Cisco Blog: ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices
• Cisco Event Response: Attacks Against Cisco Firewall Platforms

Google Chrome Security Advisory. [Published Date: 2024-04-24]

Google published a security advisory to address vulnerabilities in the following products:

• Stable Channel Chrome for Desktop - versions prior to 124.0.6367.78/.79 (Windows and Mac) and 124.0.6367.78 (Linux)
• Extended Stable Channel Chrome for Desktop - versions prior to 124.0.6367.78/.79 (Windows and Mac)

Dell Security Advisory [Published Date: 2024-04-23]

Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• Dell custom VMware ESXi - multiple versions
• Dell EMC VxRail Appliance - 8.0.x versions prior to 8.0.211
• Dell SmartFabric OS10 - version 10.5.5.8

• Dell Security Update (Dell custom VMware ESXi)
• Dell Security Update (Dell EMC VxRail Appliance)
• Dell Security Update (Dell SmartFabric OS10)

Ubuntu Security Advisory. [Published Date: 2024-04-23]

Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products:

• Ubuntu 14.04 ESM
• Ubuntu 16.04 ESM
• Ubuntu 18.04 ESM
• Ubuntu 20.04 LTS
• Ubuntu 22.04 LTS
• Ubuntu 23.10

IBM Security Advisory. [Published Date: 2024-04-23]

IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• IBM Edge Application Manager - versions 4.4 and 4.5
• IBM Db2 and Db2 Warehouse on Cloud Pak for Data - versions prior to v4.8.4

• IBM Security Bulletin - 7148864
• IBM Security Bulletin - 7148847

Red Hat Security Advisory. [Published Date: 2024-04-22]

Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:

• Red Hat Enterprise Linux - multiple versions and platforms
• Red Hat Enterprise Linux Server - multiple versions and platforms
• Red Hat CodeReady Linux Builder - multiple versions and platforms
• Red Hat Enterprise Linux for Real Time - multiple versions and platforms
• Red Hat Virtualization Host 4 for RHEL 8 x86_64 - multiple versions

IBM Security Advisory [Published Date: 2024-04-08]

IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• IBM App Connect Enterprise Certified Container - multiple versions
• IBM CP4NA - version 2.7
• IBM App Connect Enterprise - version 12.0.1.0 to 12.0.11.2
• IBM Maximo Application Suite IoT Component - versions 8.7 and 8.8
• IBM Process Mining - versions 1.14.1, 1.14.2, 1.14.2 IF001, 1.14.3, 1.14.3 IF001 and 1.14.0
• IBM Tivoli Netcool Impact - version 7.1.0.0 to 7.1.0.32
• IBM Jazz for Service Management - version 1.1.3.0 to 1.1.3.20
• IBM Netcool Operations Insight - versions 1.4 to 1.4.1.2, 1.5 to 1.5.0.1 and 1.6 to 1.6.11
• IBM PCOMM - versions 14.0.6 and 15.0.1

Ubuntu Security Advisory [Published Date: 2024-04-08]

Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products:

• Ubuntu 14.04 ESM
• Ubuntu 16.04 ESM
• Ubuntu 18.04 ESM
• Ubuntu 20.04 LTS
• Ubuntu 22.04 LTS

Red Hat Security Advisory [Published Date: 2024-04-08]

Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:

• Red Hat CodeReady Linux Builder - multiple versions and platforms
• Red Hat Enterprise Linux - multiple versions and platforms
• Red Hat Enterprise Linux Server - multiple versions and platforms
• Red Hat Virtualization Host - multiple versions and platforms

Juniper Security Advisory. [Published Date: 2024-04-16]

Juniper published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• cRPD - versions prior to 23.4R1
• Juniper Cloud Native Router - versions prior to 23.4
• Junos OS - versions prior to 23.4R1-S1, 23.4R2 and 2R1
• Junos OS Evolved - multiple versions


Review Juniper's Support Portal and apply the necessary updates.

PuTTY Security Advisory. [Published Date: 2024-04-16]

PuTTY has released a security advisory to address vulnerability PuTTY �" version 0.68 to 0.80. The vulnerability could compromise the NIST P521 private keys exposed by biased signature generation.

Review the following advisories and apply the updates:

• PuTTY vulnerability vuln-p521-bias
• Download PuTTY: latest release (0.81)

Mozilla Security Advisory. [Published Date: 2024-04-16]

Mozilla released security updates to address vulnerabilities in Firefox versions prior to 125 and Firefox ESR versions prior to 115.10. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.

Review the following Mozilla Security Advisories and apply the necessary updates:

• Mozilla Security Advisory - MFSA 2024-18
• Mozilla Security Advisory - MFSA 2024-19
• Mozilla Security Advisories

Oracle Security Advisory - April 2024 quarterly rollup. [Published Date: 2024-04-16]

Oracle published a security advisory to address vulnerabilities in multiple products. Included were critical updates for the following:

• Oracle Analytics
• Oracle Commerce
• Oracle Communications Applications
• Oracle Communications
• Oracle E-Business Suite
• Oracle Enterprise Manager
• Oracle Food and Beverage
• Oracle Fusion Middleware
• Oracle HealthCare Applications
• Oracle Insurance Applications
• Oracle PeopleSoft
• Oracle Retail Applications
• Oracle Systems
• Oracle WebLogic
• MySQL

Atlassian Security Advisory. [Published Date: 2024-04-16]

Atlassian published security advisories to address vulnerabilities in the following products:

• Bamboo Data Center - multiple versions
• Bamboo Server - multiple versions
• Bitbucket Data Center - multiple versions
• Bitbucket Server - multiple versions
• Confluence Data Center - multiple versions
• Confluence Server - multiple versions
• Jira Service Management Data Center - multiple versions
• Jira Service Management Server - multiple versions
• Jira Software Data Center - multiple versions
• Jira Software Server - multiple versions

• Atlassian April 2024 Security Bulletin
• Security at Atlassian: Vulnerabilities
• Atlassian Security Advisories and Bulletins

Cisco Releases Security Advisories for Cisco Integrated Management Controller. [Published Date: 2024-04-17]

Cisco has released security advisories for vulnerabilities in the Cisco integrated management controller. A remote cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.

Review the following advisories and apply the necessary updates:

• Cisco Integrated Management Controller CLI Command Injection Vulnerability
• Cisco Integrated Management Controller Web-Based Management Interface Command Injection Vulnerability

CISA, FBI, EC3 and NCSC-NL Release Advisory on Akira Ransomware. [Published Date: 2024-04-18]

Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), Europol’s European Cybercrime Centre (EC3), and the Netherlands’ National Cyber Security Centre (NCSC-NL) released a joint Cybersecurity Advisory (CSA), Akira Ransomware, to disseminate known Akira ransomware tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) identified through FBI investigations as recently as February 2024.

Evolving from an initial focus on Windows systems to a Linux variant targeting VMware ESXi virtual machines, Akira threat actors began deploying Megazord (a Rust-based code) and Akira (written in C++), including Akira_v2 (also Rust-based) in August 2023. Akira ransomware has impacted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia and claimed approximately $42 million (USD) in ransomware proceeds.

Review the updated joint advisory to protect and detect against malicious activity.

Microsoft Edge Security Advisory. [Published Date: 2024-04-19]

Microsoft published a security update to address vulnerabilities in Microsoft Edge Stable Channel - versions prior to 0.2478.51.

Review the Release notes for Microsoft Edge Security Updates and apply the necessary updates.

Dell Security Advisory [Published Date: 2024-04-16]

Between April 8 and 14, 2024, Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• Dell NetWorker -- multiple versions
• Dell Storage Monitoring and Reporting -- multiple versions
• Dell Storage Resource Manager -- multiple versions

Juniper Releases Security Bulletin [Published Date: 2024-04-12]

Juniper has released security updates to address multiple vulnerabilities in Junos OS, Junos OS Evolved, Paragon Active Assurance, and Junos OS: EX4300 Series. A cyber threat actor could exploit some of these vulnerabilities to cause a denial-of-service condition.
Review Juniper's Support Portal and apply the necessary updates.

Palo Alto Networks Security Advisory [Published Date: 2024-04-12]

Palo Alto Networks published a security advisory to address a vulnerability in the following products:

• PAN-OS 11.1 -- versions prior to 11.1.2-h3
• PAN-OS 11.0 -- versions prior to 0.4-h1
• PAN-OS 10.2 -- versions prior to 10.2.9-h1

• Palo Alto Networks Security Advisory - CVE-2024-3400
• Palo Alto Network Security Advisories

Citrix Security Advisory [Published Date: 2024-04-11]

Citrix published a security advisory to address vulnerabilities in the following products:

• XenServer -- version 8
• Citrix Hypervisor -- version 8.2 CU1 LTSR

• Citrix Security Advisory -- CTX633151
• Citrix Security Advisories

SAP Security Advisory-April 2024 Monthly Rollup [Published Date: 2024-04-10]

SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following:

• SAP BusinessObjects Web Intelligence -- versions prior to 4.2 and 4.3
• SAP NetWeaver AS Java User Management Engine -- version prior to SERVERCORE 7.50, J2EE-APPS 7.50 and UMEADMIN 7.50

Google Chrome Security Advisory [Published Date: 2024-04-10]

Google has released security updates to address multiple vulnerabilities affecting Chrome versions 123.0.6312.122for Linux, prior to 123.0.6312.122/.123 for Windows, and 123.0.6312.122/.123/.124 Apple MAC. A cyber threat actor could exploit some of these vulnerabilities to compromise the affected system.
Review the Google security bulletins and apply the necessary updates.

Palo Alto Networks Security Advisory [Published Date: 2024-04-10]

Palo Alto Networks published security advisories to address vulnerabilities in multiple products. Included were updates for the following:

• PAN-OS 11.1 --versions prior to 11.1.2
• PAN-OS 11.0 -- multiple versions
• PAN-OS 10.2 -- multiple versions
• PAN-OS 10.1 -- multiple versions
• PAN-OS 10.0 -- versions prior to 10.0.12
• PAN-OS 9.1 -- multiple versions
• PAN-OS 9.0 -- multiple versions
• PAN-OS 8.1 -- versions prior to 8.1.24

• Palo Alto Networks Security Advisory - CVE-2024-3382
• Palo Alto Networks Security Advisory - CVE-2024-3383
• Palo Alto Networks Security Advisory - CVE-2024-3384
• Palo Alto Networks Security Advisory - CVE-2024-3385
• Palo Alto Network Security Advisories

Fortinet Releases Security Updates for Multiple Products [Published Date: 2024-04-10]

Fortinet released security updates to address vulnerabilities in multiple products, including OS and FortiProxy. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Review the following advisories and apply necessary updates:

• FR-IR-23-345 FortiClientMac - Lack of configuration file validation
• FG-IR-23-493 FortiOS & FortiProxy - Administrator cookie leakage
• FG-IR-23-087 FortiClient Linux - Remote Code Execution due to dangerous nodejs configuration

Adobe Releases Security Updates for Multiple Products [Published Date: 2024-04-10]

Adobe Releases Security Updates for Multiple Products Adobe has released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Review the following Adobe Security Bulletins and apply the necessary updates: 

• Adobe After Effects
• Adobe Photoshop
• Adobe Commerce and Magento
• Adobe InDesign
• Adobe Experience Manager
• Adobe Media Encoder
• Adobe Bridge
• Adobe Illustrator
• Adobe Animate

Microsoft April 2024 Security Updates [Published Date: 2024-04-10]

Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

Review the Microsoft Security Updates and apply the necessary updates.

