Cybersecurity Alert Level – courtesy of MS-ISAC


GREEN or LOW indicates a low risk. No unusual activity exists beyond the normal concern for known hacking activities, known viruses, or other malicious activity.

BLUE or GUARDED indicates a general risk of increased hacking, virus, or other malicious activity. The potential exists for malicious cyber activities, but no known exploits have been identified, or known exploits have been identified but no significant impact has occurred.

YELLOW or ELEVATED indicates a significant risk due to increased hacking, virus, or other malicious activity that compromises systems or diminishes service. At this level, there are known vulnerabilities that are being exploited with a moderate level of damage or disruption, or the potential for significant damage or disruption is high.

ORANGE or HIGH indicates a high risk of increased hacking, virus, or other malicious cyber activity that targets or compromises core infrastructure, causes multiple service outages, causes multiple system compromises, or compromises critical infrastructure. At this level, vulnerabilities are being exploited with a high level of damage or disruption, or the potential for severe damage or disruption is high.

RED or SEVERE indicates a severe risk of hacking, virus, or other malicious activity resulting in widespread outages and/or significantly destructive compromises to systems with no known remedy or debilitates one or more critical infrastructure sectors. At this level, vulnerabilities are being exploited with a severe level or widespread level of damage or disruption of Critical Infrastructure Assets.


Cybersecurity Advisories – courtesy of MS-ISAC

  • Multiple Vulnerabilities in Google Android OS Could Allow for Arbitrary Code Execution
    on July 7, 2022

    Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for arbitrary code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the exploited component, an attacker could then […]

  • Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
    on July 5, 2022

    Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new […]

  • Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
    on June 30, 2022

    Multiple vulnerabilities have been discovered in Mozilla Firefox, Firefox Extended Support Release (ESR) and Mozilla Thunderbird, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Mozilla Thunderbird is an email client. Successful exploitation of the most severe of these vulnerabilities could […]

  • Multiple Vulnerabilities in WatchGuard Firebox and XTM appliances Could Allow for Remote Code Execution
    on June 25, 2022

    Multiple vulnerabilities have been discovered in WatchGuard Firebox and XTM appliances, the most severe of which could allow for Remote code execution. WatchGuard Firebox is a unified security platform that gives IT professionals the network visibility tools to ensure enterprise-grade security. Depending on the privileges associated with the applications, an attacker could view, change, or delete data.

  • Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
    on June 22, 2022

    Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the applications. Depending on the privileges associated with the applications, an attacker could view, change, or delete data. If these applications […]

  • A Vulnerability in Splunk Enterprise Deployment Servers Could Allow for Arbitrary Code Execution
    on June 21, 2022

    A vulnerability in Splunk Enterprise Deployment Servers Could Allow for Arbitrary Code Execution. Splunk Universal Forwarders, in which the vulnerability lies, are used to send data from a machine to a data receiver usually Splunk. If an attacker is able to compromise a Splunk Universal Forwarder they could use the vulnerability to execution arbitrary code on all other Universal Forwarder endpoints subscribed to a development server.

  • A Vulnerability in Cisco Email Security Appliance, Cisco Secure Email & Web Manager Could Allow for an Authentication Bypass - PATCH: NOW - TLP: WHITE
    on June 17, 2022

    A vulnerability in Cisco Email Security Appliance, Cisco Secure Email & Web Manager could Allow for an authentication bypass under specific conditions. Exploitation of this vulnerability could allow for an unauthenticated attacker to gain unauthorized access to the web-based management interface of the affected device.

  • A Vulnerability in Citrix Application Delivery Management (Citrix ADM) Could Allow for an Unauthenticated Attacker to Reset the Administrator Password
    on June 15, 2022

    Multiple vulnerabilities have been discovered in Citrix ADM. Citrix ADM is a web-based solution for managing all Citrix deployments. The most severe of these vulnerabilities Could Allow for an Unauthenticated Attacker to Reset the Administrator Password.

