Explanation of the Current Alert Level of GUARDED
The alert level is the overall current threat level.
On September 25, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to vulnerabilities in Google, WatchGuard, GoAnywhere, and SolarWinds products. On September 18, the MS-ISAC released an advisory for multiple vulnerabilities in Google Chrome, the most severe of which could allow for arbitrary code execution. On September 19, the MS-ISAC released two advisories. The first advisory was for a vulnerability in WatchGuard Fireware OS that could allow for arbitrary code execution. The second advisory was for a vulnerability in GoAnywhere Managed File Transfer (MFT) that could allow for command injection. On September 23, the MS-ISAC released an advisory for a vulnerability in SolarWinds Web Help Desk that could allow for remote code execution. Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to continue to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources.
