Top CVEs Actively Exploited by People’s Republic of China State-Sponsored Cyber Actors 10/06/2022 01:48 PM EDT Original release date: October 6, 2022 CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA) providing the top Common Vulnerabilities and Exposures (CVEs) used since 2020 by …
Monthly Archives: October 2022
Cisco Releases Security Updates for Multiple Products
Cisco Releases Security Updates for Multiple Products 10/06/2022 10:23 AM EDT Original release date: October 6, 2022 Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA …
Continue reading “Cisco Releases Security Updates for Multiple Products”
Vulnerability Summary for the Week of September 26, 2022
Vulnerability Summary for the Week of September 26, 2022 10/03/2022 08:56 AM EDT Original release date: October 3, 2022 | Last revised: October 5, 2022 High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info acer — altos_t110_f3 There is a stack buffer overflow vulnerability, which could lead to arbitrary code …
Continue reading “Vulnerability Summary for the Week of September 26, 2022”
FBI and CISA Publish a PSA on Malicious Cyber Activity Against Election Infrastructure
FBI and CISA Publish a PSA on Malicious Cyber Activity Against Election Infrastructure 10/05/2022 09:21 AM EDT Original release date: October 5, 2022 The Federal Bureau of Investigation (FBI) and CISA have published a joint public service announcement that: Assesses malicious cyber activity aiming to compromise election infrastructure is unlikely to result in large-scale disruptions or prevent voting. …
AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization
AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization 10/04/2022 01:58 PM EDT Original release date: October 4, 2022 Summary Actions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity: • Enforce multifactor authentication (MFA) on all user accounts.• Implement network segmentation to separate network segments based on role …
Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization
Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization 10/04/2022 12:58 PM EDT Original release date: October 4, 2022 CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA), Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense …
CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories 10/04/2022 07:00 AM EDT Original release date: October 4, 2022 CISA has released five (5) Industrial Control Systems (ICS) advisories on October 04, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released …
Continue reading “CISA Releases Five Industrial Control Systems Advisories”
CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories 10/04/2022 07:00 AM EDT Original release date: October 4, 2022 CISA has released five (5) Industrial Control Systems (ICS) advisories on October 04, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released …
Continue reading “CISA Releases Five Industrial Control Systems Advisories”
CISA Issues Binding Operational Directive 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks
CISA Issues Binding Operational Directive 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks 10/03/2022 09:31 AM EDT Original release date: October 3, 2022 CISA has issued Binding Operational Directive (BOD) 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks, which seeks improve asset visibility and vulnerability enumeration across the federal enterprise. Although …