Broadcom Security Advisory for Brocade Fabric OS. [Published Date: 2024-04-04]

Broadcom published a security Advisory to address vulnerabilities affecting Brocade Fabric OS versions 9.x through 9.2.0.

Review the Broadcom Security Advisory and apply the necessary updates.

HTTP/2 CONTINUATION frames can be utilized for DoS attacks. [Published Date: 2024-04-03]

New research done by researchers at the CERT Coordination Center of Carnegie Mellon University has found that the CONTINUATION frame in the HTTP/2 protocol can be exploited to conduct denial-of-service (DoS) attacks.

The technique has been codenamed HTTP/2 CONTINUATION Flood by security researcher Bartek Nowotarski, who reported the issue to the CERT Coordination Center (CERT/CC) on 25th January 2024.

Review the advisory and upgrade affected software to the latest version to mitigate potential threats. In the absence of a fix, it's advised to consider(if possible) temporarily disabling HTTP/2 on the servers.

Ivanti security advisory. [Published Date: 2024-04-03]

Ivanti published a security advisory to address vulnerabilities in the following products:

• Ivanti Connect Secure (9.x and 22.x) --all versions
• Ivanti Policy Secure Gateway (9.x and 22.x) --all versions

IBM Security Advisory for DB2. [Published Date: 2024-04-02]

IBM published a security bulletin to address vulnerabilities affecting DB2.

Review the IBM security bulletins and apply the necessary updates.

Cisco security advisory. [Published Date: 2024-04-04]

Cisco published security advisories to address vulnerabilities in multiple products. Included was an update for the following:

• Cisco Enterprise Chat and Email (ECE)
• Cisco Identity Services Engine (ISE)
• Cisco Nexus Dashboard
• Cisco Nexus Dashboard Fabric Controller (NDFC)
• Cisco Nexus Dashboard Orchestrator (NDO)
• Cisco RV Series Small Business Routers
• Cisco TelePresence Management Suite (TMS)
• Cisco Emergency Responder: CVSS (Max)

Google Chrome security advisory. [Published Date: 2024-04-03]

Google has released security updates to address multiple vulnerabilities affecting Chrome versions 123.0.6312.105 for Linux, and prior to 123.0.6312.105/.106/.107 for Windows, Apple MAC. A cyber threat actor could exploit some of these vulnerabilities to compromise the affected system.

Review the Google security bulletins and apply the necessary updates.

Android security advisory - April 2024 Monthly Rollup. [Published Date: 2024-04-01]

Android published a security bulletin to address vulnerabilities affecting Android devices.

Review the Android Security Bulletin and apply the necessary updates.

HPE security advisory. [Published Date: 2024-04-02]

HPE published a security advisory to address vulnerabilities in the following products:

• HPE Alletra - multiple versions and platforms
• HPE Apollo - multiple versions and platforms
• HPE Edgeline - multiple versions and platforms
• HPE Compute Edge Server e930t - versions prior to v2.16_03-01-2024
• HPE ProLiant - multiple versions and platforms
• HPE Synergy - multiple versions and platforms
• HPE NonStop Web ViewPoint Enterprise - multiple versions and platforms

• HPE Security Bulletin - hpesbns04624en_us
• HPE Security Bulletin - hpesbhf04593en_us
• HPE Security Bulletin Library

Red Hat security advisory. [Published Date: 2024-03-31]

Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:

• Red Hat CodeReady Linux Builder - multiple versions and platforms
• Red Hat Enterprise Linux - multiple versions and platforms
• Red Hat Enterprise Linux Server - multiple versions and platforms

Ubuntu security advisory. [Published Date: 2024-03-31]

Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products:

• Ubuntu 16.04 ESM
• Ubuntu 18.04 ESM
• Ubuntu 20.04 LTS
• Ubuntu 22.04 LTS
• Ubuntu 23.10

IBM security advisory. [Published Date: 2024-03-31]

IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• IBM Cloud PAK for AIOps - versions 4.1.0 to 4-4.1
• IBM Cloud Pak for Business Automation - multiple versions
• IBM Intelligent Operations Centre (IOC) - multiple versions
• IBM MQ Operator - multiple versions
• IBM Operations Analytics Predictive Insights - versions 1.3.6 to 1.3.6.7 (iFix7)
• IBM Planning Analytics Workspace - version 2.0
• IBM QRadar SIEM - versions 7.5.0 to 7.5.0 UP7 IF06
• IBM supplied MQ Advanced container images - multiple versions

Microsoft Edge Security Advisory. [Published Date: 2024-03-29]

Microsoft published a security update to address a vulnerability in the following product:

• Microsoft Edge Stable Channel - versions before 123.0.2420.65
• Microsoft Edge Extended Stable Channel - versions before 122.0.2365.113

JetBrains Security Advisory. [Published Date: 2024-03-27]

JetBrains published a security advisory to address vulnerabilities on JetBrains TeamCity On-Premises - versions prior to 2024.03.

Review the provided JetBrains Security Advisory and perform the suggested mitigations.

GitLab Security Advisory. [Published Date: 2024-03-27]

GitLab published a security advisory to address vulnerabilities in the following products:

• GitLab Community Edition (CE) - versions prior to 16.10.1, 16.9.3 and 16.8.5
• GitLab Enterprise Edition (EE) - versions prior to 16.10.1, 16.9.3 and 16.8.5

Cisco Releases Security Advisory for Vulnerabilities in Cisco IOS Software for Catalyst 6000 Series Switches. [Published Date: 2024-03-27]

Cisco released security updates to address vulnerabilities in Cisco IOS Software for Catalyst 6000 Series Switches. A cyber threat actor could exploit some of these vulnerabilities to cause a denial-of-service.

Review the Cisco IOS Software for Catalyst 6000 Series Switches Vulnerability advisory and apply the necessary updates.

Cisco Releases Security Advisory for Vulnerabilities in Cisco Access Point software. [Published Date: 2024-03-28]

Cisco released security updates to address vulnerabilities in Cisco Access Point software. A cyber threat actor could exploit some of these vulnerabilities to cause a denial-of-service.

Review the following advisories and apply the necessary updates:

• Cisco Access Point Software Secure Boot Bypass Vulnerability
• Cisco Access Point Software Denial of Service Vulnerability

Cisco Releases Security Advisory for Vulnerabilities in Cisco IOS XR Products. [Published Date: 2024-03-27]

Cisco published security advisories to address vulnerabilities in their Cisco IOS XR. A cyber threat actor could exploit these vulnerabilities to local attackers to elevate privileges on an affected device.

Review the Cisco IOS XR Vulnerability advisory and apply the necessary updates.

Google Chrome security advisory. [Published Date: 2024-03-26]

Google has released security updates to address multiple vulnerabilities affecting Chrome versions 123.0.6312.86 for Linux, and prior to 23.0.6312.86/.87 for Windows, Apple MAC. A cyber threat actor could exploit some of these vulnerabilities to compromise the affected system.

Review the Google security bulletins and apply the necessary updates.

Red Hat security advisory. [Published Date: 2024-03-24]

Red Hat published security advisories to address vulnerabilities affecting the following products:

• Red Hat CodeReady Linux Builder - multiple versions and platforms
• Red Hat Enterprise Linux - multiple versions and platforms
• Red Hat Enterprise Linux for Real Time/for NFV - Telecommunications Update Service 8.4 x86_64
• Red Hat Enterprise Linux Server - multiple versions and platforms

Apple Released Security Updates for Multiple Products. [Published Date: 2024-03-25]

Apple released security updates to address vulnerabilities in macOS, Safari, iOS and visionOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

Review the following advisories and apply the necessary updates:

• macOS Sonoma - versions prior to 14.4.1
• macOS Ventura - versions prior to 13.6.6
• iOS and iPadOS - versions prior to 17.4.1
• iOS and iPadOS - versions prior to 16.7.7
• Safari - versions prior to 17.4.1
• visionOS - versions prior to 1.1.1

Dell security advisory. [Published Date: 2024-03-25]

Dell published security advisories to address vulnerabilities affecting the following products:

• APEX Cloud Platform for Red Hat OpenShift - versions prior to 4.13.34
• APEX Cloud Platform Foundation Software - versions prior to 03.00.03.00
• Dell Data Lakehouse System Software - version 1.0.0.0
• Dell EMC VxRail Appliance - versions prior to 7.0.483 and versions prior to 8.0.120
• Dell PowerProtect DD Management Center - versions 7.0 through 7.12, versions 7.10.1.0 through 7.10.1.15 and versions 7.7.5.0 through 7.7.5.25
• Dell PowerProtect DD Management Center with SmartScale feature - versions 7.10.1.0 through 7.10.1.15 and versions 7.8 through 7.12
• Dell Networking S5448-ON - versions prior to v3.52.5.1-10
• Dell Networking S5448F-ON - versions prior to v3.52.5.1-10
• Dell Networking Z9432F-ON - versions prior to v3.51.5.1-18

IBM security advisory. [Published Date: 2024-03-25]

IBM published security advisories to address vulnerabilities affecting the following products:

• IBM App Connect Enterprise - versions 11.0.0.1 to 11.0.0.24 and 12.0.1.0 to 12.0.11.1
• IBM Cloud Pak for Data Scheduling - version 4.6.4 to 4.7.4
• IBM Security Verify Information Queue - versions 10.0.6 and 10.0.7
• IBM Spectrum Control - all 5.4 versions
• IBM Storage Copy Data Management - version 2.2.0.0 to 2.2.22.1
• IBM Storage Protect Plus Server - version 10.1

Ubuntu security advisory. [Published Date: 2024-03-25]

Ubuntu published security advisories to address vulnerabilities in the Linux kernel affecting the following products:

• Ubuntu 14.04 ESM
• Ubuntu 16.04 ESM
• Ubuntu 18.04 ESM
• Ubuntu 20.04 LTS
• Ubuntu 22.04 LTS
• Ubuntu 23.10

Tenable Security Center security advisory. [Published Date: 2024-03-25]

Tenable has released security updates to address vulnerabilities affecting the Tenable Security Center (Stand-alone). A cyber threat actor could exploit some of these vulnerabilities to compromise the affected system.

Review the Tenable Security Center security advisory and apply the necessary updates or workarounds.

Mozilla security advisory. [Published Date: 2024-03-22]

Mozilla has released security updates to address a vulnerability affecting Firefox and Firefox ESR. A cyber threat actor could exploit some of these vulnerabilities to compromise the affected system.

Review the following advisories and apply necessary updates: 

• Security Vulnerabilities fixed in Firefox 124.0.1
• Security Vulnerabilities fixed in Firefox ESR 115.9.1

F5 Releases Security Advisories Addressing Multiple Vulnerabilities. [Published Date: 2024-03-20]

F5 has updated a security advisory on vulnerability (CVE-2022-23308) affecting multiple products, including BIG-IP (all modules), BIG-IQ Centralized Management, F50S-C, and Traffix SDC. A cyber threat actor could exploit this vulnerability, resulting in denial-of-service (DoS).

Review the F5 security advisory and apply the necessary updates or workarounds.

Jenkins Security Advisory. [Published Date: 2024-03-20]

Jenkins, the open-source continuous integration/continuous delivery and deployment (CI/CD) automation software, released a security advisory for its vulnerability (CVE-2024-22201). A cyber threat actor could exploit this vulnerability, resulting in denial of service.

Review the Jenkins security advisory and apply the necessary updates.

Google Chrome security advisory. [Published Date: 2024-03-19]

Google has released security updates to address multiple vulnerabilities affecting Chrome versions 123.0.6312.58 for Linux, and prior to 123.0.6312.58/.59 for Windows, Apple MAC. A cyber threat actor could exploit some of these vulnerabilities to compromise the affected system.

Review the Google security bulletins and apply the necessary updates.

Atlassian security advisory. [Published Date: 2024-03-19]

Atlassian published security advisories to address vulnerabilities in the following products:

• Bamboo Data Centre - multiple versions
• Bamboo Server - multiple versions
• Bitbucket Data Centre - multiple versions
• Bitbucket Server - multiple versions
• Confluence Data Center - multiple versions
• Confluence Server - multiple versions
• Jira Service Management Data Center - multiple versions
• Jira Service Management Server - multiple versions
• Jira Software Data Center - multiple versions
• Jira Software Server - multiple versions

• Atlassian March 2024 Security Bulletin
• Atlassian Security Advisories and Bulletins
• Atlassian Security Advisories and Bulletins

Mozilla security advisory. [Published Date: 2024-03-19]

Mozilla has released security updates to address a vulnerability affecting Firefox, Firefox ESR, and Mozilla Thunderbird. A cyber threat actor could exploit some of these vulnerabilities to compromise the affected system.

Review the following advisories and apply necessary updates: 

• Security Vulnerabilities fixed in Firefox 124
• Security Vulnerabilities fixed in Firefox ESR 115.9
• Security Vulnerabilities fixed in Thunderbird 115.9

Red Hat security advisory. [Published Date: 2024-03-18]

Red Hat published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• Red Hat CodeReady Linux Builder - multiple versions and platforms
• Red Hat Enterprise Linux - multiple versions and platforms
• Red Hat Enterprise Linux Server Extended Life Cycle Support (for IBM z Systems) - version 7 s390x

IBM security advisory [Published Date: 2024-03-11]

IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• IBM Automation Decision Services - versions 23.0.1 and 23.0.2
• IBM Observability with Instana (OnPrem) - versions Build 250 to 267
• IBM QRadar SIEM - version 7.5 to 7.5.0 UP7
• IBM Sterling Secure Proxy - versions 6.0.3 and 6.1.0

Ubuntu security advisory. [Published Date: 2024-03-11]

Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting Ubuntu 18.04 ESM, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.

Review the Ubuntu security notices and apply the necessary updates.

Dell security advisory. [Published Date: 2024-03-18]

Dell published security advisories to address vulnerabilities for Dell EMC VxRail Appliance-8.0.x versions prior to 8.0.210 and NetWorker vProxy. A cyber threat actor could exploit some of these vulnerabilities to compromise the affected system.

Review the following advisories and apply the necessary updates: 

• Dell Security Update-Dell EMC VxRail Appliance.
• Dell Security Update-NetWorker vProxy.

HPE security advisory on Unified OSS Console. [Published Date: 2024-03-15]

HPE published a security advisory to address vulnerabilities HPE Unified OSS Console (UOC) - versions prior to 3.1.3. A cyber threat actor could exploit these vulnerabilities could be exploited to allow remote arbitrary code execution, local denial of service and local stack overflow.

Review the HPE security advisory and apply the necessary updates.

Cisco Releases Security Advisory for Vulnerabilities in Cisco IOS XR Products. [Published Date: 2024-03-13]

Cisco published security advisories to address vulnerabilities in their Cisco IOS XR. A cyber threat actor could exploit these vulnerabilities to local attackers to elevate privileges on an affected device.

Review the Cisco IOS XR Vulnerability advisory and apply the necessary updates.

Google Releases Security Updates for Google Chrome. [Published Date: 2024-03-13]

Google has released security updates to address multiple vulnerabilities affecting Chrome versions 122.0.6261.128 for Linux, and prior to 22.0.6261.128/.129 for Windows, MAC. A malicious cyber actor can exploit one of these vulnerabilities, allowing for arbitrary code execution.

Review the Google security bulletins and apply the necessary updates.

Fortinet Releases Security Updates for Multiple Products. [Published Date: 2024-03-13]

Fortinet released security updates to address vulnerabilities in multiple Fortinet products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. 

Review the following advisories and apply necessary updates: 

• FR-IR-23-390: FortiClientEMS - CSV injection in log download feature
• FR-IR-23-328: FortiOS, FortiProxy - Out-of-bounds Write in captive portal
• FR-IR-24-013: FortiOS, FortiProxy - Authorization bypass in SSLVPN bookmarks
• FR-IR-23-103: FortiWLM MEA for FortiManager - Improper access control in backup and restore features
• FR-IR-24-007: Pervasive SQL injection in DAS component

Microsoft Releases Security Updates for Multiple Products. [Published Date: 2024-03-13]

Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

Review the following and apply the necessary updates:

• Microsoft Security Update Guide for March

Adobe Releases Security Updates for Multiple Products. [Published Date: 2024-03-12]

Adobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

Review the following Adobe Security Bulletins and apply the necessary updates:

• Adobe Experience Manager
• Adobe Premiere Pro
• Adobe ColdFusion
• Adobe Bridge
• Adobe Lightroom
• Adobe Animate

Dell security advisory [Published Date: 2024-03-04]

Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• Isilon A200 - versions prior to 12.1
• Isilon A2000 - versions prior to 12.1
• Isilon F800 - versions prior to 12.1
• Isilon H400 - versions prior to 12.1
• Isilon H500 - versions prior to 12.1
• Isilon H5600 - versions prior to 12.1
• Isilon H600 - versions prior to 12.1
• PowerScale Archive A300 - versions prior to 12.1
• PowerScale Archive A3000 - versions prior to 12.1
• PowerScale B100 - versions prior to 12.1
• PowerScale F200 - versions prior to 12.1
• PowerScale F600 - versions prior to 12.1
• PowerScale F900 - versions prior to 12.1
• PowerScale Hybrid H700 - versions prior to 12.1
• PowerScale Hybrid H7000 - versions prior to 12.1
• PowerScale P100 - versions prior to 12.1

• Dell Security advisories and notices

Ubuntu security advisory. [Published Date: 2024-03-11]

Ubuntu published security notices to address vulnerabilities in the Linux kernel affecting the following products:

• Ubuntu 18.04 ESM
• Ubuntu 20.04 LTS
• Ubuntu 22.04 LTS
• Ubuntu 23.10

IBM security advisory. [Published Date: 2024-03-04]

IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

• IBM CP4NA - version 2.6.5
• IBM DS8900F R9.2 - versions 89.21.31.0 and 89.21.19.0
• IBM DS8900F R9.3 - versions 89.30.68.0, 89.32.40.0 and 89.33.48.0
• IBM Transformation Extender Advanced - versions 9.0 and 10.0
• IBM WebSphere Service Registry and Repository - version 8.5

• IBM Security Bulletin - 7129813
• IBM Security Bulletin - 7130084
• IBM Security Bulletin - 7129806
• IBM Security Bulletin - 7129833

Red Hat security advisory [Published Date: 2024-03-11]

Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:

• Red Hat CodeReady Linux Builder - multiple versions and platforms
• Red Hat Enterprise Linux - multiple versions and platforms
• Red Hat Enterprise Linux Server - multiple versions and platforms
• Red Hat Virtualization Host 4 for RHEL 8 x86_64

• Red Hat Security Advisory - RHSA-2024:1112
• Red Hat Security Advisory - RHSA-2024:1188

Apple Released Security Updates for Multiple Products. [Published Date: 2024-03-08]

Apple released security updates to address vulnerabilities in Safari, macOS, watchOS, tvOS, and visionOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

Review the following advisories and apply the necessary updates:

• Safari 17.4
• macOS Sonoma 14.4
• macOS Ventura 13.6.5
• macOS Monterey 12.7.4
• watchOS 10.4
• tvOS 17.4
• visionOS 1.1

GitLab security advisory. [Published Date: 2024-03-06]

GitHub published a security advisory to address a vulnerability Community and GitLab Enterprise Edition.

Review the provided GitHub Security Advisory and perform the suggested mitigations.

Drupal Releases Security Updates for Drupal Registration role module. [Published Date: 2024-03-06]

Drupal published a security advisory to address a vulnerability in the Registration role module - versions 2.x prior to 2.0.1. The module has a logic error when handling sites that upgraded code and did not run the Drupal update process.

Review the provided Drupal Security Advisory and perform the suggested mitigations.

Google Releases Security Updates for Google Chrome. [Published Date: 2024-03-05]

Google has released security updates to address multiple vulnerabilities affecting Chrome versions 122.0.6261.111 for Mac, Linux, and Mac and prior to 122.0.6261.111/.112 for Windows. A malicious cyber actor can exploit one of these vulnerabilities, allowing for arbitrary code execution.

Review the Google security bulletins and apply the necessary updates.

Apple Releases Security Updates for Multiple Products. [Published Date: 2024-03-05]

Apple has released security updates to address vulnerabilities within iOS and iPadOS. A cyber threat actor could exploit one of these vulnerabilities, allowing privilege escalation to the affected system.

Review the Apple Security Advisory CVE-2024-23225, CVE-2024-23296, CVE-2024-23243 and CVE-2024-23256 and perform the suggested mitigations.

VMware security advisory. [Published Date: 2024-03-05]

VMware released a security advisory to address vulnerabilities in the following products:

• VMware Cloud Foundation - versions 4.x and 5.x
• VMware ESXi - versions 7.0 and 8.0
• VMware Fusion for MacOS - versions 13.x prior to 13.5.1
• VMware Workstation - versions 17.x prior to 17.5.1

SolarWinds security advisory for SolarWinds Security Event Manager. [Published Date: 2024-03-01]

SolarWinds published a security advisory to address vulnerabilities in the SolarWinds Security Event Manager-versions prior to 2023.4.1. A cyber threat actor could exploit these vulnerabilities, allowing remote code execution of an affected system.

Review the SolarWinds Security Advisory and apply the necessary updates.

Android security advisory- March 2024. [Published Date: 2024-03-04]

Android published a security bulletin to address vulnerabilities affecting Android devices.

