Juniper Networks Releases Security Updates for Multiple Products

Original release date: July 15, 2021

Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the Juniper Networks security advisories page and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Ransomware Risk in Unpatched, EOL SonicWall SRA and SMA 8.x Products

Original release date: July 15, 2021

CISA is aware of threat actors actively targeting a known, previously patched, vulnerability in SonicWall Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x firmware. Threat actors can exploit this vulnerability to initiate a targeted ransomware attack.

CISA encourages users and administrators to review the SonicWall security advisory and upgrade to the newest firmware or disconnect EOL appliances as soon as possible. Review the CISA Bad Practices webpage to learn more about bad cybersecurity practices, such as using EOL software, that are especially dangerous for organizations supporting designated Critical Infrastructure or National Critical Functions. 

This product is provided subject to this Notification and this Privacy & Use policy.

New StopRansomware.gov website – The U.S. Government’s One-Stop Location to Stop Ransomware

Original release date: July 15, 2021

The U.S. Government launched a new website to help public and private organizations defend against the rise in ransomware cases. StopRansomware.gov is a whole-of-government approach that gives one central location for ransomware resources and alerts. We encourage organizations to use this new website to understand the threat of ransomware, mitigate risk, and in the event of an attack, know what steps to take next.

The StopRansomware.gov webpage is an interagency resource that provides our partners and stakeholders with ransomware protection, detection, and response guidance that they can use on a single website. This includes ransomware alerts, reports, and resources from CISA, the FBI, and other federal partners.

We look forward to growing the information and resources on StopRansomware.gov and plan to partner with additional Federal Agencies who are working to curb the rise in ransomware.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA Insights: Guidance for MSPs and Small- and Mid-sized Businesses

Original release date: July 14, 2021

CISA has released CISA Insights: Guidance for Managed Service Providers (MSPs) and Small- and Mid-sized Businesses, which provides mitigation and hardening guidance to help these organizations strengthen their defenses against cyberattacks. Many small- and mid-sized businesses use MSPs to manage IT systems, store data, or support sensitive processes, making MSPs valuable targets for malicious cyber actors. Compromises of MSPs—such as with the recent Kaseya ransomware attack—can have globally cascading effects and introduce significant risk to MSP customers.

CISA strongly recommends MSPs and small- and mid-sized businesses follow the guidance provided in the CISA Insights and CISA Webpage: Kaseya Ransomware Attack: Guidance for Affected MSPs and their Customers to protect MSP customer network assets and reduce the risk of successful cyberattacks.  

This product is provided subject to this Notification and this Privacy & Use policy.

CISA Issues Emergency Directive on Microsoft Windows Print Spooler

Original release date: July 13, 2021

CISA has issued Emergency Directive (ED) 21-04: Mitigate Windows Print Spooler Service Vulnerability addressing CVE-2021-34527. Attackers can exploit this vulnerability to remotely execute code with system level privileges enabling a threat actor to quickly compromise the entire identity infrastructure of a targeted organization.  

Specifically, ED 21-04 directs federal departments and agencies to immediately apply the Microsoft July 2021 updates and disable the print spooler service on servers on Microsoft Active Directory (AD) Domain Controllers (DCs).

Although ED 21-04 applies to Executive Branch departments and agencies, CISA strongly recommends that state and local governments, private sector organizations, and others review ED 21-04: Mitigate Windows Print Spooler Service Vulnerability for additional mitigation recommendations.

This product is provided subject to this Notification and this Privacy & Use policy.

SAP Releases July 2021 Security Updates

Original release date: July 13, 2021

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.  

CISA encourages users and administrators to review the SAP Security Notes for July 2021 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Citrix Releases Security Updates for Virtual Apps and Desktops

Original release date: July 13, 2021

Citrix has released security updates to address a vulnerability in multiple versions of Virtual Apps and Desktops. An attacker could exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review Citrix Security Update CTX319750 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Microsoft Releases July 2021 Security Updates

Original release date: July 13, 2021

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker can exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review Microsoft’s July 2021 Security Update Summary and Deployment Information and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

VMware Releases Security Update

Original release date: July 13, 2021

VMware has released a security update to address a vulnerability in VMware ESXi and VMware Cloud Foundation. An attacker could exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0014 and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.

Kaseya Ransomware Attack: Guidance and Resources

Original release date: July 13, 2021

CISA has created a webpage to provide information and guidance for the recent ransomware attack against Kaseya customers that include managed service providers (MSPs) and customers of those MSPs.

CISA encourages affected organizations to review Kaseya Ransomware Attack: Guidance for Affected MSPs and their Customers for more information.

This product is provided subject to this Notification and this Privacy & Use policy.