Category: alerts
Category Added in a WPeMatico Campaign
-
Zero-Trust For All: A Practical Guide
How to use zero-trust architecture effectively in today’s modern cloud-dependent infrastructures. Read more
-
Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
Original release date: April 20, 2022 The cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom have released a joint Cybersecurity Advisory (CSA) to warn organizations that Russia’s invasion of Ukraine could expose organizations both within and beyond the region to increased malicious cyber activity from Russian state-sponsored cyber actors or… Read more
-
AA22-110A: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
Original release date: April 20, 2022 Summary Actions critical infrastructure organizations should implement to immediately protect against Russian state-sponsored and criminal cyber threats: • Patch all systems. Prioritize patching known exploited vulnerabilities. • Enforce multifactor authentication. • Secure and monitor Remote Desktop Protocol and other risky services. • Provide end-user awareness and training. The cybersecurity… Read more
-
Most Email Security Approaches Fail to Block Common Threats
A full 89 percent of organizations experienced one or more successful email breaches during the previous 12 months, translating into big-time costs. Read more
-
Google: 2021 was a Banner Year for Exploited 0-Day Bugs
Last year, Google Project Zero tracked a record 58 exploited-in-the-wild zero-day security holes. Read more
-
Oracle Releases April 2022 Critical Patch Update
Original release date: April 19, 2022 Oracle has released its Critical Patch Update for April 2022 to address 520 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Oracle April 2022 Critical Patch Update and apply the… Read more
-
Vulnerability Summary for the Week of April 11, 2022
Original release date: April 18, 2022 | Last revised: April 19, 2022 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info dell — emc_unity_operating_environment Dell VNX2 for file version 8.1.21.266 and earlier, contain an unauthenticated remote code execution vulnerability which may lead unauthenticated users to execute commands on the… Read more
-
Rethinking Cyber-Defense Strategies in the Public-Cloud Age
Exploring what’s next for public-cloud security, including top risks and how to implement better risk management. Read more
-
CISA Releases Secure Cloud Business Applications (SCuBA) Guidance Documents for Public Comment
Original release date: April 18, 2022 | Last revised: April 19, 2022 CISA has released draft versions of two guidance documents—along with a request for comment (RFC)—that are a part of the recently launched Secure Cloud Business Applications (SCuBA) project: Secure Cloud Business Applications (SCuBA) Technical Reference Architecture (TRA) Extensible Visibility Reference Framework (eVRF) Program… Read more
-
AA22-108A: TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies
Original release date: April 18, 2022 Summary Actions to take today to mitigate cyber threats to cryptocurrency: • Patch all systems. • Prioritize patching known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Use multifactor authentication. The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the… Read more