Review the Android security bulletins and apply the necessary update.

Red Hat release security advisory for squid:4. [Published Date: 2024-03-04]

Red Hat Linux has released a security update to address a vulnerability affecting squid:4. A malicious cyber actor can exploit that vulnerability to cause denial of service in the HTTP header parser.

Review the Red Hat Linux security bulletins and apply the necessary update.

Red Hat release security advisory for Red Hat Satellite 6. [Published Date: 2024-03-04]

Red Hat Linux has released security updates to address multiple vulnerabilities affecting  Red Hat Satellite 6.x x86_64, Red Hat Satellite Capsule 6.x x86_64, and Red Hat Enterprise Linux for x86_64 8 x86_64. A malicious cyber actor can exploit one of these vulnerabilities, allowing hurtful things to the systems.

Review the Red Hat Linux security bulletins and apply the necessary updates.

Juniper Releases Security Advisory for Juniper Secure Analytics. [Published Date: 2024-02-29]

Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure Analytics. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.

Review the Juniper advisory JSA77742 and apply the necessary updates.

Cisco Releases Security Advisory for Vulnerabilities in Cisco UCS and Nexus Products. [Published Date: 2024-02-28]

Cisco published security advisories to address vulnerabilities in their Cisco Unified Computing System (UCS) and Nexus Products.

Review the following provided web links and apply the necessary

• CVE-2024-20267 (Nexus Products)
• CVE-2024-20344 (UCS Products)
• CVE-2024-20291 (Nexus Products)
• CVE-2024-20294 (Nexus and UCS Products)
• CVE-2024-20321 (Nexus Products)

Google Releases Security Updates for Google Chrome. [Published Date: 2024-02-27]

Google has released security updates to address multiple vulnerabilities affecting Chrome versions 122.0.6261.94 for Mac and Linux and Mac and prior to 22.0.6261.94/.95 for Windows. A malicious cyber actor can exploit one of these vulnerabilities, allowing for arbitrary code execution.

Review the Google security bulletins and apply the necessary updates.

VMware has released a security updates for Spring Framework. [Published Date: 2024-02-21]

VMware has released a security update to address a vulnerabilities CVE-2024-22243 and CVE-2024-22234 in Spring Framework.

Review the VMware Spring Framework security updates CVE-2024-22243 and CVE-2024-22234 and apply the necessary updates.

CISA, FBI, and HHS Release an Update to Ransomware Advisory on ALPHV Blackcat. [Published Date: 2024-02-27]

Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) released an update to the joint advisory Ransomware: ALPHV Blackcat to provide new indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with the ALPHV Blackcat ransomware as a service (RaaS). ALPHV Blackcat affiliates have been observed primarily targeting the healthcare sector.

Review the updated joint advisory to protect and detect against malicious activity.

Palo Alto Networks has released a security update for PAN-OS. [Published Date: 2024-02-26]

Palo Alto Networks has released a security update to address a vulnerabilities CVE-2024-0007, CVE-2024-0008, CVE-2024-0009, CVE-2024-0010 and CVE-2024-0011 in PAN-OS.

Review the Palo Alto Networks advisory CVE-2024-0007, CVE-2024-0008, CVE-2024-0009, CVE-2024-0010, and CVE-2024-0011 and apply the necessary updates.

F5 Releases Security Advisories Addressing Multiple Vulnerabilities. [Published Date: 2024-02-14]

F5 has released security advisories on vulnerabilities (CVE-2024-22093, CVE-2024-21763, CVE-2024-21771, CVE-2024-21789, CVE-2024-21849, CVE-2024-22389, CVE-2024-23308, CVE-2024-23314, CVE-2024-23805, CVE-2024-23979, CVE-2024-23982, CVE-2024-24989 and CVE-2024-24990) affecting multiple products, including BIG-IP, LTM, ASM, NGIX Plus and NGIX Open Source.

Review the F5 vulnerabilities CVE-2024-22093, CVE-2024-21763, CVE-2024-21771, CVE-2024-21789, CVE-2024-21849, CVE-2024-22389, CVE-2024-23308, CVE-2024-23314, CVE-2024-23805, CVE-2024-23979, CVE-2024-23982, CVE-2024-24989 and CVE-2024-24990 apply the necessary updates or workarounds.

Google Releases Security Updates for Google Chrome. [Published Date: 2024-02-20]

Google has released security updates to address multiple vulnerabilities affecting Chrome versions 122.0.6261.57 for Mac and Linux and Mac and prior to 122.0.6261.57/.58 for Windows. A malicious cyber actor can exploit one of these vulnerabilities, allowing for arbitrary code execution.

Review the Google security bulletins and apply the necessary updates.

Mozilla Releases Security Updates for Firefox and Thunderbird. [Published Date: 2024-02-21]

Mozilla released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.

Review the following Mozilla Security Advisories and apply the necessary updates:

• MFSA 2024-05 for Firefox
• MFSA 2024-06 for Firefox ESR
• MFSA 2024-07 for Thunderbird

GitLab security advisory. [Published Date: 2024-02-21]

GitLab published a security advisory to address vulnerabilities in the following products:

• GitLab Community Edition (CE) - versions prior to 16.9.1, 16.8.3 and 16.7.6
• GitLab Enterprise Edition (EE) - versions prior to 16.9.1, 16.8.3 and 16.7.6

• GitLab Security Advisory
• GitLab Releases

Atlassian security advisory. [Published Date: 2024-02-21]

Atlassian published security advisories to address vulnerabilities in the following products:

• Confluence Data Center and Server - multiple versions
• Jira Software Data Center and Server - multiple versions
• Assets Discovery - multiple versions
• Jira Service Management Data Center and Server - multiple versions

• Atlassian February 2024 Security Bulletin
• Atlassian Security Advisories and Bulletins

Zoom Releases Security Updates for Seven Vulnerabilities. [Published Date: 2024-02-16]

Zoom has released security updates for Seven vulnerabilities. A cyber threat actor could exploit Zoom VDI Client vulnerabilities for Windows and Zoom Meeting SDK for Windows, which may allow an unauthenticated user to escalate privilege via network access.

Review Zoom's Security bulletin and apply the necessary updates.

ISC Releases Security Advisories for BIND 9. [Published Date: 2024-02-13]

The Internet Systems Consortium (ISC) released security advisories to address vulnerabilities affecting multiple versions of ISC’s Berkeley Internet Name Domain (BIND) 9. A cyber threat actor could exploit one of these vulnerabilities to cause a denial-of-service condition.

Review the following advisories and apply the necessary updates:

• CVE-2023-50868
• CVE-2023-50387
• CVE-2023-6516
• CVE-2023-5680
• CVE-2023-5679
• CVE-2023-5517
• CVE-2023-4408

Microsoft Releases Security Updates for Multiple Products. [Published Date: 2024-02-13]

Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

Review Microsoft’s February Security Update Guide and apply the necessary updates.

Adobe Releases Security Updates for Multiple Products. [Published Date: 2024-02-13]

Adobe has released security updates to address vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

Review the following Adobe Security Bulletins and apply the necessary updates:

• Adobe Commerce and Magento
• Adobe Substance 3D Painter
• Adobe Acrobat and Reader
• Adobe FrameMaker Publishing Server
• Adobe Audition
• Adobe Substance 3D Designer

JetBrains Releases Security Advisory for TeamCity On-Premises. [Published Date: 2024-02-06]

JetBrains released a security advisory to address a vulnerability (CVE-2024-23917) in TeamCity On-Premises. A cyber threat actor could exploit this vulnerability to take control of an affected system.

Review the Critical Security Issue Affecting TeamCity On-Premises-CVE-2024-23917 and apply the necessary update or workarounds.

Multiple Vulnerabilities in Canon Printers. [Published Date: 2024-02-05]

Canon has released security updates to address multiple vulnerabilities identified for certain Small Office Multifunction Printers and Laser Printers. A cyber threat actor could exploit these vulnerabilities and may be able to execute arbitrary code and/or target the product in a Denial-of-Service (DoS) attack via the Internet of an affected system.

Review the Canon security advisory and apply the recommended updates.

Fortinet Releases Security Updates for FortiOS and FortiProxy. [Published Date: 2024-02-08]

Fortinet has released a security update to address FortiOS and FortiProxy software vulnerabilities (CVE-2024-21762, CVE-2023-44487, CVE-2024-23113, and CVE-2023-47537). A cyber threat actor could exploit these vulnerabilities, allowing remote code execution of an affected system.

Review the following Fortinet security advisories and apply the recommended updates:

• FortiOS-Out-of-bound Write in sslvpnd
• FortiOS & FortiProxy-CVE-2023-44487-Rapid Reset HTTP/2 vulnerability
• FortiOS-Format String Bug in fgfmd
• FortiOS-Fortilink lack of certificate validation

Cisco Releases Security Advisory for Vulnerabilities in Cisco Expressway Series. [Published Date: 2024-02-08]

Cisco released a security advisory to address vulnerabilities affecting Cisco Expressway Series. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the Cisco Expressway Series advisory and apply the necessary updates.

VMware Releases Security Advisory for Aria Operations for Networks. [Published Date: 2024-02-07]

VMware released a security advisory to address multiple vulnerabilities in Aria Operations for Networks. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.

Review VMware security advisory VMSA-2024-0002 and apply the necessary updates.

Juniper Networks Releases Security Bulletin for Juniper Secure Analytics. [Published Date: 2024-02-01]

Juniper Networks released a security bulletin to address multiple vulnerabilities affecting Juniper Secure Analytics optional applications. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the Juniper Security Bulletin JSA76718 and apply the necessary updates.

Google Releases Security Updates for Google Chrome. [Published Date: 2024-01-30]

Google has released security updates to address multiple vulnerabilities affecting Chrome versions 121.0.6167.139 for Mac and Linux and Mac and prior to 121.0.6167.139/140 for Windows. A malicious cyber actor can exploit one of these vulnerabilities, allowing for arbitrary code execution.

Review the Google security bulletins and apply the necessary updates.

Juniper Networks Releases Security Bulletin for J-Web in Junos OS SRX Series and EX Series [Published Date: 2024-01-29]

Juniper Networks released a security bulletin to address multiple vulnerabilities for J-Web in Junos OS SRX Series and EX Series. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.

Review the Juniper Bulletin JSA76390 and apply the necessary updates.

Jenkins Security Advisory. [Published Date: 2024-01-24]

Jenkins, the open-source continuous integration/continuous delivery and deployment (CI/CD) automation software, released a security advisory for its vulnerability (CVE-2024-23897). A cyber threat actor could exploit this vulnerability, resulting in remote code execution.

Review the Jenkins security advisory and apply the necessary updates.

Cisco Releases Security Advisory for Multiple Unified Communications and Contact Center Solutions Products. [Published Date: 2024-01-25]

Cisco released a security advisory to address a vulnerability (CVE-2024-20253) affecting multiple Unified Communications Products. A cyber threat actor could exploit this vulnerability to take control of an affected system.

Review the Cisco Unified Communications Products Remote Code Execution Vulnerability advisory and apply the necessary updates.

