Here of some of the items covered in today's SecureResearch Cyber Intelligence Briefs:

• CISA is requesting public comment on a draft update to the National Cyber Incident Response Plan (NCIRP) by January 15, 2025.
• Siemens published a security advisory, AV24-719, for multiple vulnerabilities affecting industrial control systems.
• CISA released advisories, AV24–716, addressing vulnerabilities in Rockwell and Siemens PLCs.
• CISA added two vulnerabilities (CVE-2024-20767 and CVE-2024-35250) to its Known Exploited Vulnerabilities Catalog.
• Dell addressed multiple high-severity vulnerabilities across their product portfolio in advisory AV24-715.
• Hewlett Packard Enterprise (HPE) published a security advisory, AV24-714, detailing vulnerabilities across their products, including HPE OneView, iLO Amplifier Pack, Edgeline Infrastructure Manager, and Cray Management Controller.
• Multiple vulnerabilities were discovered in Synology products, which could result in the compromise of data confidentiality.
• Mozilla Thunderbird has multiple vulnerabilities which could be exploited by attackers to compromise user systems and sensitive data.
• SolarWinds Web Help Desk has a vulnerability which allows attackers to compromise the confidentiality of data.

For more information in the SecureResearch Daily Cyber Intelligence Brief, email [email protected]