February 2022 - Secure | IT

Cybersecurity Exploits IT Malware Security Patches

Broadcom Software Discloses APT Actors Deploying Daxin Malware in Global Espionage Campaign

https://www.cisa.gov/uscert/ncas/current-activity/2022/02/28/broadcom-software-discloses-apt-actors-deploying-daxin-malware Broadcom Software—an industry member of CISA’s Joint Cyber Defense Collaborative (JCDC)—uncovers an advanced persistent threat (APT) campaign against select governments and other critical infrastructure targets in a publication titled Daxin: Stealthy Backdoor Designed for Attacks Against Hardened Networks. The Symantec Threat Hunter team, part of Broadcom Software, worked with Read more…

By Krypteia Group, 3 years2022-02-28 ago

Cybersecurity Exploits IT MSSP Solutions

How China built a one-of-a-kind cyber-espionage behemoth to last

A decade-long quest to become a cyber superpower is paying off for China. The “most advanced piece of malware” that China-linked hackers have ever been known to use was revealed today. Dubbed Daxin, the stealthy back door was used in espionage operations against governments around the world for a decade Read more…

By Krypteia Group, 3 years2022-02-28 ago

Cybersecurity Exploits IT Malware MSSP Security Patches Solutions

CISA Releases Advisory on Destructive Malware Targeting Organizations in Ukraine

https://www.cisa.gov/uscert/ncas/current-activity/2022/02/26/cisa-releases-advisory-destructive-malware-targeting-organizations CISA and the Federal Bureau of Investigation have released an advisory on destructive malware targeting organizations in Ukraine. The advisory also provides recommendations and strategies to prepare for and respond to destructive malware. Additionally, CISA has created a new Shields Up Technical Guidance webpage that details other malicious cyber activity affecting Read more…

By Krypteia Group, 3 years2022-02-26 ago

Cybersecurity Exploits IT MSSP Security Patches Software Solutions

CISA Adds Four Known Exploited Vulnerabilities to Catalog

https://www.cisa.gov/uscert/ncas/current-activity/2022/02/25/cisa-adds-four-known-exploited-vulnerabilities-catalog CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to Read more…

By Krypteia Group, 3 years2022-02-25 ago

Cybersecurity Exploits IT MSSP Security Patches Software Solutions

Mozilla Releases Security Update for Mozilla VPN

https://www.cisa.gov/uscert/ncas/current-activity/2022/02/25/mozilla-releases-security-update-mozilla-vpn Mozilla has released a security update to address a vulnerability in Mozilla VPN. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Mozilla Foundation Security Advisory 2022-08 and make the necessary update.

By Krypteia Group, 3 years2022-02-25 ago

Cybersecurity Exploits IT Security Patches Solutions

Cisco Releases Security Updates for Multiple Products

https://www.cisa.gov/uscert/ncas/current-activity/2022/02/24/cisco-releases-security-updates-multiple-products Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit one of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to review the following Cisco advisories Read more…

By Krypteia Group, 3 years2022-02-24 ago

Cybersecurity Exploits IT Malware MSSP Ransomware Security Patches Solutions

Iranian Government-Sponsored MuddyWater Actors Conducting Malicious Cyber Operations

https://www.cisa.gov/uscert/ncas/current-activity/2022/02/24/iranian-government-sponsored-muddywater-actors-conducting CISA, the Federal Bureau of Investigation (FBI), U.S. Cyber Command Cyber National Mission Force (CNMF), the United Kingdom’s National Cyber Security Centre (NCSC-UK), and the National Security Agency (NSA) have issued a joint Cybersecurity Advisory (CSA) detailing malicious cyber operations by Iranian government-sponsored advanced persistent threat (APT) actors known as MuddyWater. Read more…

By Krypteia Group, 3 years2022-02-24 ago

Cybersecurity Exploits IT Malware Security Patches Solutions

New Sandworm Malware Cyclops Blink Replaces VPNFilter

https://www.cisa.gov/uscert/ncas/current-activity/2022/02/23/new-sandworm-malware-cyclops-blink-replaces-vpnfilter The United Kingdom’s National Cyber Security Centre, CISA, the National Security Agency, and the Federal Bureau of Investigation have released a joint Cybersecurity Advisory (CSA) reporting that the malicious cyber actor known as Sandworm or Voodoo Bear is using new malware, referred to as Cyclops Blink. Cyclops Blink appears to Read more…

By Krypteia Group, 3 years2022-02-23 ago

Cybersecurity Exploits IT MSSP Solutions

CISA releases 3 Industrial Control Systems Advisories

https://www.cisa.gov/uscert/ics ICS-CERT released the following 3 advisories today, February 22, 2022. Click on the links below for more detailed information on these Industrial Control Systems vulnerabilities. GE Proficy CIMPLICITY-IPM GE Proficy CIMPLICITY-Cleartext WIN-911 2021

By Krypteia Group, 3 years2022-02-22 ago

Cybersecurity Exploits IT MSSP Security Patches

CISA Adds Two Known Exploited Vulnerabilities to Catalog

https://www.cisa.gov/uscert/ncas/current-activity/2022/02/22/cisa-adds-two-known-exploited-vulnerabilities-catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to Read more…

By Krypteia Group, 3 years2022-02-22 ago