Top Alerts & Advisories

15 August 2024
Alert rating
MEDIUM

Siemens COMOS

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF
Audience
Cyber security professionals, Large organisations, Government
15 August 2024
Alert rating
MEDIUM

Siemens NX

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF
Audience
Cyber security professionals, Large organisations, Public sector
15 August 2024
Alert rating
LOW

AVEVA Historian Web Server

View CSAF
Audience
Cyber security professionals, Large organisations, Public sector
15 August 2024
Alert rating
LOW

PTC Kepware ThingWorx Kepware Server

View CSAF
Audience
Cyber security professionals, Large organisations, Public sector
15 August 2024
Alert rating
MEDIUM

CISA Releases Eleven Industrial Control Systems Advisories

CISA released eleven Industrial Control Systems (ICS) advisories on August 15, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
Audience
Cyber security professionals, Large organisations
08 August 2024
Alert rating
LOW

Dorsett Controls InfoScan

View CSAF
Audience
Cyber security professionals, Large organisations, Public sector
08 August 2024
Alert rating
HIGH

Best Practices for Cisco Device Configuration

In recent incidents, CISA has seen malicious cyber actors acquire system configuration files by leveraging available protocols or software on devices, such as abusing the legacy Cisco Smart Install feature. CISA recommends organizations disable Smart Install and review NSA’s Smart Install Protocol Misuse advisory and Network Infrastructure Security Guide for configuration guidance. 
Audience
Cyber security professionals, Large organisations
07 August 2024
Alert rating
HIGH

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
Audience
Cyber security professionals, Large organisations, Public sector, Government
07 August 2024
Alert rating
HIGH

Royal Ransomware Actors Rebrand as “BlackSuit,” FBI and CISA Release Update to Advisory

Today, CISA—in partnership with the Federal Bureau of Investigation (FBI)—released an update to joint Cybersecurity Advisory #StopRansomware: Royal Ransomware, #StopRansomware: BlackSuit (Royal) Ransomware. The updated advisory provides network defenders with recent and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with BlackSuit and legacy Royal activity. FBI investigations identified these TTPs and IOCs as recently as July 2024.
Audience
Cyber security professionals, Public sector, Government, Large organisations
07 August 2024
Alert rating
MEDIUM

NCSC CEO shares insights into securing UK elections in cyber space at major international conference

Felicity Oswald shares reflections on the UK approach to election security at Black Hat USA conference.
Audience
Public sector, Cyber security professionals
TisaAssist
bot
🤖 Hello, how can I assist you today?
I can help you with:
✅ Answer questions related to the website.
✅ Help you understand things you don't know.
❓ What's Tisalabs
💻 What's IoT
🔒 Why sensor data must be protected?