Home » Security Information

Security Information

This page is dedicated to security, it includes local security information, as well as a number of syndicated security feeds, alerts, tools and news from major security portals. This page aims to provide a single security information access point, helping you stay current with recent security threats. You can check the SG Security FAQ and visit the SG Security forum with any questions you might have.

SG Security Scan

SG Security Articles

Latest Security Advisories (US-CERT)

CISA released two Industrial Control Systems (ICS) advisories on August 5, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-25-217-01 Mitsubishi Electric Iconics Digital Solutions Multiple Products
• ICSA-25-217-02 Tigo Energy Cloud Connect Advanced

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

CISA has added three new vulnerabilities to itsKnown Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

• CVE-2020-25078 D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability
• CVE-2020-25079 D-Link DCS-2530L and DCS-2670L Command Injection Vulnerability
• CVE-2022-40799 D-Link DNR-322L Download of Code Without Integrity Check Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

CISA released two Industrial Control Systems (ICS) advisories on July 31, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-25-212-01 Gralp FMUS Series Seismic Monitoring Devices
• ICSA-25-212-02 Rockwell Automation Lifecycle Services with VMware

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

Today, CISA, in partnership with Sandia National Laboratories, announced the public availability of Thorium, a scalable and distributed platform for automated file analysis and result aggregation. Thorium enhances cybersecurity teams' capabilities by automating analysis workflows through seamless integration of commercial, open-source, and custom tools. It supports various mission functions, including software analysis, digital forensics, and incident response, allowing analysts to efficiently assess complex malware threats.

Thorium enables teams that frequently analyze files to achieve scalable automation and results indexing within a unified platform. Analysts can integrate command-line tools as Docker images, filter results using tags and full-text search, and manage access with strict group-based permissions.  

Designed to scale with hardware using Kubernetes and ScyllaDB, Thorium can ingest over 10 million files per hour per permission group while maintaining rapid query performance. It also allows users to define event triggers and tool execution sequences, control the platform via RESTful API, and aggregate outputs for further analysis or integration with downstream processes.

CISA encourages cybersecurity teams to use Thorium and provide feedback to enhance its capabilities. For more information on Thorium and how it can improve your cybersecurity operations, see CISAs Thorium resource webpage. 

CISA, in partnership with the U.S. Coast Guard (USCG), released a joint Cybersecurity Advisory aimed at helping critical infrastructure organizations improve their cyber hygiene. This follows a proactive threat hunt engagement conducted at a U.S. critical infrastructure facility.

During this engagement, CISA and USCG did not find evidence of malicious cyber activity or actor presence on the organizations network but did identify several cybersecurity risks. CISA and USCG are sharing their findings and associated mitigations to assist other critical infrastructure organizations identify potential similar issues and take proactive measures to improve their cybersecurity posture. The mitigations include best practices such as not storing passwords or credentials in plaintext, avoiding sharing local administrator account credentials, and implementing comprehensive logging.

For more detailed mitigations addressing the identified cybersecurity risks, review joint Cybersecurity Advisory: CISA and USCG Identify Areas for Cyber Hygiene Improvement After Conducting Proactive Threat Hunt at US Critical Infrastructure Organization. 

Today, CISA released the Eviction Strategies Tool to provide cyber defenders with critical support and assistance during the containment and eviction phases of incident response. This tool includes:

• Cyber Eviction Strategies Playbook Next Generation (Playbook-NG): A web-based application for next-generation operations.
• COUN7ER: A database of atomic post-compromise countermeasures users can execute based on adversary tactics, techniques, and procedures.

Together, Playbook-NG and COUN7ER create a systematic, tailored eviction plan that leverages distinct countermeasures to effectively contain and evict adversarial intrusions.

The Eviction Strategies Tool directly addresses a critical gap: the need for a clear understanding of the necessary actions to properly contain and evict adversaries from networks and devices.

CISA encourages cyber defenders to use the Eviction Strategies Tool available on the CISA Eviction Strategies Tool webpage or download it directly from GitHub at https://github.com/cisagov/playbook-ng. Check out our fact sheet for more information: Eviction Strategies Tool | CISA.

Please share your thoughts through our anonymous survey. We appreciate your feedback.

CISA released five Industrial Control Systems (ICS) advisories on July 29, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-25-210-01 National Instruments LabVIEW
• ICSA-25-210-02 Samsung HVAC DMS
• ICSA-25-210-03 Delta Electronics DTN Soft
• ICSA-24-158-04 Johnson Controls Software House iStar Pro Door Controller (Update A)
• ICSA-24-338-06 Fuji Electric Tellus Lite V-Simulator (Update A)

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

CISA released Microsegmentation in Zero Trust, Part One: Introduction and Planning as part of its ongoing efforts to support Federal Civilian Executive Branch (FCEB) agencies implementing zero trust architectures (ZTAs). 

This guidance provides a high-level overview of microsegmentation, focusing on its key concepts, associated challenges and potential benefits, and includes recommended actions to modernize network security and advance zero trust principles.

Microsegmentation is a critical component of ZTA that reduces the attack surface, limits lateral movement, and enhances visibility for monitoring smaller, isolated groups of resources.

While the guidance focuses on FCEB references, its principles are applicable to any organization. As part of its Journey to Zero Trust series, CISA plans to release a subsequent technical guide to offer detailed implementation scenarios and technical considerations for implementation teams. Visit our Zero Trust webpage for more information and resources.