Gov/ISAC Feeds
Multiple vulnerabilities have been discovered in Oracle products, the most severe of which could allow for remote code execution. – Read More – Cyber Security Advisories – MS-ISAC
Category: Gov/ISAC Feeds
Gov/ISAC Feeds
The NCSC co-signs Ministerial letter to major British businesses including FTSE 350 companies. – Read More – NCSC Feed
Gov/ISAC Feeds
A vulnerability has been discovered in Oracle E-Business Suite, which could allow for remote code execution. Oracle E-Business Suite (EBS) is a comprehensive suite of integrated business applications that runs core enterprise functions. Successful exploitation of this vulnerability could allow an actor to execute code in the context of the affected component. An attacker could … Read More “A Vulnerability in Oracle E-Business Suite Could Allow for Remote Code Execution – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe Connect is a software suite for online collaboration. Adobe Commerce is an enterprise-grade eCommerce platform that provides tools for creating and managing online stores for both B2B and B2C businesses. Magento Open Source is a … Read More “Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. *Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Mozilla Thunderbird is an email client. Mozilla Thunderbird … Read More “Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; … Read More “Critical Patches Issued for Microsoft Products, October 14, 2025 – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
Multiple vulnerabilities have been discovered in Ivanti products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution in the context of the system. Ivanti Endpoint Manager is a client-based unified endpoint management software. Ivanti Endpoint Manager Mobile (Ivanti … Read More “Multiple Vulnerabilities in Ivanti Products Could Allow for Remote Code Execution – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
Multiple vulnerabilities have been discovered in Cisco products, the most severe of which could allow for remote code execution. Cisco is a leading technology company best known for its networking hardware and software, such as routers and switches, that form the backbone of the internet and enterprise networks. Successful exploitation of the most severe of … Read More “Multiple Vulnerabilities in Cisco Products Could Allow for Remote Code Execution – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
Multiple vulnerabilities have been discovered in VMware Aria Operations and VMware Tools, the most severe of which could allow for privilege escalation to root. VMware Aria is a multi-cloud management platform that provides automation, operations, and cost management for applications and infrastructure across private, public, and hybrid cloud environments. Successful exploitation of the most severe … Read More “Multiple Vulnerabilities in VMware Aria Operations and VMware Tools Could Allow for Privilege Escalation – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
Updated NCSC guidance on enabling your staff to use their own devices for work. – Read More – NCSC Feed
Gov/ISAC Feeds
How organisations can improve their ability to both detect and discover cyber threats. – Read More – NCSC Feed
Gov/ISAC Feeds
The NCSC’s contribution to the Internet Engineering Task Force will help to make the internet more secure. – Read More – NCSC Feed
Gov/ISAC Feeds
How organisations can avoid staff burnout during an extended period of heightened cyber threat. – Read More – NCSC Feed
Gov/ISAC Feeds
Guidance for staff responsible for managing a cyber incident response within their organisation. – Read More – NCSC Feed
Gov/ISAC Feeds
If you can’t see your entire operational technology environment, you can’t defend it. New guidance from the NCSC will help you gain that visibility. – Read More – NCSC Feed
Gov/ISAC Feeds
On September 25, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to vulnerabilities in Google, WatchGuard, GoAnywhere, and SolarWinds products. On September 18, the MS-ISAC released an advisory for multiple vulnerabilities in Google Chrome, the most severe of which could allow for arbitrary code execution. On September 19, the … Read More “Threat Level – GUARDED – Cyber Threat Alert” »
Gov/ISAC Feeds
A vulnerability has been discovered in Nx (build system) Package, which could allow for sensitive data exfiltration. Nx is a smart, fast, and extensible build system designed for managing monorepos efficiently by providing features like dependency graph analysis, computation caching, distributed task execution, and codebase upgrades. Successful exploitation of this vulnerability could allow an attacker … Read More “A Vulnerability in Nx (build system) Package Could Allow for Sensitive Data Exfiltration – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
A vulnerability has been discovered in SolarWinds Web Help Desk, which could allow for remote code execution. SolarWinds Web Help Desk (WHD) is a web-based software that provides IT help desk and asset management functionality, allowing IT teams to manage service requests, track IT assets, and offer self-service options to end-users. Successful exploitation of this … Read More “A Vulnerability in SolarWinds Web Help Desk Could Allow for Remote Code Execution – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
A vulnerability has been discovered in WatchGuard Fireware OS, which could allow for arbitrary code execution. Fireware OS is the software that runs on WatchGuard Firebox firewalls. Fireware includes a Web UI that includes a way to manage and monitor each Firebox in your network. Successful exploitation of this vulnerability may allow a remote unauthenticated … Read More “A Vulnerability in WatchGuard Fireware OS Could Allow for Arbitrary Code Execution – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
A vulnerability has been discovered in GoAnywhere Managed File Transfer (MFT) which could allow for Command Injection. GoAnywhere Managed File Transfer (MFT) is an enterprise-level software solution for securely automating, managing, and tracking all organizational file transfers, whether server-to-server or person-to-person. Successful exploitation of this vulnerability could allow an actor with a validly forged license … Read More “A Vulnerability in GoAnywhere Managed File Transfer (MFT) Could Allow for Command Injection – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
Post Content – Read More – IC3.gov News
Gov/ISAC Feeds
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; … Read More “Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
