#StopRansomware: MedusaLocker 06/30/2022 01:00 PM EDT Original release date: June 30, 2022 CISA, the Federal Bureau of Investigation (FBI), the Department of the Treasury (Treasury), and the Financial Crimes Enforcement Network (FinCEN) have released a joint Cybersecurity Advisory (CSA), #StopRansomware: MedusaLocker, to provide information on MedusaLocker ransomware. MedusaLocker actors target vulnerabilities in Remote Desktop Protocol …
Monthly Archives: June 2022
CISA releases 6 Industrial Control Systems Advisories
CISA releases 6 Industrial Control Systems Advisories 6/30/2022 12:16 PM EDT
Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird
Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird 06/29/2022 11:00 AM EDT Original release date: June 29, 2022 Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators …
Continue reading “Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird”
CISA Releases Guidance on Switching to Modern Auth in Exchange Online before October 1
CISA Releases Guidance on Switching to Modern Auth in Exchange Online before October 1 06/28/2022 02:51 PM EDT Original release date: June 28, 2022 CISA has released guidance on switching from Basic Authentication (“Basic Auth”) in Microsoft Exchange Online to Modern Authentication (“Modern Auth”) before Microsoft begins permanently disabling Basic Auth on October 1, 2022. …
2022 CWE Top 25 Most Dangerous Software Weaknesses
2022 CWE Top 25 Most Dangerous Software Weaknesses 06/28/2022 10:00 AM EDT Original release date: June 28, 2022 The Homeland Security Systems Engineering and Development Institute, sponsored by CISA and operated by MITRE, has released the 2022 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list. The list uses data from the National …
Continue reading “2022 CWE Top 25 Most Dangerous Software Weaknesses”
CISA releases 6 Industrial Control Systems Advisories
CISA releases 6 Industrial Control Systems Advisories 6/28/2022 2:06 PM EDT
Vulnerability Summary for the Week of June 20, 2022
CISA Adds Eight Known Exploited Vulnerabilities to Catalog
CISA Adds Eight Known Exploited Vulnerabilities to Catalog 06/27/2022 11:00 AM EDT Original release date: June 27, 2022 CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal …
Continue reading “CISA Adds Eight Known Exploited Vulnerabilities to Catalog ”
Citrix Releases Security Updates for Hypervisor
Citrix Releases Security Updates for Hypervisor 06/24/2022 10:49 AM EDT Original release date: June 24, 2022 Citrix has released security updates to address vulnerabilities that could affect Hypervisor. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Citrix Security Update CTX460064 and apply …
Continue reading “Citrix Releases Security Updates for Hypervisor”
Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems
Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems 06/23/2022 02:00 PM EDT Original release date: June 23, 2022 CISA and the United States Coast Guard Cyber Command (CGCYBER) have released a joint Cybersecurity Advisory (CSA) to warn network defenders that cyber threat actors, including state-sponsored advanced persistent threat (APT) actors, have continued …
Continue reading “Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems”