fbpx

May 2022

CISA Adds Two Known Exploited Vulnerabilities to Catalog

https://www.cisa.gov/uscert/ncas/current-activity/2022/05/16/cisa-adds-two-known-exploited-vulnerabilities-catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the Read more…

By Krypteia Group, ago

Apache Releases Security Advisory for Tomcat

https://www.cisa.gov/uscert/ncas/current-activity/2022/05/16/apache-releases-security-advisory-tomcat The Apache Software Foundation has released a security advisory to address a vulnerability in multiple versions of Tomcat. An attacker could exploit this vulnerability to obtain sensitive information.   CISA encourages users and administrators to review Apache’s security advisory and apply the necessary updates. 

By Krypteia Group, ago

CISA Temporarily Removes CVE-2022-26925 from Known Exploited Vulnerability Catalog

https://www.cisa.gov/uscert/ncas/current-activity/2022/05/13/cisa-temporarily-removes-cve-2022-26925-known-exploited CISA is temporarily removing CVE-2022-26925 from its Known Exploited Vulnerability Catalog due to a risk of authentication failures when the May 10, 2022 Microsoft rollup update is applied to domain controllers. After installing May 10, 2022 rollup update on domain controllers, organizations might experience authentication failures on the server or client Read more…

By Krypteia Group, ago

Adobe Releases Security Updates for Multiple Products

https://www.cisa.gov/uscert/ncas/current-activity/2022/05/12/adobe-releases-security-updates-multiple-products Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates.  •    Character Animator APSB22-21 •    ColdFusion APSB22-22 •    InDesign APSB22-23 •    Framemaker APSB22-27 •   Read more…

By Krypteia Group, ago

Google Releases Security Updates for Chrome

https://www.cisa.gov/uscert/ncas/current-activity/2022/05/11/google-releases-security-updates-chrome Google has released Chrome version 101.0.4951.64 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.  CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update.

By Krypteia Group, ago

Microsoft Releases May 2022 Security Updates

https://www.cisa.gov/uscert/ncas/current-activity/2022/05/11/microsoft-releases-may-2022-security-updates Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s May 2022 Security Update Summary and Deployment Information and apply the necessary updates.

By Krypteia Group, ago

CISA Adds One Known Exploited Vulnerability to Catalog

https://www.cisa.gov/uscert/ncas/current-activity/2022/05/11/cisa-adds-one-known-exploited-vulnerability-catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerability in the catalog, click Read more…

By Krypteia Group, ago

Microsoft Releases Security Advisory for Azure Data Factory and Azure Synapse Pipelines

https://www.cisa.gov/uscert/ncas/current-activity/2022/05/10/microsoft-releases-security-advisory-azure-data-factory-and-azure Microsoft has released a security advisory to address a remote code execution vulnerability affecting Azure Data Factory and Azure Synapse Pipelines. A remote attacker could exploit this vulnerability to take control of an affected system.  CISA encourages users and administrators to review Microsoft Advisory ADV220001 for more information and to apply Read more…

By Krypteia Group, ago

CISA Adds One Known Exploited Vulnerability to Catalog

https://www.cisa.gov/uscert/ncas/current-activity/2022/05/10/cisa-adds-one-known-exploited-vulnerability-catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerability in the catalog, click Read more…

By Krypteia Group, ago

U.S. Government Attributes Cyberattacks on SATCOM Networks to Russian State-Sponsored Malicious Cyber Actors

https://www.cisa.gov/uscert/ncas/current-activity/2022/05/10/us-government-attributes-cyberattacks-satcom-networks-russian CISA and the Federal Bureau of Investigation (FBI) have updated the joint cybersecurity advisory, Strengthening Cybersecurity of SATCOM Network Providers and Customers, originally released March 17, 2022, with U.S. government attribution to Russian state-sponsored malicious cyber actors. The United States assesses Russia launched cyberattacks in late February against commercial satellite communications Read more…

By Krypteia Group, ago