{"id":295489,"date":"2025-02-13T04:49:00","date_gmt":"2025-02-13T12:49:00","guid":{"rendered":"https:\/\/sftarticles.wpenginepowered.com\/es\/?p=348208"},"modified":"2025-07-01T15:24:16","modified_gmt":"2025-07-01T22:24:16","slug":"the-united-states-government-has-a-cybersecurity-problem","status":"publish","type":"post","link":"https:\/\/cms-articles.softonic.io\/en\/the-united-states-government-has-a-cybersecurity-problem\/","title":{"rendered":"The United States government has a cybersecurity problem"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Cybersecurity experts have warned of an increase in cyberattacks targeting sensitive government servers, exploiting vulnerabilities in government software.<\/p>\n\n\n<div class=\"sc-card-program\">\r\n  <div class=\"sc-card-program__body\">\r\n    <div class=\"sc-card-program__row clearfix\">\r\n      <div class=\"sc-card-program__col-logo\">\r\n        <img decoding=\"async\" class=\"sc-card-program__img\" alt=\"NordVPN\" src=\"https:\/\/images.sftcdn.net\/images\/t_app-icon-s\/p\/8713ac42-12d5-11e7-b114-c399bbcf470c\/3632015789\/nordvpn-logo\" width=\"100px\" height=\"100px\">\r\n      <\/div>\r\n      <div class=\"sc-card-program__col-title\">\r\n        <span class=\"sc-card-program__title\">NordVPN<\/span>\r\n        <a class=\"sc-card-program__button sc-card-program-internal\" href=\"https:\/\/nordvpn.softonic.com\/android\" target=\"_self\" rel=\"noopener noreferrer\">DOWNLOAD<\/a>\r\n      <\/div>\r\n      <div class=\"sc-card-program__col-rating\">\r\n        <svg class=\"rating-score__content\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" version=\"1.1\" x=\"0\" y=\"0\" viewbox=\"0 0 50 50\" enable-background=\"new 0 0 50 50\" xml:space=\"preserve\"><path class=\"rating-score__background rating-score--good\" fill=\"none\" stroke-width=\"6\" stroke-miterlimit=\"10\" d=\"M40 40c8.3-8.3 8.3-21.7 0-30s-21.7-8.3-30 0 -8.3 21.7 0 30\"><\/path><path class=\"rating-score__value rating-score__value--0\" fill=\"none\" stroke-width=\"6\" stroke-dashoffset=\"0\" stroke-miterlimit=\"10\" d=\"M40 40c8.3-8.3 8.3-21.7 0-30s-21.7-8.3-30 0 -8.3 21.7 0 30\"><\/path><text class=\"rating-score__number\" content=\"\" text-anchor=\"middle\" transform=\"matrix(1 0 0 1 25 31.0837)\" data-auto=\"app-user-score\"><\/text><\/svg>\r\n      <\/div>\r\n    <\/div>\r\n    <div class=\"sc-card-program__row\">\r\n      <span class=\"sc-card-program__description\"><\/span>\r\n    <\/div>\r\n    <div class=\"sc-card-program__row\">\r\n      <img decoding=\"async\" class=\"sc-card-program__bigpic\" src=\"\" onerror=\"this.style.display='none'\">\r\n    <\/div>\r\n    <a class=\"sc-card-program__link track-link sc-card-program-internal\" href=\"https:\/\/nordvpn.softonic.com\/android\" target=\"_self\" rel=\"noopener noreferrer\"><\/a>\r\n  <\/div>\r\n<\/div>\n\n\n\n<p class=\"wp-block-paragraph\">This warning originates from the cybersecurity firm Trimble, which has identified that its Cityworks tool has been used in these attacks.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Trimble alerted its customers through a letter, in which it mentions the discovery of a deserialization vulnerability, <strong>labeled as CVE-2025-0994, which allows for remote code execution (RCE) with a high severity score of 8.6.<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\"><p lang=\"en\" dir=\"ltr\">Trimble released security updates for a deserialization vulnerability CVE-2025-0994 impacting its Cityworks Server AMS. This enables threat actors to conduct remote code execution against a customer\u2019s Microsoft IIS web server. Apply updates &amp; learn more ? <a href=\"https:\/\/t.co\/TyBvD9evaQ\">https:\/\/t.co\/TyBvD9evaQ<\/a> <a href=\"https:\/\/t.co\/Bqxe5mVe7r\">pic.twitter.com\/Bqxe5mVe7r<\/a><\/p>&mdash; CISA Cyber (@CISACyber) <a href=\"https:\/\/twitter.com\/CISACyber\/status\/1887934116353462620?ref_src=twsrc%5Etfw\">February 7, 2025<\/a><\/blockquote><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">What we know about this state vulnerability<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Exploiting this vulnerability could allow attackers to deploy Cobalt Strike beacons on Microsoft Internet Information Services (IIS) servers.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Cityworks, a geographic information systems (GIS)-based asset and permit management software, is designed to help governments and public services efficiently manage their infrastructure and operations.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">After receiving reports of unauthorized access attempts to specific Cityworks implementations, Trimble has released updates to mitigate the risks: version 15.x has been updated to 15.8.9, and 23.x to 23.10.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In addition to the updates, the company warned about incorrect configurations of attachment directories and elevated IIS identity permissions in some on-premise implementations, which could increase risk. Trimble emphasizes that these issues must be addressed simultaneously to resume normal operations with Cityworks.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a coordinated advisory<\/strong>, urging affected organizations to apply security patches immediately and conduct an impact analysis and risk assessment before implementing defensive measures.<\/p>\n\n\n<div class=\"sc-card-program\">\r\n  <div class=\"sc-card-program__body\">\r\n    <div class=\"sc-card-program__row clearfix\">\r\n      <div class=\"sc-card-program__col-logo\">\r\n        <img decoding=\"async\" class=\"sc-card-program__img\" alt=\"NordVPN\" src=\"https:\/\/images.sftcdn.net\/images\/t_app-icon-s\/p\/8713ac42-12d5-11e7-b114-c399bbcf470c\/3632015789\/nordvpn-logo\" width=\"100px\" height=\"100px\">\r\n      <\/div>\r\n      <div class=\"sc-card-program__col-title\">\r\n        <span class=\"sc-card-program__title\">NordVPN<\/span>\r\n        <a class=\"sc-card-program__button sc-card-program-internal\" href=\"https:\/\/nordvpn.softonic.com\/android\" target=\"_self\" rel=\"noopener noreferrer\">DOWNLOAD<\/a>\r\n      <\/div>\r\n      <div class=\"sc-card-program__col-rating\">\r\n        <svg class=\"rating-score__content\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" version=\"1.1\" x=\"0\" y=\"0\" viewbox=\"0 0 50 50\" enable-background=\"new 0 0 50 50\" xml:space=\"preserve\"><path class=\"rating-score__background rating-score--good\" fill=\"none\" stroke-width=\"6\" stroke-miterlimit=\"10\" d=\"M40 40c8.3-8.3 8.3-21.7 0-30s-21.7-8.3-30 0 -8.3 21.7 0 30\"><\/path><path class=\"rating-score__value rating-score__value--0\" fill=\"none\" stroke-width=\"6\" stroke-dashoffset=\"0\" stroke-miterlimit=\"10\" d=\"M40 40c8.3-8.3 8.3-21.7 0-30s-21.7-8.3-30 0 -8.3 21.7 0 30\"><\/path><text class=\"rating-score__number\" content=\"\" text-anchor=\"middle\" transform=\"matrix(1 0 0 1 25 31.0837)\" data-auto=\"app-user-score\"><\/text><\/svg>\r\n      <\/div>\r\n    <\/div>\r\n    <div class=\"sc-card-program__row\">\r\n      <span class=\"sc-card-program__description\"><\/span>\r\n    <\/div>\r\n    <div class=\"sc-card-program__row\">\r\n      <img decoding=\"async\" class=\"sc-card-program__bigpic\" src=\"\" onerror=\"this.style.display='none'\">\r\n    <\/div>\r\n    <a class=\"sc-card-program__link track-link sc-card-program-internal\" href=\"https:\/\/nordvpn.softonic.com\/android\" target=\"_self\" rel=\"noopener noreferrer\"><\/a>\r\n  <\/div>\r\n<\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Organizations that detect malicious activity must follow internal procedures and <a href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\" target=\"_blank\" rel=\"noopener\" title=\"report any incident to CISA for better tracking.\">report any incident to <\/a><a href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\" target=\"_blank\" rel=\"noopener nofollow\" title=\"report any incident to CISA for better tracking.\">C<\/a><a href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\" target=\"_blank\" rel=\"noopener\" title=\"report any incident to CISA for better tracking.\">ISA for better tracking.<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybersecurity experts have warned of an increase in cyberattacks targeting sensitive government servers, exploiting vulnerabilities in government software. This warning comes from the cybersecurity firm Trimble, which has identified that its Cityworks tool has been used in these attacks. Trimble alerted its clients through a letter, mentioning the discovery of a deserialization vulnerability, labeled as CVE-2025-0994, which allows for remote code execution (RCE) with a high severity score of 8.6. What do we know about this state vulnerability The exploitation of this vulnerability could allow [&hellip;]<\/p>\n","protected":false},"author":9317,"featured_media":295502,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wpcf-pageviews":1},"categories":[1015],"tags":[5605],"usertag":[],"vertical":[],"content-category":[],"class_list":["post-295489","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-ciberseguridad"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/295489","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/users\/9317"}],"replies":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/comments?post=295489"}],"version-history":[{"count":1,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/295489\/revisions"}],"predecessor-version":[{"id":309698,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/295489\/revisions\/309698"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media\/295502"}],"wp:attachment":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media?parent=295489"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/categories?post=295489"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/tags?post=295489"},{"taxonomy":"usertag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/usertag?post=295489"},{"taxonomy":"vertical","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/vertical?post=295489"},{"taxonomy":"content-category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/content-category?post=295489"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}