Multiple Vulnerabilities in GitHub Enterprise Server. [Published Date: 2024-01-16]

Multiple vulnerabilities have been reported in the GitHub Enterprise Server, which could allow an attacker to execute remote code, escalate privileges, bypass security restrictions, and disclose sensitive information on the targeted system.

Review the following advisories and apply the necessary updates:

• GitHub Enterprise Server version prior to 3.11.3
• GitHub Enterprise Server version prior to 3.10.5
• GitHub Enterprise Server version prior to 3.9.8
• GitHub Enterprise Server version prior to 3.8.13

Mozilla Releases Security Updates for Firefox and Thunderbird. [Published Date: 2024-01-23]

Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A malicious cyber actor can exploit one of these vulnerabilities, allowing for arbitrary code execution.

Review the following advisories and apply the necessary updates:

• Firefox 122
• Thunderbird 115.7
• Firefox ESR 115.7

Google Releases Security Updates for Google Chrome. [Published Date: 2024-01-23]

Google has released security updates to address multiple vulnerabilities affecting Chrome versions 120.0.6167.85 for Mac and Linux and Mac and prior to 120.0.6167.80/.86 for Windows. A malicious cyber actor can exploit one of these vulnerabilities, allowing for arbitrary code execution.

Review the Google security bulletins and apply the necessary updates.

Apple Releases Security Updates for Multiple Products. [Published Date: 2024-01-23]

Apple has released security updates to address vulnerabilities within Safari, iOS, and iPadOS. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.

Review the following advisories and apply the necessary updates:

• Safari 17.3
• iOS 16.7.5 and iPadOS 16.7.5
• iOS 17.3 and iPadOS 17.3

Drupal Releases Security Advisory for Drupal Core. [Published Date: 2024-01-18]

Drupal released a security advisory to address a vulnerability affecting multiple Drupal core versions. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition.

Review Drupal security advisory SA-CORE-2024-001 for more information and apply the necessary update.

Citrix Releases Security Updates for NetScaler ADC and NetScaler Gateway. [Published Date: 2024-01-16]

Citrix released security updates to address vulnerabilities (CVE-2023-6548 and CVE-2023-6549) in NetScaler ADC and NetScaler Gateway. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.

Review the Citrix CTX584986 Security Bulletin and apply the necessary updates.

Oracle Critical Patches Issued January 2024. [Published Date: 2024-01-17]

Oracle has released its Critical Patch Update for January 2024 to address vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities, allowing remote code execution and malicious activities.

Review the Oracle January 2024 Critical Patch Update and apply the necessary updates.

Atlassian released advisory for Confluence Data Center and Server. [Published Date: 2024-01-17]

Atlassian released a security advisory to address a vulnerability (CVE-2023-22527) in the Confluence Data Center and Server. A cyber threat actor could exploit this vulnerability to allow remote code execution of an affected system.

Review the Atlassian Security Advisory and apply the necessary update.

VMware Releases Security Advisory for Aria Operations. [Published Date: 2024-01-17]

VMware released a security advisory to address a vulnerability (CVE-2023-34063) in Aria Operations. A cyber threat actor could exploit this vulnerability to take control of an affected system.

Review VMware Security Advisory VMSA-2024-0001 and apply the necessary update.

CISA and FBI Release Known IOCs Associated with Androxgh0st Malware. [Published Date: 2024-01-16]

CISA (Cybersecurity and Infrastructure Security Agency) and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), Known Indicators of Compromise Associated with Androxgh0st Malware, to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with threat actors deploying Androxgh0st malware.

Androxgh0st malware establishes a botnet for victim identification and exploitation in vulnerable networks and targets files that contain confidential information, such as credentials, for various high-profile applications. Threat actors deploying Androxgh0st malware have been observed exploiting specific vulnerabilities that could lead to remote code execution, including:

• CVE-2017-9841 (PHP Unit Command)
• CVE-2021-41773 (Apache HTTP Server versions), and
• CVE-2018-15133n (Laravel applications).

Cisco Releases Security Advisory for Cisco Unity Connection. [Published Date: 2024-01-11]

Cisco released a security advisory to address a vulnerability (CVE-2024-20272) in Cisco Unity Connection. A cyber threat actor could exploit this vulnerability to take control of an affected system.

Review the Cisco Unity Connection Unauthenticated Arbitrary File Upload Vulnerability advisory and apply the necessary updates.

Juniper Networks Releases Security Bulletin for Junos OS and Junos OS Evolved. [Published Date: 2024-01-10]

Juniper Networks has released a security advisory to address a vulnerability (CVE-2024-21611) in Junos OS and Junos OS Evolved. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition.

Review the Juniper Advisory JSA75752 and apply the necessary updates.

Fortinet Releases Security Updates for FortiOS and FortiProxy. [Published Date: 2024-01-09]

Fortinet has released a security update to address a vulnerability in FortiOS and FortiProxy software. A cyber threat actor could exploit this vulnerability to take control of an affected system.

Review the FG-IR-23-315 FortiOS & FortiProxy-Improper authorization for HA requests security bulletin and apply necessary updates.

Microsoft Releases Security Updates for Multiple Products. [Published Date: 2024-01-09]

Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

Review Microsoft’s January Security Update Guide and apply the necessary updates.

IBM Releases Security Advisory for DB2 for Windows Addressing vulnerability. [Published Date: 2024-01-08]

IBM Issued critical patches to address the vulnerability of DB2. A remote attacker could exploit that vulnerability, allowing a privilege escalation to SYSTEM users via MSI repair functionality on Windows.

Review the IBM DB2 vulnerability and apply the necessary updates or workarounds.

F5 Releases Security Advisories Addressing Multiple Vulnerabilities. [Published Date: 2024-01-02]

F5 has released security advisories on vulnerabilities (CVE-2022-28733, CVE-2022-40735, CVE-2002-20001, and CVE-2020-5884) affecting multiple products, including BIG-IP, LTM, and ASM. By exploiting those vulnerabilities, an attacker's CPU usage and ability to read and modify data in transit trigger an integer value underflow in grub code in the affected system.

Review the F5 vulnerabilities CVE-2022-28733, CVE-2022-40735, CVE-2002-20001, and CVE-2020-5884 and apply the necessary updates or workarounds.

Juniper Releases Security Advisory for Juniper Secure Analytics. [Published Date: 2024-01-02]

Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure Analytics. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.

Review the Juniper advisory JSA75636 and apply the necessary updates.

Mozilla Releases Security Updates for Firefox and Thunderbird. [Published Date: 2023-12-20]

Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

Review the following advisories and apply the necessary updates:

• Firefox 121
• Thunderbird 115.6
• Firefox ESR 115.6

Apple Releases Security Updates for Multiple Products. [Published Date: 2023-12-20]

Apple has released security updates to address vulnerabilities in Safari, iOS, iPadOS, and macOS Sonoma. A cyber threat actor could exploit one of these vulnerabilities to obtain sensitive information.

Review Apple security releases and apply necessary updates.

CISA and FBI Release Advisory on ALPHV Blackcat Affiliates. [Published Date: 2023-12-19]

CISA (Cybersecurity and Infrastructure Security Agency) and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), ALPHV Blackcat, to disseminate known ALPHV Blackcat affiliates' tactics, techniques and procedures (TTPs) and indicators of compromise (IOCs) identified through FBI investigations as recently as Dec. 6, 2023. The advisory also provides updates to the FBI FLASH BlackCat/ALPHV Ransomware Indicators of Compromise, released on April 19, 2022.

ALPHV Blackcat affiliates have extensive networks and experience with ransomware and data extortion operations. FBI investigations, as of September 2023, place the number of compromised entities at over 1000-over half of which are in the United States and approximately 250 outside the United States.

Review and implement the mitigations provided in the joint CSA to reduce the likelihood and impact of ALPHV Blackcat ransomware and data extortion incidents.

IBM QRadar SIEM (Linux OS based) contains multiple vulnerabilities. [Published Date: 2023-12-19]

IBM has released security updates to address vulnerabilities in the Linux Operating System IBM QRadar SIEM. A cyber threat actor could exploit the vulnerable components (e.g., framework libraries), which could affect the system.

Review IBM's Security Update and apply the necessary updates.

FBI, CISA, and ASD’s ACSC Release Advisory on Play Ransomware. [Published Date: 2023-12-18]

Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) released a joint Cybersecurity Advisory (CSA), Play Ransomware , to disseminate Play ransomware group’s tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) identified through FBI investigations as recently as October 2023.

Play ransomware actors employ a double-extortion model, encrypting systems after exfiltrating data, and have impacted a wide range of businesses and critical infrastructure organizations in North America, South America, Europe, and Australia.

Review and implement the recommendations provided in the joint CSA to reduce the likelihood and impact of Play and other ransomware incidents.

F5 BIG-IP release update for Configuration utility and inconsistent Interpretation of HTTP Requests vulnerability. [Published Date: 2023-12-18]

F5 has released security updates to address BIG-IP Configuration utility unauthenticated remote code execution and inconsistent Interpretation of HTTP Requests vulnerability. Exploiting those critical vulnerability (CVE-2023-46748, CVE-2023-46747 and CVE-2022-36760) attacker may allow unauthenticated remote code execution and Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling').

Review BIG-IP the Configuration utility and inconsistent Interpretation of HTTP Requests updates or apply the necessary mitigations.

Sophos has released security updates for Sophos Firewall. [Published Date: 2023-12-11]

Sophos has released security updates to address vulnerabilities in Sophos Firewall. A cyber threat actor could exploit that vulnerability, allowing remote code execution in the User Portal and Webadmin of Sophos Firewall.

Review Sophos's Security Update and apply the necessary updates.

FortiGuard Releases Security Updates for Multiple Products. [Published Date: 2023-12-14]

FortiGuard has released security updates to address vulnerabilities in multiple FortiGuard products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

Review the following advisories and apply necessary updates:

• FG-IR-23-196: Double free in cache management
• FG-IR-22-038: FortiMail, FortiNDR, FortiRecorder, FortiSwitch, FortiVoice �" Cross-site scripting forgery (CSRF) in HTTPd CLI console
• FG-IR-23-138: FortiOS, FortiProxy �" Format String Bug in HTTPSd

The Apache Software Foundation Updates Struts 2. [Published Date: 2023-12-09]

The Apache Software Foundation has released security updates to address a vulnerability (CVE-2023-50164) in Struts 2. A remote attacker could exploit this vulnerability to take control of an affected system.

Review the Apache Security Bulletin and upgrade to Struts 2.5.33 or 6.3.0.2 or greater.

Adobe Releases Security Updates for Multiple Products. [Published Date: 2023-12-12]

Adobe has released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

Review the following Adobe Security Bulletins and apply the necessary updates:

• Adobe Prelude
• Adobe Illustrator
• Adobe InDesign
• Adobe Dimension
• Adobe Experience Manager
• Adobe Substance3D Stager
• Adobe Substance3D Sampler
• Adobe Substance3D After Effects
• Adobe Substance3D Designer

Microsoft Releases Security Updates for Multiple Products. [Published Date: 2023-12-12]

Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Review Microsoft’s December Security Update Guide and apply the necessary updates.

Apple Releases Security Updates for Multiple Products. [Published Date: 2023-12-11]

Apple has released security updates to address vulnerabilities within Safari, macOS Sonoma, macOS Monterey, macOS Ventura, iOS, iPadOS, watchOS, and tvOS 17.2. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.

Review the following advisories and apply the necessary updates:

• Safari 17.2
• macOS Sonoma 14.2
• macOSMonterey 12.7.2
• macOS Ventura 13.6.3
• iOS 16.7.3 and iPadOS 16.7.3
• iOS 17.2 and iPadOS 17.2
• watchOS 10.2
• tvOS 17.2

Google Updates Chrome to Fix Zero-day. [Published Date: 2023-11-28]

Google has released security updates to address multiple vulnerabilities affecting Chrome versions 119.0.6045.199 for Mac and Linux and Mac and prior to 119.0.6045.199/.200 for Windows. A malicious cyber actor can exploit one of these vulnerabilities, allowing for arbitrary code execution.

Review the Google security bulletins  and apply the necessary updates.

Apple Releases Security Updates for Multiple Products. [Published Date: 2023-12-01]

Apple has released security updates to address vulnerabilities within Safari, macOS Sonoma, iOS, and iPadOS. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.

Review the following advisories and apply necessary updates:

• Safari 17.1.2
• macOS Sonoma 14.1.2
• iOS 17.1.2 and iPad 17.1.2

RedHat Linux published a security update for Squid. [Published Date: 2023-11-23]

RedHat Linux published a security update for vulnerability (CVE-2023-5824) for Squid. Exploiting the vulnerability, an attacker can access those systems and cause a denial-of-service (DoS).

Review the advisory for Squid and apply the necessary updates.

Adobe Releases Security Updates for ColdFusion [Published Date: 2023-11-23]

Adobe released security updates addressing vulnerabilities affecting unpatched ColdFusion software. Exploitation of some of these vulnerabilities may allow a malicious cyber actor to take control of an affected system.

Review Adobe ColdFusion security bulletin APSB23-52 for more information and to:

• Apply the recommended updates in APSB23-52.
• Follow Adobe recommendations on ColdFusion hardening.
   
  • ColdFusion 2023 Lockdown Guide
  • ColdFusion 2021 Lockdown Guide
• Consider adding a web application firewall (WAF) filter for CFIDE for external users.

Mozilla Releases Security Updates for Firefox and Thunderbird. [Published Date: 2023-11-21]

Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

Review the following advisories and apply the necessary updates:
Firefox iOS 120
Firefox 120
Firefox ESR 115.5
Thunderbird 115.5.0

CISA, FBI, MS-ISAC, and ASD’s ACSC Release Advisory on LockBit Affiliates Exploiting Citrix Bleed [Published Date: 2023-11-21]

The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Multi-State Information Sharing & Analysis Center (MS-ISAC), and Australian Signals Directorate’s Australian Cyber Security Center (ASD’s ACSC) released a joint Cybersecurity Advisory (CSA), LockBit Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability (along with an accompanying analysis report MAR-10478915-1.v1 Citrix Bleed), in response to LockBit 3.0 ransomware affiliates and multiple threat actor groups exploiting CVE-2023-4966. Labeled Citrix Bleed, the vulnerability affects Citrix’s NetScaler web application delivery control (ADC) and NetScaler Gateway appliances.
LockBit affiliates have conducted attacks against organizations of varying sizes across multiple critical infrastructure sectors�"including education, energy, financial services, food and agriculture, government and emergency services, healthcare, manufacturing, and transportation.
The joint CSA provides tactics, techniques, and procedures (TTPs), as well as indicators of compromise (IOCs).

Citrix Releases Security Updates for Citrix Hypervisor. [Published Date: 2023-11-16]

Citrix has released security updates addressing vulnerabilities in Citrix Hypervisor 8.2 CU1 LTSR. A cyber threat actor could exploit these vulnerabilities to take control of an affected system.
Review Citrix Hypervisor Security Bulletin for CVE-2023-23583 and CVE-2023-46835 and apply the necessary updates.

FBI and CISA Release Advisory on Scattered Spider Group. [Published Date: 2023-11-16]

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released a joint Cybersecurity Advisory (CSA) on Scattered Spider�"a cybercriminal group targeting commercial facilities sectors and subsectors. The advisory provides tactics, techniques, and procedures (TTPs) obtained through FBI investigations as recently as November 2023.
Scattered Spider threat actors typically engage in data theft for extortion using multiple social engineering techniques and have recently leveraged BlackCat/ALPHV ransomware alongside their usual TTPs.
FBI and CISA encourage network defenders and critical infrastructure organizations to review the joint CSA for recommended mitigations to reduce the likelihood and impact of a cyberattack by Scattered Spider actors.

Juniper Releases Security Advisory for Juniper Secure Analytics. [Published Date: 2023-11-17]

Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure Analytics. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.
Review the Juniper advisory JSA74298 and apply the necessary updates.

CISA, FBI, and MS-ISAC Release Advisory on Rhysida Ransomware. [Published Date: 2023-11-15]

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), Rhysida Ransomware, to disseminate known Rhysida ransomware indicators of compromise (IOCs), detection methods, and tactics, techniques, and procedures (TTPs) identified through investigations as recently as September 2023.
Observed as a ransomware-as-a-service (RaaS) model, Rhysida actors have compromised organizations in education, manufacturing, information technology, and government sectors and any ransom paid is split between the group and affiliates. Rhysida actors leverage external-facing remote services, such as virtual private networks (VPNs), Zerologon vulnerability (CVE-2020-1472), and phishing campaigns to gain initial access and persistence within a network.
Review the joint CSA for recommended mitigations to reduce the likelihood and impact of Rhysida and other ransomware incidents.

Multiple Vulnerabilities in Google Chrome. [Published Date: 2023-11-14]

Google has released security updates to address multiple vulnerabilities affecting Chrome versions 119.0.6045.159 for Mac and Linux and Mac and prior to 119.0.6045.159/.160 for Windows. A malicious cyber actor can exploit one of these vulnerabilities, allowing for arbitrary code execution.
Review the Google security bulletins and apply the necessary updates.

Adobe Releases Security Updates for Multiple Products. [Published Date: 2023-11-14]

Adobe has released security updates to address vulnerabilities affecting multiple Adobe products. A cyber threat actor could exploit some of these vulnerabilities to take control of the affected system.
Review the following advisories and apply the necessary updates.

• APSB23-52: Adobe ColdFusion
• APSB23-53: Adobe RoboHelp Server
• APSB23-54: Adobe Acrobat and Reader
• APSB23-55: Adobe InDesign
• APSB23-56: Adobe Photoshop
• APSB23-57: Adobe Bridge
• APSB23-58: Adobe FrameMaker Publishing Server
• APSB23-60: Adobe InCopy
• APSB23-61: Adobe Animate
• APSB23-62: Adobe Dimension
• APSB23-63: Adobe Media Encoder
• APSB23-64: Adobe Audition
• APSB23-65: Adobe Premiere Pro
• APSB23-66: Adobe After Effects

Microsoft Releases October 2023 Security Updates. [Published Date: 2023-11-14]

Microsoft has released updates addressing multiple vulnerabilities in Microsoft software. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system.
Review Microsoft’s November 2023 Security Update Guide and apply the necessary updates.

Fortinet Releases Security Updates for FortiClient and FortiGate. [Published Date: 2023-11-14]

Fortinet has released security advisories addressing vulnerabilities in FortiClient and FortiGate. Cyber threat actors may exploit some of these vulnerabilities to take control of an affected system.
Review the following Fortinet security advisories and apply the recommended updates:

• FG-IR-22-299: FortiClient (Windows) - Arbitrary file deletion from unprivileged users
• FG-IR-23-274: FortiClient (Windows) - DLL Hijacking via openssl.cnf
• FG-IR-23-385: curl and libcurl CVE-2023-38545 and CVE-2023-38546 vulnerabilities

VMware Releases Security Update for Cloud Director Appliance. [Published Date: 2023-11-14]

VMware has released a security advisory addressing a vulnerability in VMWare Cloud Director Appliance. Cyber threat actors may exploit this vulnerability to take control of an affected system.
Review the following VMware security advisory and apply the recommended updates:

• VMSA-2023-0026: VMware Cloud Director Appliance contains an authentication bypass vulnerability (CVE-2023-34060)

CISA Releases Update to Royal Ransomware Advisory. [Published Date: 2023-11-13]

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released an update to joint Cybersecurity Advisory (CSA) Royal Ransomware. The updated advisory provides network defenders with additional information on tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Royal ransomware variants. FBI investigations identified these TTPs and IOCs as recently as June 2023.
Royal ransomware attacks have spread across numerous critical infrastructure sectors, including, but not limited to, manufacturing, communications, healthcare and public healthcare (HPH), and education.
Review the updated CSA advisory and apply the included mitigations.

RedHat Linux published a security update for Squid and Squid34. [Published Date: 2023-11-13]

RedHat Linux published a security update for vulnerability (CVE-2023-46847) for Squid and Squid34. Exploiting the vulnerability, an attacker can access those systems and cause a denial-of-service (DoS).
Review the advisory for Squid and Squid34 and apply the necessary updates.

A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution. [Published Date: 2023-11-13]

Google has released security updates to address a vulnerability affecting Chrome versions prior to 119.0.6045.123 for Mac and Linux and to 119.0.6045.123/.124 for Windows. A malicious cyber actor can exploit the vulnerabilities, allowing for arbitrary code execution.
Review the Google security bulletins and apply the necessary updates.

Vulnerability in IBM Java SDK and IBM Java Runtime affects IBM Db2. [Published Date: 2023-11-03]

IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations.
Review the IBM security advisory and apply the necessary updates or mitigations.

Cisco released security advisories for vulnerabilities affecting multiple Cisco products [Published Date: 2023-11-05]

Cisco released security advisories for vulnerabilities affecting multiple Cisco products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

Review the following advisories and apply the necessary updates:

• Cisco Firepower Management Center Software Command Injection Vulnerability
• Cisco Identity Services Engine Command Injection Vulnerabilities
• Cisco Identity Services Engine Vulnerabilities
• Cisco Firepower Threat Defense Software for Cisco Firepower 2100 Series Firewalls Inspection Rules Denial of Service Vulnerability
• Cisco Firepower Threat Defense Software ICMPv6 with Snort 2 Denial of Service Vulnerability
• Cisco Firepower Threat Defense Software and Firepower Management Center Software Code Injection Vulnerability
• Cisco Firepower Management Center Software Log API Denial of Service Vulnerability
• Cisco Firepower Management Center Software Command Injection Vulnerabilities
• Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access VPN Denial of Service Vulnerability
• Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software ICMPv6 Message Processing Denial of Service Vulnerability.

