The Log4Shell vulnerability critically threatens anybody using the popular open-source Apache Struts framework and could lead to a “Mini internet meltdown soonish.”
Category: alerts
Cyber Security Monitor Alerts News Notifications. We monitor and send notifications on the latest Cyber Security alerts, blogs, news on data breaches and emerging cyber threats.
Original release date: December 10, 2021
The Apache Software Foundation has released a security advisory to address a remote code execution vulnerability (CVE-2021-44228) affecting Log4j versions 2.0-beta9 to 2.14.1. A remote attacker could exploit this vulnerability to take control of an affected system. Log4j is an open-source, Java-based logging utility widely used by enterprise applications and cloud services.
CISA encourages users and administrators to review the Apache Log4j 2.15.0 Announcement and upgrade to Log4j 2.15.0 or apply the recommended mitigations immediately.
This product is provided subject to this Notification and this Privacy & Use policy.
Cyberattackers are targeting security vulnerabilities in four plugins plus Epsilon themes, to assign themselves administrative accounts.
Original release date: December 10, 2021
CISA has released an Industrial Controls Systems Medical Advisory (ICSMA) detailing a vulnerability in multiple Hillrom Welch Allyn cardiology products. An attacker could exploit this vulnerability to take control of an affected system.
CISA encourages technicians and administrators to review ICSMA-21-343-01: Hillrom Welch Allyn Cardio Products for more information and apply the necessary mitigations.
This product is provided subject to this Notification and this Privacy & Use policy.
The threat group, first identified in June, focuses solely on data exfiltration and subsequent extortion, and has already targeted 40 victims since September.
Original release date: December 9, 2021
Cisco has released a security advisory to address Cisco products affected by multiple vulnerabilities in Apache HTTP Server 2.4.48 and earlier releases. An unauthenticated remote attacker could exploit this vulnerability to take control of an affected system.
CISA encourages users and administrators to review Cisco Advisory cisco-sa-apache-httpd-2.4.49-VWL69sWQ and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
The powerful devices leveraged by the Meris botnet have weaknesses that make them easy to exploit, yet complex for organizations to track and secure, researchers said.
Original release date: December 9, 2021
CISA has released Capability Enhancement Guide (CEG): Social Media Account Protection, which details ways to protect the security of organization-run social media accounts. Malicious cyber actors that successfully compromise social media accounts—including accounts used by federal agencies—could spread false or sensitive information to a wide audience. The measures described in the CEG aim to reduce the risk of unauthorized access on platforms such as Twitter, Facebook, and Instagram.
CISA encourages social media account administrators to implement the protection measures described in CEG: Social Media Account Protection:
- Establish and maintain a social media policy
- Implement credential management
- Enforce multi-factor authentication (MFA)
- Manage account privacy settings
- Use trusted devices
- Vet third-party vendors
- Maintain situational awareness of cybersecurity threats
- Establish an incident response plan
Note: although CISA created the CEG primarily for federal agencies, the guidance is applicable to all organizations.
This product is provided subject to this Notification and this Privacy & Use policy.
DoH! Nate Warfield, CTO of Prevailion, discusses new stealth tactics threat actors are using for C2, including Malleable C2 from Cobalt Strike’s arsenal.
Attackers are milking unpatched Hikvision video systems to drop a DDoS botnet, researchers warned.