View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: National Instruments Equipment: IO Trace Vulnerability: Stack-Based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to
Continue ReadingCategory: Dynamic Threat Feeds
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems (ICS) advisories on July 23, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-205-01 National Instruments IO Trace ICSA-24-205-02 Hitachi Energy AFS/AFR Series
Continue ReadingISC Stormcast For Tuesday, July 23rd, 2024 https://isc.sans.edu/podcastdetail/9064, (Tue, Jul 23rd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingCrowdStrike: The Monday After, (Mon, Jul 22nd)
Last Friday, after Crowdstrike released a bad sensor configuration update that caused widespread crashes of Windows systems. The most visible effects of these crashes appear to have been mitigated. I am sure many IT workers had
Continue ReadingISC Stormcast For Monday, July 22nd, 2024 https://isc.sans.edu/podcastdetail/9062, (Mon, Jul 22nd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingWidespread IT Outage Due to CrowdStrike Update
Note: CISA will update this Alert with more information as it becomes available. As of 1130am EDT July 19, 2024: CISA is aware of the widespread outage affecting Microsoft Windows hosts due to an issue with
Continue ReadingWidespread Windows Crashes Due to Crowdstrike Updates, (Fri, Jul 19th)
Last night, endpoint security company Crowdstrike released an update that is causing widespread "blue screens of death" (BSOD) on Windows systems. Crowdstrike released an advisory, which is only available after logging into the Crowdstrike support platform.
Continue ReadingISC Stormcast For Friday, July 19th, 2024 https://isc.sans.edu/podcastdetail/9060, (Fri, Jul 19th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingIvanti Releases Security Updates for Endpoint Manager
Ivanti released security updates to address vulnerabilities in Ivanti Endpoint Manager (EPM) and Ivanti Endpoint Manager for Mobile (EPMM). A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Continue ReadingCisco Releases Security Updates for Multiple Products
Cisco released security updates to address vulnerabilities in Cisco software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following
Continue Reading