Author: DEFENDEDGE

  • Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems

    Original release date: June 23, 2022  CISA and the United States Coast Guard Cyber Command (CGCYBER) have released a joint Cybersecurity Advisory (CSA) to warn network defenders that cyber threat actors, including state-sponsored advanced persistent threat (APT) actors, have continued to exploit CVE-2021-44228 (Log4Shell) in VMware Horizon® and Unified Access Gateway (UAG) servers to obtain… Read more

  • AA22-174A: Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems

    Original release date: June 23, 2022 Summary Actions to take today: • Install fixed builds, updating all affected VMware Horizon and UAG systems to the latest versions. If updates or workarounds were not promptly applied following VMware’s release of updates for Log4Shell in December 2021, treat all affected VMware systems as compromised. • Minimize the… Read more

  • CISA Releases Cloud Security Technical Reference Architecture

    Original release date: June 23, 2022 CISA has released its Cloud Security (CS) Technical Reference Architecture (TRA) to guide federal civilian departments and agencies in securely migrating to the cloud. Co-authored by CISA, the United States Digital Service, and the Federal Risk and Authorization Management Program, the CS TRA defines and clarifies considerations for shared… Read more

  • Fancy Bear Uses Nuke Threat Lure to Exploit 1-Click Bug

    The APT is pairing a known Microsoft flaw with a malicious document to load malware that nabs credentials from Chrome, Firefox and Edge browsers. Read more

  • Keeping PowerShell: Measures to Use and Embrace

    Original release date: June 22, 2022 Cybersecurity authorities from the United States, New Zealand, and the United Kingdom have released a joint Cybersecurity Information Sheet (CIS) on PowerShell. The CIS provides recommendations for proper configuration and monitoring of PowerShell, as opposed to removing or disabling it entirely due to its use by malicious actors after… Read more

  • Discovery of 56 OT Device Flaws Blamed on Lackluster Security Culture

    Culture of ‘insecure-by-design’ security is cited in discovery of bug-riddled operational technology devices. Read more

  • Vulnerability Summary for the Week of June 13, 2022

    Original release date: June 20, 2022   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info citrix — application_delivery_management Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh… Read more

  • China-linked APT Flew Under Radar for Decade

    Evidence suggests that a just-discovered APT has been active since 2013. Read more

  • CISA Requests Public Comment on CISA’s TIC 3.0 Cloud Use Case

    Original release date: June 16, 2022 CISA has released Trusted Internet Connections (TIC) 3.0 Cloud Use Case for public comment. TIC is a federal cybersecurity initiative intended to secure federal data, networks, and boundaries while providing visibility into agency traffic, including cloud communications. TIC use cases provide guidance on the secure implementation and configuration of… Read more

  • SAP Releases June 2022 Security Updates

    Original release date: June 14, 2022 SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review SAP Security Patch Day – June 2022 and apply the necessary updates. This product is provided subject… Read more