  • MS-ISAC CYBERSECURITY ADVISORY - Critical Patches Issued for Microsoft Products, June 14, 2022 - PATCH: NOW - TLP: WHITE
    on June 15, 2022

    Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with […]

  • Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
    on June 15, 2022

    Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Animate is a multimedia authoring computer animation program. Bridge is a digital asset management application Illustrator is a vector graphics editor and design program. Adobe InCopy is a professional word processor. InDesign is an industry-leading layout and page design software for print and digital media. RoboHelp Server is a help […]

  • Multiple Vulnerabilities in Google Android OS Could Allow for Arbitrary Code Execution
    on June 7, 2022

    Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for arbitrary code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the exploited component, an attacker could then […]

  • A Vulnerability in Atlassian Confluence Server and Data Center Could Allow for Remote Code Execution
    on June 3, 2022

    A vulnerability has been discovered in Atlassian Confluence Server and Data Center, which could allow for remote code execution. Confluence is a wiki tool used to help teams collaborate and share knowledge efficiently. Successful exploitation of this vulnerability could allow for remote code execution within the context of the service account used to run the Confluence Server or Data Center service. Depending on the privileges associated with the service account, an attacker […]

  • Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
    on June 2, 2022

    Multiple vulnerabilities have been discovered in Mozilla Firefox, Firefox Extended Support Release (ESR) and Mozilla Thunderbird, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Mozilla Thunderbird is an email client Successful exploitation of the most severe of these vulnerabilities could […]

  • A Vulnerability in Microsoft Support Diagnostic Tool (MSDT) Could Allow for Arbitrary Code Execution
    on June 1, 2022

    A vulnerability in Microsoft Support Diagnostic Tool (MSDT) could allow for arbitrary code execution. MSDT collects information from hosts running Microsoft Windows and Windows Server to send to Microsoft Support. Successful exploitation of this vulnerability could result in arbitrary code execution. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users […]

  • Multiple Vulnerabilities in Firefox Products Could Allow for Arbitrary Code Execution
    on May 26, 2022

    Multiple vulnerabilities have been discovered in Mozilla Firefox Products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Mozilla Thunderbird is an email client Mozilla Firefox for Android is the Android based Firefox Browser on Android devices. Successful exploitation of the most severe of […]

  • Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
    on May 25, 2022

    Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the applications. Depending on the privileges associated with the applications, an attacker could view, change, or delete data. If these applications […]

  • A Vulnerability in VMware Products Could Allow for Authentication Bypass
    on May 19, 2022

    Multiple vulnerabilities have been discovered in VMware Products, the most severe of which could result in Authentication Bypass. VMware Workspace ONE Access is an access control application for Workspace ONE. VMware Identity Manager is the identity and access management component of Workspace ONE. vRealize Automationi is a management platform for automating the delivery of container-based applications. VMware Cloud Foundation is a hybrid cloud platform that provides a […]

  • Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution
    on May 17, 2022

    Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution. Safari is a graphical web browser developed by Apple. iOS is a mobile operating system for mobile devices, including the iPhone, iPad, and iPod touch. iPadOS is the successor to iOS 12 and is a mobile operating system for iPads. macOS Monterey is the 18th and current major release of macOS. macOS Big Sur is the 17th release of macOS. macOS […]

  • Multiple Vulnerabilities in SonicWall SSLVPN SMA1000 Series Could Allow for Authentication Bypass
    on May 16, 2022

    Multiple vulnerabilities in SonicWall SMA 1000 Series could allow for authentication bypass. Successful exploitation could allow an attacker to have unauthorized access to internal resources and even redirect potential victims to malicious websites. The SonicWall SMA 1000 Series is a unified secure access gateway that enables organizations to provide access to any application, anytime, from anywhere and any devices, including managed and unmanaged.

  • A vulnerability in Zyxel Firewall and VPN Could Allow for Arbitrary Code Execution
    on May 16, 2022

    A vulnerability has been discovered in Zyxel Firewall and VPN, which could allow for arbitrary code execution. Zyxel is a manufacturer of networking devices that provides networking equipment globally. Successful exploitation of this vulnerability could allow for administrative access to the system, which could allow an attacker to change firewall settings, intercept traffic, create VPN accounts to gain access to the network behind the device, and perform additional […]