Cybersecurity Alert Level – courtesy of MS-ISAC


GREEN or LOW indicates a low risk. No unusual activity exists beyond the normal concern for known hacking activities, known viruses, or other malicious activity.

BLUE or GUARDED indicates a general risk of increased hacking, virus, or other malicious activity. The potential exists for malicious cyber activities, but no known exploits have been identified, or known exploits have been identified but no significant impact has occurred.

YELLOW or ELEVATED indicates a significant risk due to increased hacking, virus, or other malicious activity that compromises systems or diminishes service. At this level, there are known vulnerabilities that are being exploited with a moderate level of damage or disruption, or the potential for significant damage or disruption is high.

ORANGE or HIGH indicates a high risk of increased hacking, virus, or other malicious cyber activity that targets or compromises core infrastructure, causes multiple service outages, causes multiple system compromises, or compromises critical infrastructure. At this level, vulnerabilities are being exploited with a high level of damage or disruption, or the potential for severe damage or disruption is high.

RED or SEVERE indicates a severe risk of hacking, virus, or other malicious activity resulting in widespread outages and/or significantly destructive compromises to systems with no known remedy or debilitates one or more critical infrastructure sectors. At this level, vulnerabilities are being exploited with a severe level or widespread level of damage or disruption of Critical Infrastructure Assets.


Cybersecurity Advisories – courtesy of MS-ISAC

  • Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
    on January 19, 2022

    Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution MS-ISAC ADVISORY NUMBER:2022-010 DATE(S) ISSUED:01/19/2022 OVERVIEW:Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary […]

  • Oracle Quarterly Critical Patches Issued January 18, 2022
    on January 18, 2022

    Oracle Quarterly Critical Patches Issued January 18, 2022 MS-ISAC ADVISORY NUMBER:2022-009 DATE(S) ISSUED:01/18/2022 OVERVIEW:Multiple vulnerabilities have been discovered in Oracle products, which could allow for remote code execution RISK: Government: Large and medium government entities: HIGHSmall government entities: HIGH Businesses:Large and medium business entities: HIGHSmall business entities: HIGH […]

  • A Vulnerability in Zoho Desktop Central and Desktop Central MSP Could Allow for Authentication Bypass
    on January 18, 2022

    A Vulnerability in Zoho Desktop Central and Desktop Central MSP Could Allow for Authentication Bypass MS-ISAC ADVISORY NUMBER:2022-008 DATE(S) ISSUED:01/18/2022 OVERVIEW:A vulnerability has been discovered in Zoho Desktop Central and Desktop Central MSP that could allow for authentication bypass. Zoho Desktop Central and Desktop Central MSP are unified endpoint management (UEM) solution that helps in managing servers, laptops, desktops, smartphones, […]

  • Multiple Vulnerabilities in Mozilla Firefox and Thunderbird Could Allow for Arbitrary Code Execution
    on January 11, 2022

    Multiple Vulnerabilities in Mozilla Firefox and Thunderbird Could Allow for Arbitrary Code Execution MS-ISAC ADVISORY NUMBER:2022-005 DATE(S) ISSUED:01/11/2022 OVERVIEW:Multiple vulnerabilities have been discovered in Mozilla Firefox, Firefox Extended Support Release (ESR), and Thunderbird, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of […]

  • A Vulnerability in Citrix Workspace App for Linux Could Allow for Local Privilege Escalation
    on January 11, 2022

    A Vulnerability in Citrix Workspace App for Linux Could Allow for Local Privilege Escalation MS-ISAC ADVISORY NUMBER:2022-007 DATE(S) ISSUED:01/11/2022 OVERVIEW:A vulnerability has been discovered in Citrix Workspace App for Linux, a virtual desktop application. Successful exploitation of this vulnerability could allow for local privilege escalation. A privilege escalation enables the attacker to obtain root privileges within the system which will […]

  • Critical Patches Issued for Microsoft Products, January 11, 2022
    on January 11, 2022

    Critical Patches Issued for Microsoft Products, January 11, 2022 MS-ISAC ADVISORY NUMBER:2022-004 DATE(S) ISSUED:01/11/2022 OVERVIEW:Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with […]

  • Multiple Vulnerabilities in Adobe Products could allow for Arbitrary Code Execution.
    on January 11, 2022

    Multiple Vulnerabilities in Adobe Products could allow for Arbitrary Code Execution. MS-ISAC ADVISORY NUMBER:2022-006 DATE(S) ISSUED:01/11/2022 OVERVIEW:Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for Arbitrary Code Execution. Acrobat and Reader is a family of application software and Web services mainly used to create, view, and edit PDF documents.Illustrator is a vector graphics editor and […]

  • Multiple Vulnerabilities in WordPress Could Allow for SQL Injection
    on January 7, 2022

    Multiple Vulnerabilities in WordPress Could Allow for SQL Injection MS-ISAC ADVISORY NUMBER:2022-003 DATE(S) ISSUED:01/07/2022 OVERVIEW:Multiple vulnerabilities have been discovered in WordPress, the most severe of which could allow for SQL injection. WordPress is an open source content management system (CMS) which assist in the creation and hosting of web applications. Successful exploitation of the most severe of these vulnerabilities could allow […]

  • Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
    on January 5, 2022

    Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution MS-ISAC ADVISORY NUMBER:2022-001 DATE(S) ISSUED:01/05/2022 OVERVIEW:Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary […]

  • Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution
    on January 5, 2022

    Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution MS-ISAC ADVISORY NUMBER:2022-002 DATE(S) ISSUED:01/05/2022 OVERVIEW:Multiple vulnerabilities have been discovered in the Google Android operating system (OS), the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful […]