POSTS

Cybersecurity Exploits Security Patches

Threat Actors Exploiting F5 BIG IP CVE-2022-1388

https://www.cisa.gov/uscert/ncas/current-activity/2022/05/18/threat-actors-exploiting-f5-big-ip-cve-2022-1388 CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have released the joint Cybersecurity Advisory Threat Actors Exploiting F5 BIG-IP CVE-2022-1388 in response to active exploitation of CVE-2022-1388, which affects F5 Networks BIG-IP devices. The vulnerability allows an unauthenticated actor to gain control of affected systems via Read more…

By Krypteia Group, 2 years2022-05-18 ago

Cybersecurity Exploits Security Patches Software

Weak Security Controls and Practices Routinely Exploited for Initial Access

https://www.cisa.gov/uscert/ncas/current-activity/2022/05/17/weak-security-controls-and-practices-routinely-exploited-initial The cybersecurity authorities of the United States, Canada, New Zealand, the Netherlands, and the United Kingdom have issued a joint Cybersecurity Advisory (CSA) on 10 routinely exploited weak security controls, poor configurations, and bad practices that allow malicious actors to compromise networks. While these poor practices may be Read more…

By Krypteia Group, 2 years2022-05-17 ago

Cybersecurity Exploits Security Patches

Apple Releases Security Updates for Multiple Products

https://www.cisa.gov/uscert/ncas/current-activity/2022/05/17/apple-releases-security-updates-multiple-products Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Note: Apple notes they are aware of a report that states CVE-2022-22675 may have been actively exploited. CVE-2022-22675 affects watchOS, tvOS, and Read more…

By Krypteia Group, 2 years2022-05-17 ago

Cybersecurity Exploits Security Patches

Bulletin (SB22-136)

Vulnerability Summary for the Week of May 9, 2022 https://www.cisa.gov/uscert/ncas/bulletins/sb22-136 The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities Read more…

By Krypteia Group, 2 years2022-05-16 ago

Cybersecurity Exploits Security Patches

CISA Adds Two Known Exploited Vulnerabilities to Catalog

https://www.cisa.gov/uscert/ncas/current-activity/2022/05/16/cisa-adds-two-known-exploited-vulnerabilities-catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, Read more…

By Krypteia Group, 2 years2022-05-16 ago

Cybersecurity Exploits Security Patches Software

Apache Releases Security Advisory for Tomcat

https://www.cisa.gov/uscert/ncas/current-activity/2022/05/16/apache-releases-security-advisory-tomcat The Apache Software Foundation has released a security advisory to address a vulnerability in multiple versions of Tomcat. An attacker could exploit this vulnerability to obtain sensitive information. CISA encourages users and administrators to review Apache’s security advisory and apply the necessary updates.

By Krypteia Group, 2 years2022-05-16 ago

Cybersecurity Exploits Security Patches

CISA Temporarily Removes CVE-2022-26925 from Known Exploited Vulnerability Catalog

https://www.cisa.gov/uscert/ncas/current-activity/2022/05/13/cisa-temporarily-removes-cve-2022-26925-known-exploited CISA is temporarily removing CVE-2022-26925 from its Known Exploited Vulnerability Catalog due to a risk of authentication failures when the May 10, 2022 Microsoft rollup update is applied to domain controllers. After installing May 10, 2022 rollup update on domain controllers, organizations might experience authentication failures on the Read more…

By Krypteia Group, 2 years2022-05-13 ago

Cybersecurity Exploits Security Patches Software

Adobe Releases Security Updates for Multiple Products

https://www.cisa.gov/uscert/ncas/current-activity/2022/05/12/adobe-releases-security-updates-multiple-products Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates. • Character Animator APSB22-21 • Read more…

By Krypteia Group, 2 years2022-05-12 ago

Cybersecurity Exploits Security Patches Software

Google Releases Security Updates for Chrome

https://www.cisa.gov/uscert/ncas/current-activity/2022/05/11/google-releases-security-updates-chrome Google has released Chrome version 101.0.4951.64 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update.

By Krypteia Group, 2 years2022-05-11 ago

Cybersecurity Exploits Security Patches Software

Microsoft Releases May 2022 Security Updates

https://www.cisa.gov/uscert/ncas/current-activity/2022/05/11/microsoft-releases-may-2022-security-updates Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s May 2022 Security Update Summary and Deployment Information and apply the necessary updates.

By Krypteia Group, 2 years2022-05-11 ago

Subscribe to our Newsletter