April 2022 - Page 2 of 3 - Secure | IT

Cybersecurity Exploits Security Patches Software

Oracle Releases April 2022 Critical Patch Update

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/19/oracle-releases-april-2022-critical-patch-update Oracle has released its Critical Patch Update for April 2022 to address 520 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Oracle April 2022 Critical Patch Update and apply the necessary Read more…

By Krypteia Group, 2 years2022-04-19 ago

Cybersecurity Exploits MSSP Security Patches

CISA Releases Secure Cloud Business Applications (SCuBA) Guidance Documents for Public Comment

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/19/cisa-releases-secure-cloud-business-applications-scuba-guidance CISA has released draft versions of two guidance documents—along with a request for comment (RFC)—that are a part of the recently launched Secure Cloud Business Applications (SCuBA) project: Secure Cloud Business Applications (SCuBA) Technical Reference Architecture (TRA) Extensible Visibility Reference Framework (eVRF) Program Guidebook The public comment period for the Read more…

By Krypteia Group, 2 years2022-04-19 ago

Cybersecurity Exploits

North Korean State-Sponsored APT Targets Blockchain Companies

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/18/north-korean-state-sponsored-apt-targets-blockchain-companies CISA, the Federal Bureau of Investigation (FBI), and the U.S. Treasury Department have released a joint Cybersecurity Advisory (CSA) that details cyber threats associated with cryptocurrency thefts and tactics used by a North Korean state-sponsored advanced persistent threat (APT) actor known as the Lazarus Group. CISA encourages organizations to review joint Read more…

By Krypteia Group, 2 years2022-04-18 ago

Cybersecurity Exploits Solutions

Bulletin (SB22-108)

Vulnerability Summary for the Week of April 11, 2022 https://www.cisa.gov/uscert/ncas/bulletins/sb22-108 The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin Read more…

By Krypteia Group, 2 years2022-04-18 ago

Cybersecurity Exploits Security Patches Software

CISA Adds Nine Known Exploited Vulnerabilities to Catalog

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/15/cisa-adds-nine-known-exploited-vulnerabilities-catalog CISA has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, Read more…

By Krypteia Group, 2 years2022-04-15 ago

Cybersecurity Exploits Security Patches Software

Google Releases Security Updates for Chrome

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/15/google-releases-security-updates-chrome Google has released Chrome version 100.0.4896.127 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. This vulnerability has been detected in exploits in the wild. CISA encourages users and administrators to review the Chrome Release Note and Read more…

By Krypteia Group, 2 years2022-04-15 ago

Cybersecurity Exploits Security Patches Software

VMware Releases Security Updates for Cloud Director

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/15/vmware-releases-security-updates-cloud-director VMware has released security updates to address a remote code execution vulnerability in Cloud Director. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2022-0013 and apply the necessary updates.

By Krypteia Group, 2 years2022-04-15 ago

Cybersecurity Exploits Security Patches Software

Apache Releases Security Advisory for Struts 2

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/12/apache-releases-security-advisory-struts-2 The Apache Software Foundation has released a security advisory to address a vulnerability in Struts in the version range 2.0.0 to 2.5.29. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Apache’s security advisory S2-062 and upgrade to Read more…

By Krypteia Group, 2 years2022-04-12 ago

Cybersecurity Exploits Security Patches

Citrix Releases Security Updates for Multiple Products

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/12/citrix-releases-security-updates-multiple-products Citrix has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Citrix security bulletins and apply the necessary updates. CTX370550 CTX377814 CTX370551 CTX341455

By Krypteia Group, 2 years2022-04-12 ago

Cybersecurity Exploits Security Patches Software

Microsoft Releases April 2022 Security Updates

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/12/microsoft-releases-april-2022-security-updates Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s April 2022 Security Update Summary and Deployment Information and apply the necessary updates.

By Krypteia Group, 2 years2022-04-12 ago