Atlassian released a security advisory to address a vulneribility  affecting Confluence Data Center and Server [Published Date: 2023-11-05]

Atlassian released a security advisory to address a�vulnerability�affecting Confluence Data Center and Server. A cyber actor could exploit this vulnerability to obtain sensitive information.

Review Improper Authorization Vulnerability In Confluence Data Center and Server and apply the necessary updates or mitigations. 

Multiple Vulnerabilities in Google Chrome. [Published Date: 2023-10-31]

Google has released security updates to address multiple vulnerabilities affecting Chrome versions 119.0.6045.105 for Linux and Mac and 119.0.6045.105/.106 for Windows. A malicious cyber actor can exploit one of these vulnerabilities, allowing for arbitrary code execution.
Review the Google security bulletins and apply the necessary updates.

Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server. [Published Date: 2023-10-30]

IBM released a security advisory addressing multiple vulnerabilities (CVE-2023-39976, CVE-2023-40373, CVE-2023-40372, CVE-2023-30987, CVE-2023-38719, CVE-2023-38740, CVE-2023-30991, CVE-2023-38720, CVE-2023-33850, CVE-2023-40374, CVE-2023-38728, CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938, CVE-2023-2597) in Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server.
Review the IBM advisory and apply the necessary updates.

F5 BIG-IP Configuration utility unauthenticated remote code execution vulnerability. [Published Date: 2023-10-26]

F5 has released security updates to address BIG-IP Configuration utility unauthenticated remote code execution vulnerability. This critical vulnerability (CVE-2023-46747) may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. There is no data plane exposure; this is a control plane issue only.
Review BIG-IP Configuration Utility vulnerability for updates or apply the necessary mitigations.

F5 BIG-IP Configuration utility authenticated SQL injection vulnerability. [Published Date: 2023-10-27]

F5 has released security updates to address BIG-IP Configuration utility authenticated SQL injection vulnerability. This critical vulnerability (CVE-2023-46748) may allow an authenticated attacker with network access to the Configuration utility through the BIG-IP management port and/or self IP addresses to execute arbitrary system commands. There is no data plane exposure; this is a control plane issue only.
Review BIG-IP Configuration Utility vulnerability for updates or apply the necessary mitigations.

VMware Releases Advisory for VMware Tools Vulnerabilities. [Published Date: 2023-10-30]

VMware released a security advisory addressing multiple vulnerabilities (CVE-2023-34057, CVE-2023-34058) in VMware Tools. A cyber actor could exploit one of these vulnerabilities to take control of an affected system.
Review the VMware advisory VMSA-2023-0024 and apply the necessary updates.

BIG-IP Critical Configuration Utility vulnerability. [Published Date: 2023-10-26]

F5 has released security updates to address BIG-IP Configuration Utility vulnerability. This critical vulnerability (CVE-2023-46747) may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands.
Review BIG-IP Configuration Utility vulnerability for updates or apply the necessary mitigations.

Apple Releases Security Updates for iOS and iPadOS. [Published Date: 2023-10-25]

Multiple vulnerabilities have been discovered in the following Apple products
iOS 16.7.2,
iOS 17.1,
macOS Monterey 12.7.1,
macOS Sonoma 14.1,
macOS Ventura 13.6.1,
Safari 17.1,
tvOS 17.1,
watchOS 10.1,
iOS 15.8 and
iPadOS 15.8.
Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user.
Review the advisory and apply the necessary updates: iOS 16.7.2, iOS 17.1, macOS Monterey 12.7.1, macOS Sonoma 14.1, macOS Ventura 13.6.1, Safari 17.1, tvOS 17.1, watchOS 10.1, iOS 15.8 and iPadOS 15.8.

Critical VMware vCenter Server and Cloud Foundation. [Published Date: 2023-10-25]

VMware has released security updates to address vulnerabilities CVE-2023-34048 and CVE-2023-34056 in VMware vCenter Server (vCenter Server) and VMware Cloud Foundation (Cloud Foundation). A malicious actor with network access to vCenter Server may trigger an out-of-bounds write, potentially leading to remote code execution.

Review VMware Security Advisories for updates or apply the necessary mitigations.

Multiple Vulnerabilities in Mozilla Products. [Published Date: 2023-10-24]

Mozilla has released security updates to address a vulnerability affecting Firefox, Firefox ESR, and Mozilla Thunderbird is an email client. A cyber threat actor could exploit this vulnerability for Arbitrary Code Execution.
Review Mozilla's security advisory (MFSA 2023-48, MFSA 2023-47, MFSA 2023-46, MFSA 2023-45) and apply necessary updates.

Jira Service Management Server and Data Center patch. [Published Date: 2023-10-17]

Certain versions of Jira Service Management Server & Data Center were affected by CVE-2019-13990. The affected versions contained vulnerable versions of Terracotta Quartz Scheduler which allowed authenticated attackers to initiate an XML External Entity injection attack using job descriptions.
Review the Jira Service Management Server & Data Center Patch Update and apply the necessary updates.

Oracle Critical Patches Issued October 2023. [Published Date: 2023-10-17]

Oracle Critical Patches Issued to address vulnerabilities across multiple products, including MySQL Server, Oracle Database Server, Oracle Enterprize Manager, Web Logic Server, etc. A remote attacker could exploit some of these vulnerabilities, allowing remote code execution.
Review the Oracle October 2023 Critical Patch Update and apply the necessary updates.

Cisco Releases Security Advisory for IOS XE Software Web UI. [Published Date: 2023-10-16]

Cisco released a security advisory to address a vulnerability (CVE-2023-20198) affecting IOS XE Software Web UI. A cyber threat actor can exploit this vulnerability to take control of an affected device.

Review the Cisco security advisory, apply the necessary recommendations, hunt for any malicious activity, and apply patches when made available.

CISA, FBI, and MS-ISAC Release Joint Advisory on Atlassian Confluence Vulnerability CVE-2023-22515. [Published Date: 2023-10-17]

USA CISA (Cybersecurity and Infrastructure Security Agency), the Federal Bureau of Investigation (FBI), and the USA Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA) in response to the active exploitation of CVE-2023-22515. This critical vulnerability affects certain versions of the Atlassian Confluence Data Center and Server, enabling malicious threat actors to obtain initial access to Confluence instances by creating unauthorized Confluence administrator accounts.

The advisory strongly encourages upgrading to a fixed version or taking servers offline to apply necessary updates. For upgrade instructions, a complete list of affected product versions, and indicators of compromise, see Atlassian’s security advisory

Fortinet Releases Security Updates for Multiple Products. [Published Date: 2023-10-10]

Fortinet has released security advisories addressing vulnerabilities in multiple products. These vulnerabilities may allow cyber threat actors to take control of the affected systems.

Review the following Fortinet security advisories and apply the recommended updates:

• FG-IR-23-189: FortiManager, FortiAnalyzer -" Path traversal via unrestricted file upload
• FG-IR-23-062: FortiManager -" Improper inter ADOM access control
• FG-IR-23-167: FortiManager, FortiAnalyzer -" OS command injection
• FG-IR-22-352: FortiManager, FortiAnalyzer, FortiADC -" Command injection due to an unsafe usage of function
• FG-IR-23-318: FortiOS-" Improper authorization via prof-admin profile
• FG-IR-23-085: FortiSIEM - Multiple path traversal vulnerabilities

Multiple Vulnerabilities in Google Chrome. [Published Date: 2023-10-10]

Google has released security updates to address vulnerabilities affecting  Chrome versions prior to118.0.5993.70 for Mac and Linux and 118.0.5993.70/.71 for Windows. A malicious cyber actor can exploit one of these vulnerabilities to take control of an affected system.

Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code. [Published Date: 2023-10-10]

Adobe has released security updates to address vulnerabilities affecting multiple products. A malicious cyber actor can exploit one of these vulnerabilities and can run arbitrary code execution.
Review the following Adobe security bulletins and apply the necessary updates:

• Adobe Bridge is a free digital asset management app.
• Adobe Commerce is an ecommerce platform.
• Adobe Photoshop is a raster graphics editor.

Microsoft Releases October 2023 Security Updates. [Published Date: 2023-10-10]

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system. Review Microsoft’s October 2023 Security Update Guide and apply the necessary updates.

HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487. [Published Date: 2023-10-11]

Researchers and vendors have disclosed a denial-of-service (DoS) vulnerability in HTTP/2 protocol. The vulnerability (CVE-2023-44487), known as Rapid Reset, has been exploited in the wild in August 2023 through October 2023. Organizations that provide HTTP/2 services apply patches when available and consider configuration changes and other mitigations discussed in the references below. For more information on Rapid Reset, see:

• Cloudflare: HTTP/2 Rapid Reset: deconstructing the record-breaking attack
• Google: How it works: The novel HTTP/2 ‘Rapid Reset’ DDoS attack
• AWS: CVE-2023-44487 - HTTP/2 Rapid Reset Attack
• NGINX: HTTP/2 Rapid Reset Attack Impacting NGINX Products

Citrix Releases Security Updates for Multiple Products. [Published Date: 2023-10-10]

Citrix has released security updates to address vulnerabilities affecting multiple products. A malicious cyber actor can exploit one of these vulnerabilities take control of an affected system. Review the following Citrix security bulletins and apply the necessary updates:

• NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-4966 and CVE-2023-4967
• Citrix Hypervisor Multiple Security Updates

Apple Releases Security Updates for iOS and iPadOS. [Published Date: 2023-10-06]

Apple has released security updates to address vulnerabilities in iOS and iPadOS. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. Review the following advisory and apply the necessary updates: iOS 17.0.3 and iPadOS 17.0.3.

Atlassian Releases Security Advisory for Confluence Data Center and Server. [Published Date: 2023-10-05]

Atlassian released a security advisory to address a vulnerability affecting Confluence Data Center and Confluence Server. A remote cyber threat actor could exploit this vulnerability to take control of an affected system. Review the following advisory and apply the necessary updates: CVE-2023-22515 - Privilege Escalation Vulnerability in Confluence Data Center and Server.

NSA and CISA Release Advisory on Top Ten Cybersecurity Misconfigurations. [Published Date: 2023-10-08]

The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) released a joint cybersecurity advisory (CSA), NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations, which provides the most common cybersecurity misconfigurations in large organizations, and details the tactics, techniques, and procedures (TTPs) actors use to exploit these misconfigurations. The misconfigurations in the CSA illustrate a trend of systemic weaknesses in many large organizations, including those with mature cyber postures, and highlights the importance of software manufacturers embracing secure-by-design principles to reduce the burden on network defenders. Read the Executive Assistant Director at CISA's blog post on the "Urgency for Software Manufacturers to Incorporate Secure by Design Principles."

