Search Results

The default setting for search results displays All Content. If you prefer to see recent content only, please adjust the date filter.

40655 Results Found

Public

Joint Cybersecurity Advisory TLP White APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus

This joint advisory is the result of analytic efforts between the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA).
Public

H-ISAC TLP White Vulnerability: Zoho Releases Security Advisory for ManageEngine Desktop Central and Desktop Central MSP

Zoho has released a security advisory to address an authentication bypass vulnerability (CVE-2021-40539) in ManageEngine Desktop Central and Desktop Central MSP.
Member

FBI Flash TLP Amber: Anatomy of Alien Mobile Malware Infection December 7, 2021

Mobile malware represents an increasing threat to the US financial services sector as more users shift toward mobile banking—accelerated as a result of the COVID-19 pandemic, and nearly universal smartphone usage with as many as 169 million mobile banking users in the US.
Member

HC3 TLP Green: Log4j Sector Alert: Active Exploitation of Log4j

A highly utilized application called Log4j contains a severe, known vulnerability that is being actively and aggressively attacked.
Public

H-ISAC TLP White: Update: Log4j Vulnerability Affects Multiple Apache and Legacy Services; Exploit Code Publicly Released

The Health-ISAC Threat Operations Center (TOC) has been closely tracking ongoing developments regarding the weaponization and mitigation of CVE-2021-44228 in the logging library known as Log4j.
Public

HC3 TLP White Alert: Hillrom Welch Allyn Cardiology Products Vulnerability (CVE-2021-43935) December 13, 2021

On December 9, 2021, the Cybersecurity and Infrastructure Security Agency (CISA) released an Industrial Controls Systems Medical Advisory (ICSMA) detailing a vulnerability in multiple Hillrom Welch Allyn cardiology products.
Public

H-ISAC TLP White: Kronos Private Cloud (KPC) Ransomware Incident Causes Downtime

On December 13, 2021, Kronos reported a ransomware event impacting Kronos Private Cloud (KPC) instances.
Public

H-ISAC TLP White: Log4j Vulnerability Affects Multiple Apache and Legacy Services; Exploit Code Publicly Released

Proof-of-concept exploit code for a critical zero-day vulnerability, designated CVE-2021-44228, in the Apache Log4j Java-based logging library has been released publicly, exposing enterprises and services to remote code execution (RCE) attacks by attackers.
Public

H-ISAC TLP White Hacking Healthcare - December 7, 2021

This week, Hacking Healthcare begins by examining the personal accountability aspects of Australia’s Critical Infrastructure Bill.
Public

H-ISAC TLP White Vulnerability Bulletin: Health-ISAC and Microsoft Patch Tuesday Podcast - December 2021

Health-ISAC and Microsoft have partnered together to deliver a new medium to discuss notable vulnerabil