Category: alerts
Category Added in a WPeMatico Campaign
-
North Korean State-Sponsored APT Targets Blockchain Companies
Original release date: April 18, 2022 CISA, the Federal Bureau of Investigation (FBI), and the U.S. Treasury Department have released a joint Cybersecurity Advisory (CSA) that details cyber threats associated with cryptocurrency thefts and tactics used by a North Korean state-sponsored advanced persistent threat (APT) actor known as the Lazarus Group. CISA encourages organizations to… Read more
-
Cyberattackers Put the Pedal to the Medal: Podcast
Fortinet’s Derek Manky discusses the exponential increase in the speed that attackers weaponize fresh vulnerabilities, where botnets and offensive automation fit in, and the ramifications for security teams. Read more
-
VMware Releases Security Updates for Cloud Director
Original release date: April 15, 2022 VMware has released security updates to address a remote code execution vulnerability in Cloud Director. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2022-0013 and apply the necessary updates. This product is provided subject to… Read more
-
Microsoft Releases Advisory to Address Critical Remote Code Execution Vulnerability (CVE-2022-26809)
Original release date: April 13, 2022 Microsoft has released an advisory to address CVE-2022-26809, a critical remote code execution vulnerability in Remote Procedure Call Runtime Library. A remote, unauthenticated attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Microsoft’s advisory and apply the recommended mitigations. This product is… Read more
-
APT Actors Target ICS/SCADA Devices
Original release date: April 13, 2022 CISA, the Department of Energy (DOE), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA), warning that certain advanced persistent threat (APT) actors have exhibited the capability to gain full system access to multiple industrial control system (ICS)/supervisory control… Read more
-
AA22-103A: APT Cyber Tools Targeting ICS/SCADA Devices
Original release date: April 13, 2022 Summary Actions to Take Today to Protect ICS/SCADA Devices: • Enforce multifactor authentication for all remote access to ICS networks and devices whenever possible. • Change all passwords to ICS/SCADA devices and systems on a consistent schedule, especially all default passwords, to device-unique strong passwords to mitigate password brute… Read more
-
CISA Adds 10 Known Exploited Vulnerabilities to Catalog
Original release date: April 13, 2022 CISA has added 10 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog,… Read more
-
ICSJWG Spring 2022 Virtual Meeting
Original release date: April 13, 2022 The Industrial Control Systems Joint Working Group (ICSJWG) will hold its Spring 2022 Virtual Meeting April 26–27. ICSJWG meetings facilitate relationship building among critical infrastructure stakeholders and owners/operators of industrial control systems, idea exchanges regarding critical issues affecting industrial control systems (ICS) cybersecurity, and information sharing to reduce the… Read more
-
Apache Releases Security Advisory for Struts 2
Original release date: April 12, 2022 The Apache Software Foundation has released a security advisory to address a vulnerability in Struts in the version range 2.0.0 to 2.5.29. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Apache’s security advisory S2-062 and upgrade to… Read more
-
Citrix Releases Security Updates for SD-WAN Products
Original release date: April 12, 2022 Citrix has released security updates to address vulnerabilities in multiple SD-WAN products. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Citrix Security Update CTX370550 and apply the necessary updates. This product is provided subject to this… Read more