Cisco Releases Security Advisories for Multiple Products [Published Date: 2023-10-05]

Cisco released security advisories for vulnerabilities affecting multiple Cisco products. A remote cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. Review the following advisories and apply the necessary updates:

• Cisco Emergency Responder Static Credentials Vulnerability (cisco-sa-cer-priv-esc-B9t3hqk9)
• Multiple Cisco Unified Communications Products Unauthenticated API High CPU Utilization Denial of Service Vulnerability (cisco-sa-cucm-apidos-PGsDcdNF)

Critical Vulnerabilities in Progress WS_FTP Server Software. [Published Date: 2023-09-30]

Progress Software released an advisory announcing multiple vulnerabilities in its enterprise-grade WS_FTP Server secure file transfer software. Two vulnerabilities, identified by CVE-2023-40044 and CVE-2023-42657, are rated as critical (CVSS Max 10.0). These flaws expose systems to unauthenticated remote command execution and directory traversal attacks.

An update for the nodejs:16 for Red Hat [Published Date: 2023-09-29]

An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.6 and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important (CVSS Max 9.8). This update fixes CVE-2023-32559, CVE-2023-32006, CVE-2023-32002, CVE-2022-25883.

An update for the nodejs:18 for Red Hat [Published Date: 2023-09-29]

An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8, and Red Hat Enterprise Linux 9,. Red Hat Product Security has rated this update as having a security impact of Important (CVSS Max 9.8),. This update fixes CVE-2023-32559,, CVE-2023-32006,, CVE-2023-32002,, CVE-2022-25883,.

An update for Red Hat Data Grid 8 is now available

An update for Red Hat Data Grid 8 is now available. It affected Red Hat JBoss Data Grid Text-Only. Red Hat Product Security has rated this update as having a security impact of Moderate (CVSS Max 9.8). This update fixes CVE-2023-35887, CVE-2023-35116, CVE-2023-34462, CVE-2023-5236, CVE-2023-3629, CVE-2023-3628, CVE-2022-45047.

Cisco Releases Security Advisories for Multiple Products [Published Date: 2023-09-28]

Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A remote cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

• Cisco Catalyst SD-WAN Manager Vulnerabilities cisco-sa-sdwan-vman-sc-LRLfu2z
• Cisco IOS XE Software Web UI Command Injection Vulnerability cisco-sa-webui-cmdij-FzZAeXAy
• Cisco IOS XE Software for ASR 1000 Series Aggregation Services Routers IPv6 Multicast Denial of Service Vulnerability cisco-sa-mlre-H93FswRz
• Cisco IOS XE Software Layer 2 Tunneling Protocol Denial of Service Vulnerability cisco-sa-ios-xe-l2tp-dos-eB5tuFmV
• Cisco DNA Center API Insufficient Access Control Vulnerability cisco-sa-dnac-ins-acc-con-nHAVDRBZ
• Cisco IOS XE Software for Catalyst 3650 and Catalyst 3850 Series Switches Denial of Service Vulnerability cisco-sa-cat3k-dos-ZZA4Gb3r
• Cisco IOS XE Software Application Quality of Experience and Unified Threat Defense Denial of Service Vulnerability cisco-sa-appqoe-utd-dos-p8O57p5y
• Cisco IOS and IOS XE Software Command Authorization Bypass Vulnerability cisco-sa-aaascp-Tyj4fEJm

Mozilla Releases Security Updates for Multiple Products [Published Date: 2023-09-29]

Mozilla has released security updates to address a vulnerability affecting Firefox, Firefox ESR, Firefox Focus for Android, and Firefox for Android. A cyber threat actor can exploit this vulnerability to take control of an affected system.

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution [Published Date: 2023-09-27]

Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. By exploiting those vulnerabilities, an attacker could install programs, view, change, delete data, or create new accounts with full user rights.

Multiple Vulnerabilities in Cisco Catalyst SD-WAN Manager Could Allow for Unauthorized Access [Published Date: 2023-09-27]

Multiple vulnerabilities have been discovered in Cisco Catalyst SD-WAN Manager 20.3 - 20.12, the most severe of which could allow for unauthorized access to the targeted host. Exploiting the most severe of these vulnerabilities could allow for unauthorized access. An attacker could install programs, view, change, delete data or create new accounts with full user rights.

Mozilla Releases Security Advisories for Thunderbird and Firefox [Published Date: 2023-09-27]

Mozilla has released security updates to address vulnerabilities for Thunderbird 115.3, Firefox ESR 115.3, and Firefox 118. A cyber threat actor could exploit these vulnerabilities to take control of an affected system.

Multiple Junos OS Vulnerabilities [Published Date: 2023-09-19]

Juniper Networks has released fixes to address several vulnerabilities. These vulnerabilities could potentially be chained together to allow unauthorized remote code execution (RCE) on SRX and EX series devices. Also, a VulnCheck vulnerability researcher released another PoC exploit that only utilizes one of the vulnerabilities, bypassing the need to upload files while still achieving remote code execution.

GitLab Issues Updates for Critical Flaw [Published: September 18, 19, and 20, 2023]

GitLab versions 13.12 before 16.2.7 and 16.3 before 16.3.4 are vulnerable if you have both direct transfers and security policies enabled. While this can be mitigated by turning one of those features off, the better fix is to update to a more current version.

Apple Releases Security Updates for Multiple Products [Publish Date: 22-09-2023]

Apple has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected device.

• iOS 17.0.1 and iPadOS 17.0.1
• iOS 16.7 and iPadOS 16.7
• watchOS 10.0.1
• watchOS 9.6.3
• Safari 16.6.1
• macOS Ventura 13.6
• macOS Monterey 12.7

Atlassian Releases September Security Bulletin

Atlassian has released its security bulletin for September 2023 to address vulnerabilities in multiple products. A malicious cyber actor could exploit some of these vulnerabilities to take control of an affected system.

Drupal Releases Security Advisory to Address Vulnerability in Drupal Core

Drupal has released a security advisory to address a vulnerability affecting multiple Drupal versions. A malicious cyber actor could exploit this vulnerability to take control of an affected system.

ISC Releases Security Advisories for BIND 9

The Internet Systems Consortium (ISC) has released security advisories to address vulnerabilities affecting ISC’s Berkeley Internet Name Domain (BIND) 9. A malicious cyber actor could exploit these vulnerabilities to cause denial-of-service conditions.

• CVE-2023-4236: named may terminate unexpectedly under high DNS-over-TLS query load
• CVE-2023-3341: A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly

3rd Party AV Uninstaller Module for Trend Micro Apex One and Worry-Free Business Security Arbitrary Code Execution Vulnerability

Trend Micro has released new patches and hotfixes for Trend Micro Apex One (on-premise and SaaS), Worry-Free Business Security and Worry-Free Business Security Services (SaaS) that resolves a vulnerability in the 3rd party AV uninstaller module that is provided with the endpoint products. Trend Micro said that a successful exploitation of the flaw could allow an attacker to manipulate the component to execute arbitrary commands on an affected installation. However, it requires that the adversary already has administrative console access on the target system. Trend Micro has observed at least one active attempt of potential attacks against this vulnerability in the wild (ITW). Customers are strongly encouraged to update to the latest versions as soon as possible.

Palo Alto Networks has released a security update to address a vulnerability in PAN-OS

Palo Alto Networks has released a security update to address a vulnerability in PAN-OS BGP software such as FRRouting FRR included as part of the PAN-OS virtual routing feature enables a remote attacker to reset network sessions through an invalid BGP update incorrectly. This issue is applicable only to firewalls configured with virtual routers that have BGP enabled.

Fortinet Releases Security Updates for Multiple Products [For website]

Fortinet has released security updates to address vulnerabilities (CVE-2023-29183 and CVE-2023-34984) affecting FortiOS, FortiProxy, and FortiWeb. A cyber threat actor can exploit one of these vulnerabilities to take control of an affected system.

• FG-IR-23-106
• FG-IR-23-068

Google Releases Security Updates for Google Chrome

Google has released security updates to address a vulnerability affecting Google Chrome. A cyber threat actor can exploit the vulnerability, allowing for arbitrary code execution.

Mozilla Releases Security Updates for Multiple Products

Mozilla has released security updates to address a vulnerability affecting Firefox, Firefox ESR, and Thunderbird. A cyber threat actor can exploit this vulnerability to take control of an affected system.

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities (CVSS 5.4 to 7.6 (Max)) affecting Adobe software (including Adobe Acrobat and Reader). A cyber threat actor can exploit one of these vulnerabilities to take control of an affected system:

• Adobe Connect: APSB23-33
• Adobe Acrobat and Reader: APSB23-34
• Adobe Experience Manager: APSB23-43

Apple Releases Security Updates for iOS and macOS

Apple has released security updates to address a vulnerability in multiple products. A cyber threat actor could exploit this vulnerability to take control of an affected device:

• iOS 15.7.9 and iPadOS 15.7.9
• macOS Monterey 12.6.9
• macOS Big Sur 11.7.10

Microsoft Releases September 2023 Updates

Microsoft has released updates to address multiple vulnerabilities (including Microsoft Exchange Server 2016, Microsoft System Center, .NET Framework, Microsoft Office, Windows DHCP Server, Windows TCP/IP, etc.) in Microsoft software. A cyber threat actor can exploit some of these vulnerabilities (*CVSS 5.5 to 8.8) to take control of an affected system.

Update Situational Alert on Cyber Threats [Published on 08 August, 2023]

This report serves as an update to the ‘SITUATIONAL ALERT ON CYBER THREATS’ issued on 4th August. It provides an Indicator of Compromise (IOC) list which organizations may use for their preventive security measures...

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address multiple vulnerabilities in Adobe software. An attacker can exploit some of these vulnerabilities to take control of an affected system:

• Adobe Acrobat and Reader: APSB23-30
• Adobe Commerce: APSB23-42
• Adobe Dimension: APSB23-44
• Adobe XMP Toolkit SDK: APSB23-45

Fortinet Releases Security Update for FortiOS

Fortinet has released a security update to address a vulnerability (CVE-2023-29182) affecting FortiOS. A remote attacker can exploit this vulnerability to take control of an affected system.

Microsoft Releases August 2023 Security Updates

Microsoft has released updates to address multiple vulnerabilities (*CVSS:4.5 to 9.8) with security updates for 87 flaws, including two actively exploited and twenty-three remote code execution vulnerabilities in Microsoft software (including Microsoft Exchange Server 2016, Microsoft Office, Microsoft Edge, SQL Server, Hyper-V, etc.). An attacker can exploit some of these vulnerabilities to take control of an affected system...

Situational Alert on Cyber Threats [Published on 04 August, 2023]

In a response to a declaration made by some religious and ideologically motivated underground hacker groups on 31st July to launch as they mentioned a storm of cyber-attacks against Bangladesh cyberspace on next 15th August, Bangladesh Government's Computer Incident Response Team (BGD e-GOV CIRT) is releasing this alert to warn critical information infrastructures (CII), banks and financial institutions, health care and all sorts of government and private organizations of the possible conducted cyber-attacks by the groups that may disrupt IT operations and businesses....

Regarding Strengthening Cyber Security of All Banks/FIs operating in Bangladesh

Considering the recent increase in cyber incidents, there is possibility of cyber attacks in any Banks/FIS operating in Bangladesh. It is important to take securiry measures to deal with any such cyber attack.

Security update for java-1.8.0-IBM is now available for RHEL 8.