![]() ![]() |
Security InformationThis page is dedicated to security, it includes local security information, as well as a number of syndicated security feeds, alerts, tools and news from major security portals. This page aims to provide a single security information access point, helping you stay current with recent security threats. You can check the SG Security FAQ and visit the SG Security forum with any questions you might have. SG Security ScanThe SG Security Scan is a great tool that tests a number of ports on your computer for the most common vulnerabilities.![]() ![]() ![]() ![]()
SG Security Articles![]() ![]() ![]() ![]() ![]() ![]() ![]() Latest Security Advisories (US-CERT)CISA Releases Four Industrial Control Systems Advisories (2025.08.19) CISA released four Industrial Control Systems (ICS) advisories on August 19, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations. CISA Adds One Known Exploited Vulnerability to Catalog (2025.08.18) CISA has added one new vulnerability to itsKnown Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilitiesestablished the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See theBOD 22-01 Fact Sheetfor more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation ofKEV Catalog vulnerabilitiesas part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet thespecified criteria. CISA Releases Thirty-Two Industrial Control Systems Advisories (2025.08.14) CISA released thirty-two Industrial Control Systems (ICS) advisories on August 14, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations. CISA and Partners Release Asset Inventory Guidance for Operational Technology Owners and Operators (2025.08.13) CISA, along with the National Security Agency, the Federal Bureau of Investigation, Environmental Protection Agency, and several international partners, released comprehensive guidance to help operational technology (OT) owners and operators across all critical infrastructure sectors create and maintain OT asset inventories and supplemental taxonomies. An asset inventory is a regularly updated, structured list of an organization's systems, hardware, and software. It includes a categorization systema taxonomythat classifies assets based on their importance and function. This guidance explains how OT owners and operators can create, maintain, and use asset inventories and taxonomies to identify and safeguard their critical assets. Following this guidance, organizations may gain deeper insights into their architecture, optimize their defenses, better assess and reduce cybersecurity risk in their environments, and enhance incident response planning to ensure service continuity. CISA Adds Two Known Exploited Vulnerabilities to Catalog (2025.08.13) CISA has added two new vulnerabilities to itsKnown Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilitiesestablished the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See theBOD 22-01 Fact Sheetfor more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation ofKEV Catalog vulnerabilitiesas part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet thespecified criteria. CISA Releases Seven Industrial Control Systems Advisories (2025.08.12) CISA released seven Industrial Control Systems (ICS) advisories on August 12, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations. CISA Adds Three Known Exploited Vulnerabilities to Catalog (2025.08.12) CISA has added three new vulnerabilities to itsKnown Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. CISA Issues ED 25-02 Mitigate Microsoft Exchange Vulnerability (2025.08.07) Today, CISA issued Emergency Directive (ED) 25-02: Mitigate Microsoft Exchange Vulnerability in response to CVE-2025-53786, a vulnerability in Microsoft Exchange server hybrid deployments. ED 25-02 directs all Federal Civilian Executive Branch (FCEB) agencies with Microsoft Exchange hybrid environments to implement required mitigations by 9:00 AM EDT on Monday, August 11, 2025. This vulnerability presents significant risk to all organizations operating Microsoft Exchange hybrid-joined configurations that have not yet implemented the April 2025 patch guidance. Although this directive is only for FCEB agencies, CISA strongly encourages all organizations to address this vulnerability. For additional details, see CISAs Alert: Microsoft Releases Guidance on Vulnerability (CVE-2025-53786) in Hybrid Exchange Deployments.
|
Recent News
|