Krypteia Group, Author at Secure | IT | Solutions

Cybersecurity Exploits Security Patches Software

Apple Releases Security Updates for Multiple Products

https://www.cisa.gov/uscert/ncas/current-activity/2022/03/16/apple-releases-security-updates-multiple-products Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security page and apply the necessary updates.

By Krypteia Group, 3 years2022-03-16 ago

Cybersecurity Exploits Security Patches Software

Google Releases Security Updates for Chrome

https://www.cisa.gov/uscert/ncas/current-activity/2022/03/16/google-releases-security-updates-chrome Google has released Chrome version 99.0.4844.74 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates.

By Krypteia Group, 3 years2022-03-16 ago

Cybersecurity Exploits Malware Web Design and Hosting

Increase In Malware Sightings on GoDaddy Managed Hosting

Increase In Malware Sightings on GoDaddy Managed Hosting The backdoor in question has been in use since at least 2015. It generates spammy Google search results and includes resources customized to the infected site. The main backdoor is added to the very beginning of wp-config.php and looks like this… While Read more…

By Krypteia Group, 3 years2022-03-15 ago

Cybersecurity Exploits IT Solutions

CISA Adds 15 Known Exploited Vulnerability to Catalog

https://www.cisa.gov/uscert/ncas/current-activity/2022/03/15/cisa-adds-15-known-exploited-vulnerability-catalog CISA has added 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the Read more…

By Krypteia Group, 3 years2022-03-15 ago

Cybersecurity Exploits IT

Russian State-Sponsored Cyber Actors Access Network Misconfigured with Default MFA Protocols

https://www.cisa.gov/uscert/ncas/current-activity/2022/03/15/russian-state-sponsored-cyber-actors-access-network-misconfigured CISA and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory that details how Russian state-sponsored cyber actors accessed a network with misconfigured default multifactor authentication (MFA) protocols. The actors then exploited a critical Windows Print Spooler vulnerability, “PrintNightmare” (CVE-2021-34527), to run arbitrary code with system privileges. Read more…

By Krypteia Group, 3 years2022-03-15 ago

Cybersecurity Exploits IT Solutions

Updated: Kubernetes Hardening Guide

https://www.cisa.gov/uscert/ncas/current-activity/2022/03/15/updated-kubernetes-hardening-guide The National Security Agency (NSA) and CISA have updated their joint Cybersecurity Technical Report (CTR): Kubernetes Hardening Guide, originally released in August 2021, based on valuable feedback and inputs from the cybersecurity community. Kubernetes is an open-source system that automates deployment, scaling, and management of applications run in containers. Read more…

By Krypteia Group, 3 years2022-03-15 ago

Cybersecurity Exploits Security Patches

Dirty Pipe Privilege Escalation Vulnerability in Linux

https://www.cisa.gov/uscert/ncas/current-activity/2022/03/10/dirty-pipe-privilege-escalation-vulnerability-linux CISA is aware of a privilege escalation vulnerability in Linux kernel versions 5.8 and later known as “Dirty Pipe” (CVE-2022-0847). A local attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review (CVE-2022-0847) and update to Linux kernel versions 5.16.11, Read more…

By Krypteia Group, 3 years2022-03-10 ago

Cybersecurity Exploits Ransomware

Updated: Conti Ransomware

https://www.cisa.gov/uscert/ncas/current-activity/2022/03/09/updated-conti-ransomware CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the United States Secret Service (USSS) have re-released an advisory on Conti ransomware. Conti cyber threat actors remain active and reported Conti ransomware attacks against U.S. and international organizations have risen to more than 1,000. CISA, Read more…

By Krypteia Group, 3 years2022-03-09 ago

Cybersecurity Exploits Security Patches

SAP Releases March 2022 Security Updates

https://www.cisa.gov/uscert/ncas/current-activity/2022/03/08/sap-releases-march-2022-security-updates SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the SAP Security Notes for March 2022 and apply the necessary updates.

By Krypteia Group, 3 years2022-03-09 ago

Cybersecurity Exploits Security Patches Software

Microsoft Releases March 2022 Security Updates

https://www.cisa.gov/uscert/ncas/current-activity/2022/03/08/microsoft-releases-march-2022-security-updates Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s March 2022 Security Update Summary and Deployment Information and apply the necessary updates.

By Krypteia Group, 3 years2022-03-09 ago