April 2022 - Secure | IT

Cybersecurity Exploits Security Patches

Cisco Releases Security Updates for Multiple Products

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/28/cisco-releases-security-updates-multiple-products Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Cisco Security Advisories page and apply the necessary updates.

By Krypteia Group, 2 years2022-04-28 ago

Cybersecurity Malware

CISA and FBI Update Advisory on Destructive Malware Targeting Organizations in Ukraine

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/28/cisa-and-fbi-update-advisory-destructive-malware-targeting CISA and the Federal Bureau of Investigation (FBI) have updated joint Cybersecurity Advisory AA22-057A: Destructive Malware Targeting Organizations in Ukraine, originally released February 26, 2022. The advisory has been updated to include additional indicators of compromise for WhisperGate and technical details for HermeticWiper, IsaacWiper, HermeticWizard, and CaddyWiper destructive malware. CISA Read more…

By Krypteia Group, 2 years2022-04-28 ago

Cybersecurity Exploits

2021 Top Routinely Exploited Vulnerabilities

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/27/2021-top-routinely-exploited-vulnerabilities CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NZ NCSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK) have released a joint Cybersecurity Advisory that provides Read more…

By Krypteia Group, 2 years2022-04-27 ago

Cybersecurity Exploits Security Patches

Bulletin (SB22-115)

Vulnerability Summary for the Week of April 18 2022 https://www.cisa.gov/uscert/ncas/bulletins/sb22-115 The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin Read more…

By Krypteia Group, 2 years2022-04-25 ago

Cybersecurity Exploits

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/25/cisa-adds-seven-known-exploited-vulnerabilities-catalog CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click Read more…

By Krypteia Group, 2 years2022-04-25 ago

Cybersecurity Exploits Ransomware

FBI Releases IOCs Associated with BlackCat/ALPHV Ransomware

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/22/fbi-releases-iocs-associated-blackcatalphv-ransomware The Federal Bureau of Investigation (FBI) has released a Flash report detailing indicators of compromise (IOCs) associated with attacks involving BlackCat/ALPHV, a Ransomware-as-a-Service that has compromised at least 60 entities worldwide. CISA encourages users and administrators to review the IOCs and technical details in FBI Flash CU-000167-MW and apply the recommended mitigations.

By Krypteia Group, 2 years2022-04-22 ago

Cybersecurity Exploits Security Patches

Cisco Releases Security Updates for Multiple Products

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/21/cisco-releases-security-updates-multiple-products-0 Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to review the following Cisco advisories Read more…

By Krypteia Group, 2 years2022-04-21 ago

Cybersecurity Exploits Security Patches Software

Drupal Releases Security Updates

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/21/drupal-releases-security-updates Drupal has released security updates to address vulnerabilities affecting Drupal 9.2 and 9.3. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Drupal security advisories SA-CORE-008 and SA-CORE-009 and apply the necessary updates.

By Krypteia Group, 2 years2022-04-21 ago

Cybersecurity Exploits Malware Ransomware Security Patches Software

Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/20/russian-state-sponsored-and-criminal-cyber-threats-critical The cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom have released a joint Cybersecurity Advisory (CSA) to warn organizations that Russia’s invasion of Ukraine could expose organizations both within and beyond the region to increased malicious cyber activity from Russian state-sponsored cyber actors or Russian-aligned Read more…

By Krypteia Group, 2 years2022-04-20 ago

Cybersecurity Exploits Security Patches

CISA Adds Three Known Exploited Vulnerabilities to Catalog

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/19/cisa-adds-three-known-exploited-vulnerabilities-catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click Read more…

By Krypteia Group, 2 years2022-04-19 ago