The National Institute of Standards and Technology (NIST) defines a vulnerability as a weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source. (Source). The latest threat and vulnerability information from multiple sources including: CISA, US-Cert, National Vulnerability Database, and the MITRE Corporation.
CISA/ US CERT Cyber Announcements
- CISA/ US CERT Cyber Announcements
The following announcements highlight recent cybersecurity news including alerts, threats, vulnerabilities, and malicious activity. They also include up-to-date information on available updates and patches for your operating systems.
Cybersecurity and Infrastructure Security Agency Alerts
- Cybersecurity and Infrastructure Security Agency Alerts
Cybersecurity and Infrastructure Security Agency (CISA) alerts provide timely information about current security issues, vulnerabilities, and exploits.
National Cyber Awareness System
- National Cyber Awareness System
The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
NVD and MITRE Databases
- National Vulnerability Database
The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.
- The MITRE Corporation – Common Vulnerabilities Exposure
Common Vulnerabilities Exposure is a list of entries - each containing an identification number, a description, and at least one public reference - for publicly known cybersecurity vulnerabilities.