[CoIT-Security] Message from MS-ISAC and EI-ISAC: List of Common Vulnerabilities and Exposures (CVE) Associated with Malicious Iranian Actors - TLP: AMBER

Goode, April april at onenet.net
Fri Jan 10 09:15:16 CST 2020 

Attn: CoIT Members & Cybersecurity Group (TLP: AMBER)

*Do not forward outside of OSRHE/Higher Ed



Forwarding an email from MS-ISAC covering Common Vulnerabilities and Exposures (CVE) associated with Malicious Iranian actors.  Recommendation is to review and determine if you are vulnerable to CVE's listed below an prioritize remediation.



Chris Kosciuk

ckosciuk at osrhe.edu<mailto:ckosciuk at osrhe.edu>

405.225.9440

------------------------------------------------------------------------------------------


TO: All MS-ISAC and EI-ISAC Members

DATE: January 10, 2020

SUBJECT: List of Common Vulnerabilities and Exposures (CVE) Associated with Malicious Iranian Actors - TLP: AMBER





Message from CISA below:





TLP: AMBER





The Cybersecurity and Infrastructure Security Agency (CISA) would like to provide the below list of Common Vulnerabilities and Exposures (CVE) Associated with Malicious Iranian Actors to our state and local partners:



*             CVE-2018-20250

*             CVE-2017-11882

*             CVE-2017-11774

*             CVE-2017-0199

*             CVE-2012-0158



These CVEs are known to have been used in cyber attacks by malicious actors affiliated with the Iranian state, based on analysis by a trusted third party. CISA encourages our SLTT partners to review the list, determine if they are vulnerable to any CVEs, and prioritize the mitigation of those vulnerabilities.



Due to the sensitive nature of this information, please do not distribute outside of your organization.





As always, to report an intrusion and request resources for incident response or technical assistance, contact CISA (CISAservicedesk at cisa.dhs.gov<mailto:CISAservicedesk at cisa.dhs.gov> or 888-282-0870).





Respectfully,

The CISA SLTT Partnerships Team



[CISA Wordmark CMYK 20181115_4 color seal with dk blue text]





TLP: AMBER

Limited Disclosure, restricted to participants' organizations. Recipients may only share TLP: AMBER information with members of their own organization, and with clients or customers who need to know the information to protect themselves or prevent further harm.

https://www.us-cert.gov/tlp/<https://smex12-5-en-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=https%3a%2f%2fwww.us%2dcert.gov%2ftlp%2f&umid=e06e4134-3973-45f8-bb9b-559e173b9754&auth=c45bec4b57924095a5e6f7ab44949d6e3d36ad67-2a0323b4f6a172e618b0f9b835003d9c424f2fef>









24×7 Security Operations Center

Multi-State Information Sharing and Analysis Center (MS-ISAC)

Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC)

31 Tech Valley Drive

East Greenbush, NY 12061

SOC at cisecurity.org<mailto:SOC at cisecurity.org> - 1-866-787-4722



[MS+EI emailsig at 2x]

[cid:image002.png at 01D291DE.F838E090]<https://www.facebook.com/CenterforIntSec>    [cid:image003.png at 01D291DE.F838E090] <https://twitter.com/CISecurity>    [cid:image004.png at 01D291DE.F838E090] <https://www.youtube.com/user/TheCISecurity>     [cid:image005.png at 01D291DE.F838E090] <https://www.linkedin.com/company/the-center-for-internet-security>


This message and attachments may contain confidential information. If it appears that this message was sent to you by mistake, any retention, dissemination, distribution or copying of this message and attachments is strictly prohibited. Please notify the sender immediately and permanently delete the message and any attachments.

. . . . .
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.onenet.net/pipermail/coit-security/attachments/20200110/c5116732/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 17601 bytes
Desc: image001.png
URL: <http://lists.onenet.net/pipermail/coit-security/attachments/20200110/c5116732/attachment-0006.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 15093 bytes
Desc: image002.png
URL: <http://lists.onenet.net/pipermail/coit-security/attachments/20200110/c5116732/attachment-0007.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 1891 bytes
Desc: image003.png
URL: <http://lists.onenet.net/pipermail/coit-security/attachments/20200110/c5116732/attachment-0008.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 2175 bytes
Desc: image004.png
URL: <http://lists.onenet.net/pipermail/coit-security/attachments/20200110/c5116732/attachment-0009.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.png
Type: image/png
Size: 1888 bytes
Desc: image005.png
URL: <http://lists.onenet.net/pipermail/coit-security/attachments/20200110/c5116732/attachment-0010.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image006.png
Type: image/png
Size: 2057 bytes
Desc: image006.png
URL: <http://lists.onenet.net/pipermail/coit-security/attachments/20200110/c5116732/attachment-0011.png>

More information about the CoIT-Security mailing list