Ivanti has released a security update to address an admin bypass vulnerability (CVE-2024-8963) affecting Ivanti Cloud Services Appliance (CSA) version 4.6.  A cyber threat actor could exploit this vulnerability in conjunction with CVE-2024-8190–detailed in a Sept. 13 Ivanti security advisory–to take control of an affected system. This vulnerability impacts all versions prior to patch 519.

The Federal Bureau of Investigation (FBI), Cyber National Mission Force (CNMF), and National Security Agency (NSA) assess that People’s Republic of China (PRC)-linked cyber actors have compromised thousands of Internet-connected devices, including small office/home office (SOHO) routers, firewalls, network-attached storage (NAS) and Internet of Things (IoT) devices with the goal of creating a network of compromised nodes (a “botnet”) positioned for malicious activity. The actors may then use the botnet as a proxy to conceal their identities while deploying distributed denial of service (DDoS) attacks or compromising targeted U.S. networks.

Joint advisory highlights the risk of malicious cyber actors exploiting internet-connected devices and gives mitigation advice.

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

Apple released security updates to address vulnerabilities in multiple Apple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. 

Today, CISA and FBI released a Secure by Design Alert, Eliminating Cross-Site Scripting Vulnerabilities, as a part of our ongoing effort to reduce the prevalence of vulnerability classes at scale. Vulnerabilities like cross-site scripting (XSS) continue to appear in software, enabling threat actors to exploit them. However, cross-site scripting vulnerabilities are preventable and should not be present in software products.

CISA released three Industrial Control Systems (ICS) advisories on September 17, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

View CSAF

Teams are encouraged to sign up for the CyberFirst Girls Competition 2024 / 25.

The NCSC and partners call out Russian GRU cyber actors Unit 29155 for campaign of malicious cyber activity since at least 2020.