Shortcuts
|
Security InformationThis page is dedicated to security, it includes local security information, as well as a number of syndicated security feeds, alerts, tools and news from major security portals. This page aims to provide a single security information access point, helping you stay current with recent security threats. You can check the SG Security FAQ and visit the SG Security forum with any questions you might have. SG Security ScanThe SG Security Scan is a great tool that tests a number of ports on your computer for the most common vulnerabilities.SG Security ScannerVulterable PortsCommonly Open PortsSG Ports - comprehensive database of known TCP/UDP ports
SG Security ArticlesGeneral Security GuideHow To Crack WEP and WPA Wireless NetworksHow to Secure your Wireless NetworkHow to Stop Denial of Service (DoS) AttacksIRDP Security Vulnerability in Windows 9xWhich VPN Protocol to use?Why encrypt your online traffic with VPN ?Latest Security Advisories (US-CERT)CISA Requests Public Comment for Updated Guidance on Software Bill of Materials (2025.08.22) CISA released updated guidance for the Minimum Elements for a Software Bill of Materials (SBOM) for public commentcomment period begins today and concludes on October 3, 2025. These updates build on the 2021 version of the National Telecommunications and Information Administration SBOM Minimum Elements to reflect advancements in tooling and implementation. An SBOM serves as a vital inventory of software components, enabling organizations to identify vulnerabilities, manage dependencies, and mitigate risks. The update refines data fields, automation support, and operational practices to ensure SBOMs are scalable, interoperable, and comprehensive. Stakeholders are encouraged to provide feedback via the Federal Register during the public comment period. This feedback will contribute to refining SBOM practices, enabling CISA to release an updated version of the minimum elements. CISA Adds One Known Exploited Vulnerability to Catalog (2025.08.21) CISA has added one new vulnerability to itsKnown Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilitiesestablished the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See theBOD 22-01 Fact Sheetfor more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation ofKEV Catalog vulnerabilitiesas part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet thespecified criteria. CISA Releases Three Industrial Control Systems Advisories (2025.08.21) CISA released three Industrial Control Systems (ICS) advisories on August 21, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations. CISA Releases Four Industrial Control Systems Advisories (2025.08.19) CISA released four Industrial Control Systems (ICS) advisories on August 19, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations. CISA Adds One Known Exploited Vulnerability to Catalog (2025.08.18) CISA has added one new vulnerability to itsKnown Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilitiesestablished the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See theBOD 22-01 Fact Sheetfor more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation ofKEV Catalog vulnerabilitiesas part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet thespecified criteria. CISA Releases Thirty-Two Industrial Control Systems Advisories (2025.08.14) CISA released thirty-two Industrial Control Systems (ICS) advisories on August 14, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations. CISA and Partners Release Asset Inventory Guidance for Operational Technology Owners and Operators (2025.08.13) CISA, along with the National Security Agency, the Federal Bureau of Investigation, Environmental Protection Agency, and several international partners, released comprehensive guidance to help operational technology (OT) owners and operators across all critical infrastructure sectors create and maintain OT asset inventories and supplemental taxonomies. An asset inventory is a regularly updated, structured list of an organization's systems, hardware, and software. It includes a categorization systema taxonomythat classifies assets based on their importance and function. This guidance explains how OT owners and operators can create, maintain, and use asset inventories and taxonomies to identify and safeguard their critical assets. Following this guidance, organizations may gain deeper insights into their architecture, optimize their defenses, better assess and reduce cybersecurity risk in their environments, and enhance incident response planning to ensure service continuity. CISA Adds Two Known Exploited Vulnerabilities to Catalog (2025.08.13) CISA has added two new vulnerabilities to itsKnown Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilitiesestablished the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See theBOD 22-01 Fact Sheetfor more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation ofKEV Catalog vulnerabilitiesas part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet thespecified criteria.
|
Recent News
|