AA20-031A: Detecting Citrix CVE-2019-19781

Original release date: January 31, 2020SummaryUnknown cyber network exploitation (CNE) actors have successfully compromised numerous organizations that employed vulnerable Citrix devices through a critical vulnerability known as CVE-2019-19781. Though mitigations...

AA20-020A: Critical Vulnerability in Citrix Application Delivery Controller, Gateway, and SD-WAN WANOP

Original release date: January 20, 2020SummaryOn January 19, 2020, Citrix released firmware updates for Citrix Application Delivery Controller (ADC) and Citrix Gateway versions 11.1 and 12.0 to address CVE-2019-19781....

AA20-014A: Critical Vulnerabilities in Microsoft Windows Operating Systems

Original release date: January 14, 2020SummaryNew vulnerabilities are continually emerging, but the best defense against attackers exploiting patched vulnerabilities is simple: keep software up to date. Timely patching is...

AA20-010A: Continued Exploitation of Pulse Secure VPN Vulnerability

Original release date: January 10, 2020SummaryUnpatched Pulse Secure VPN servers continue to be an attractive target for malicious actors. Affected organizations that have not applied the software patch to...

AA20-006A: Potential for Iranian Cyber Response to U.S. Military Strike in Baghdad

Original release date: January 6, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is sharing the following information with the cybersecurity community as a primer for assisting in the protection...

AAXX-XXXX: TA14-353A YARA Rules Update

Original release date: January 3, 2020SummaryN/A Technical DetailsN/A MitigationsHost Based Indicators   Below are potential YARA signatures to detect malware binaries on host machines:   rule SMB_Worm_Tool {          strings:             $STR1 = "GlobalFwtSqmSession106829323_S-1-5-19"       ...

AA19-339A: Dridex Malware

Original release date: December 5, 2019SummaryThis Alert is the result of recent collaboration between Department of the Treasury Financial Sector Cyber Information Group (CIG) and the Department of the...

AA19-290A: Microsoft Ending Support for Windows 7 and Windows Server 2008 R2

Original release date: October 17, 2019SummaryOn January 14, 2020, Microsoft will end extended support for their Windows 7 and Windows Server 2008 R2 operating systems. After this date, these...

AA19-168A: Microsoft Operating Systems BlueKeep Vulnerability

Original release date: June 17, 2019Summary The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this Activity Alert to provide information on a vulnerability, known as...

AA19-122A: New Exploits for Unsecure SAP Systems

Original release date: May 02, 2019Summary The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this activity alert in response to recently disclosed exploits that target...

Consumer Protection

US CERT ALERTS

AA20-073A: Enterprise VPN Security

Original release date: March 13, 2020SummaryAs organizations prepare for possible impacts of Coronavirus Disease 2019 (COVID-19), many may consider alternate workplace options for their...

Competition Press Releases

Joint FTC and DOJ Letter Raises Concerns about California Assembly Bill 1541, which would...

The staff of Federal Trade Commission’s Office of Policy Planning, Bureau of Economics, and Bureau of Competition, together with the staff of the Antitrust...

FTC Imposes Conditions on Danaher Corporation’s Acquisition of GE Biopharma

Merger likely to reduce competition in highly concentrated markets that supply biopharmaceutical companies with key inputs Danaher Corporation has agreed to divest assets to settle...

FTC Submits Comment on Final Information Blocking Rule to the Department of Health &...

The Federal Trade Commission staff has submitted a statement in support of certain changes made by the Department of Health & Human Services’ Office...