A guide to choosing the right EASM product for your organisation, and the security features you need to consider. – Read More – NCSC Feed
Gov/ISAC Feeds
How to choose an external attack surface management (EASM) tool that’s right for your organisation. – Read More – NCSC Feed
Gov/ISAC Feeds
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Mozilla Focus for iOS is a private mobile browser … Read More “Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; … Read More “Critical Patches Issued for Microsoft Products, September 09, 2025 – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
Multiple vulnerabilities have been discovered in Ivanti products, the most severe of which could allow for remote code execution. Ivanti Endpoint Manager is a client-based unified endpoint management software Ivanti Connect Secure is an SSL VPN solution for remote and mobile users. Ivanti Policy Secure (IPS) is a network access control (NAC) solution which provides … Read More “Multiple Vulnerabilities in Ivanti Products Could Allow for Remote Code Execution – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe Acrobat Reader is a free software for viewing, printing, and annotating PDF files. Adobe After Effects is a digital software program used to create and composite visual effects, motion graphics, and animations for film, television, … Read More “Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
Why planning and rehearsing your recovery from an incident is as vital as building your defences – Read More – NCSC Feed
Gov/ISAC Feeds
Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution. … Read More “Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
Post Content – Read More – IC3.gov News
Gov/ISAC Feeds
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; … Read More “Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
Exploring how far cyber security approaches can help mitigate risks in generative AI systems – Read More – NCSC Feed
Gov/ISAC Feeds
The NIST National Cybersecurity Center of Excellence (NCCoE) has published the final version of NIST Internal Report (IR) 8349, Methodology for Characterizing Network Behavior of Internet of Things (IoT) Devices. Characterizing and understanding the – Read More – News and Events Feed by Topic
Gov/ISAC Feeds
Approaches to the design, development and assessment of products capable of resisting elevated threats. – Read More – NCSC Feed
Gov/ISAC Feeds
Advice for organisations on the acquisition, management and disposal of network devices. – Read More – NCSC Feed
Gov/ISAC Feeds
The catalog revision is part of NIST’s response to a recent Executive Order on strengthening the nation’s cybersecurity. – Read More – News and Events Feed by Topic
Gov/ISAC Feeds
A vulnerability has been discovered in Git, which could allow for remote code execution. Git is a free and open-source distributed version control system (VCS). It is designed to track changes in source code during software development and is widely used for coordinating work among multiple developers on the same project. Successful exploitation of this … Read More “A Vulnerability in Git Could Allow for Remote Code Execution – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
Multiple Vulnerabilities have been discovered in NetScaler ADC and NetScaler Gateway, which could allow for remote code execution. NetScaler ADC is a networking product that functions as an Application Delivery Controller (ADC), a tool that optimizes, secures, and ensures the reliable availability of applications for businesses. NetScaler Gateway is a secure remote access solution … Read More “Multiple Vulnerabilities in NetScaler ADC and NetScaler Gateway Could Allow for Remote Code Execution – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
Multiple vulnerabilities have been discovered in Commvault Backup & Recovery, which when chained together, could allow for remote code execution. Commvault Backup & Recovery is a comprehensive data protection solution that offers a range of services for safeguarding data across various environments, including on-premises, cloud, and hybrid setups. Successful exploitation of these vulnerabilities could allow … Read More “Multiple Vulnerabilities in Commvault Backup & Recovery Could Allow for Remote Code Execution – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
A vulnerability has been discovered in Apple products which could allow for arbitrary code execution. Successful exploitation could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with … Read More “A Vulnerability in Apple Products Could Allow for Arbitrary Code Execution – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Mozilla Focus for iOS is a private mobile browser … Read More “Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user or exploited process. Depending on the privileges associated with the user or process, an … Read More “Multiple Vulnerabilities in Microsoft Products Could Allow for Remote Code Execution – Cyber Security Advisories – MS-ISAC” »
Gov/ISAC Feeds
Enhancing Hardware Security for the Future of National Defense and Emerging Technologies In an era of geopolitical uncertainty, global semiconductor disruptions, and a rising demand for digital sovereignty, hardware security has become a critical – Read More – News and Events Feed by Topic
Gov/ISAC Feeds
The NIST National Cybersecurity Center of Excellence (NCCoE) has published NIST Cybersecurity White Paper (CSWP) 51, Developing a Transit Cybersecurity Framework Community Profile. This CSWP presents cybersecurity challenges for owners and operators – Read More – News and Events Feed by Topic
Russian Government Cyber Actors Targeting Networking Devices, Critical Infrastructure – IC3.gov News
Gov/ISAC Feeds
Post Content – Read More – IC3.gov News
Gov/ISAC Feeds
As digital infrastructure increasingly influences our daily lives, the National Institute of Standards and Technology (NIST) is committed to advancing cybersecurity research while also inspiring the next generation of STEM talent. Recently, the NIST – Read More – News and Events Feed by Topic
Gov/ISAC Feeds
The winning projects were competitively selected following a call for innovative proposals that address technical needs related to NIST’s research areas. – Read More – News and Events Feed by Topic
Gov/ISAC Feeds
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-54948 Trend Micro Apex One OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant … Read More “CISA Adds One Known Exploited Vulnerability to Catalog – All CISA Advisories” »
Gov/ISAC Feeds
Face morphing software, which combines photos of different people into a single image, is being used to commit identity fraud. – Read More – News and Events Feed by Topic