CISA Releases Update to Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells 09/06/2023 05:00 PM EDT The Cybersecurity and Infrastructure Security Agency (CISA) has released an update to a previously published Cybersecurity Advisory (CSA), Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells. The CSA—originally released to warn network defenders of critical infrastructure organizations about threat… Continue reading CISA Releases Update to Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells
Tag: threat
CISA, FBI, and CNMF Release Advisory on Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475
CISA, FBI, and CNMF Release Advisory on Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475 09/07/2023 01:00 PM EDT Today, CISA, Federal Bureau of Investigation (FBI), and U.S. Cyber Command’s Cyber National Mission Force (CNMF) published a joint Cybersecurity Advisory (CSA), Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475. This CSA provides information on an… Continue reading CISA, FBI, and CNMF Release Advisory on Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475
Vulnerability Summary for the Week of August 28, 2023
Vulnerability Summary for the Week of August 28, 2023 09/06/2023 03:00 PM EDT The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not… Continue reading Vulnerability Summary for the Week of August 28, 2023
CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities
CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities 08/01/2023 01:00 PM EDT The Cybersecurity and Infrastructure Security Agency (CISA) and the Norwegian National Cyber Security Centre (NCSC-NO) have released a joint Cybersecurity Advisory (CSA), Threat Actors Exploiting Ivanti EPMM Vulnerabilities, in response to the active exploitation of… Continue reading CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities
AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization
AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization 10/04/2022 01:58 PM EDT Original release date: October 4, 2022 Summary Actions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity: • Enforce multifactor authentication (MFA) on all user accounts.• Implement network segmentation to separate network segments based on role… Continue reading AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization
VMWare Releases Guidance for VirtualPITA, VirtualPIE, and VirtualGATE Malware Targeting vSphere
VMWare Releases Guidance for VirtualPITA, VirtualPIE, and VirtualGATE Malware Targeting vSphere 09/29/2022 05:13 PM EDT Original release date: September 29, 2022 VMWare has released Protecting vSphere From Specialized Malware, addressing malware artifacts known as VirtualPITA (ESXi & Linux), VirtualPIE (ESXi), and VirtualGATE (Windows), which are used to exploit and gain persistent access to instances of… Continue reading VMWare Releases Guidance for VirtualPITA, VirtualPIE, and VirtualGATE Malware Targeting vSphere
Threat Actors Exploiting Multiple Vulnerabilities Against Zimbra Collaboration Suite
Threat Actors Exploiting Multiple Vulnerabilities Against Zimbra Collaboration Suite 08/16/2022 11:10 AM EDT Original release date: August 16, 2022 CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have released a joint Cybersecurity Advisory (CSA) in response to active exploitation of multiple vulnerabilities against Zimbra Collaboration Suite (ZCS), an enterprise cloud-hosted collaboration software and email… Continue reading Threat Actors Exploiting Multiple Vulnerabilities Against Zimbra Collaboration Suite
Cisco Releases Security Update for Multiple Products
Cisco Releases Security Update for Multiple Products 08/11/2022 12:03 PM EDT Original release date: August 11, 2022 Cisco has released a security update to address a vulnerability affecting Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software. This vulnerability could allow a remote attacker to obtain sensitive information. For updates addressing lower severity vulnerabilities,… Continue reading Cisco Releases Security Update for Multiple Products
CISA Updates Advisory on Threat Actors Chaining Unpatched VMware Vulnerabilities
CISA Updates Advisory on Threat Actors Chaining Unpatched VMware Vulnerabilities 06/02/2022 11:44 AM EDT Original release date: June 2, 2022 CISA has updated Cybersecurity Advisory AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control, originally released May 18, 2022. The advisory has been updated to include additional indicators of compromise and detection signatures,… Continue reading CISA Updates Advisory on Threat Actors Chaining Unpatched VMware Vulnerabilities
CISA Releases Analysis of FY21 Risk and Vulnerability Assessments
CISA Releases Analysis of FY21 Risk and Vulnerability Assessments 05/19/2022 10:00 AM EDT Original release date: May 19, 2022 CISA has released an analysis and infographic detailing the findings from the 112 Risk and Vulnerability Assessments (RVAs) conducted across multiple sectors in Fiscal Year 2021 (FY21). The analysis details a sample attack path comprising 11… Continue reading CISA Releases Analysis of FY21 Risk and Vulnerability Assessments