An official website of the United States government Official websites use .gov A .gov website belongs to an official government organization in the United States. Secure .gov websites use HTTPS A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites. America's Cyber

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-4966 Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability  CVE-2021-1435 Cisco IOS XE Web UI Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view

Today, the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released an updated version of the joint #StopRansomware Guide. The update includes new prevention tips such as hardening SMB protocols, revised response steps, and added threat hunting

CISA released one Industrial Control Systems (ICS) advisory on October 19, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS.  ICSA-23-143-02 Hitachi Energy’s RTU500 Series Product (UPDATE B) CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations.