Mozilla Releases Security Update for Firefox and Firefox ESR
Mozilla has released a security update to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system.
CISA encourages users and administrators to review Mozilla Security Advisory MFSA 2023-26 and apply the necessary update.
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems (ICS) advisories on July 11, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
ICSA-23-192-01 Rockwell Automation Enhanced HIM
ICSA-23-192-02 Sensormatic Electronics iSTAR
ICSA-23-192-03 Panasonic Control FPWin Pro7
ICSA-23-180-04 Mitsubishi Electric MELSEC-F Series (Update A)
CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.
CISA Adds One Known Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2021-29256 Arm Mali GPU Kernel Driver Use-After-Free Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view other newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column—which will sort by descending dates.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
Progress Software Releases Service Pack for MOVEit Transfer Vulnerabilities
Progress Software has released a Service Pack to address three newly disclosed vulnerabilities (CVE-2023-36934, CVE-2023-36932, CVE-2023-36933) in MOVEit Transfer. A cyber threat actor could exploit some of these vulnerabilities to obtain sensitive information.
CISA encourages users to review Progress Software’s MOVEit Transfer article and apply product updates as applicable for security improvements.
CISA and Partners Release Joint Cybersecurity Advisory on Newly Identified Truebot Malware Variants
Today, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigations (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Canadian Centre for Cyber Security (CCCS) released a joint Cybersecurity Advisory (CSA), Increased Truebot Activity Infects U.S. and Canada Based Networks, to help organizations detect and protect against newly identified Truebot malware variants. Based on confirmation from open-source reporting and analytical findings of Truebot variants, the four organizations assess cyber threat actors leveraged the malware through phishing campaigns containing malicious redirect hyperlinks.
Additionally, newer versions of Truebot malware allow malicious actors to gain initial access by exploiting a known vulnerability with Netwrix Auditor application (CVE-2022-31199). As recently as May 2023, cyber threat actors used this common vulnerability and exposure to deliver new Truebot malware variants and to collect and exfiltrate information against organizations in the U.S. and Canada.
CISA, FBI, MS-ISAC, and the CCCS encourage all organizations to review this joint advisory and implement the recommended mitigations contained therein—including applying patches to CVE-2022-31199, to reduce the likelihood and impact of Truebot activity, as well as other ransomware related incidents. To report incidents and anomalous activity, please contact one of the following organizations:
CISA, either through the agency’s online tool (cisa.gov/report) or the 24/7 Operations Center at report@cisa.gov or (888) 282-0870.
FBI via a local field office.
State, local, tribal, and territorial (SLTT) government entities can report to the MS-ISAC (SOC@cisecurity.org or 866-787-4522).
Organizations are also encouraged to visit StopRansomware.gov—which provides a range of free U.S. government resources and services that can help bolster cyber hygiene, cybersecurity posture and reduce risk to ransomware, and contains an updated Joint #StopRansomware Guide.
CISA Releases Three Industrial Control Systems Advisories
CISA has released three Industrial Control Systems (ICS) advisories on July 6, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations:
ICSA-23-187-01 PiiGAB M-Bus
ICSA-23-187-02 ABUS TVIP
ICSA-23-143-03 Mitsubishi Electric MELSEC Series CPU module (Update A)