Yokogawa CENTUM and ProSafe-RS https://www.cisa.gov/uscert/ics/advisories/icsa-22-123-01 Successful exploitation of these vulnerabilities may allow leakage/tampering of data, cause a denial-of-service condition, or allow a local attacker to execute arbitrary program
What is Spear Phishing? Don’t let the terminology confuse you– spear phishing is not the act of hunting for fish in the ocean, it’s a specific type of phishing attack where cyber criminals use detailed personal information to attack a specific individual or organization. This typically happens through email with Read more…
Vulnerability Summary for the Week of April 25, 2022 https://www.cisa.gov/uscert/ncas/bulletins/sb22-122 The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities Read more…
Data shows that wire fraud risk remained at heightened levels in Q1 2022 The Cybersecurity and Infrastructure Security Agency (CISA) and the Biden Administration have issued a “Shields Up” warning to U.S. businesses regarding the increased threat of cyberattacks related to Russia’s invasion of Ukraine earlier this year. “Evolving Read more…
As the name suggests, the purpose of the Federal Trade Commission’s Standards for Safeguarding Customer Information – the Safeguards Rule, for short – is to ensure that entities covered by the Rule maintain safeguards to protect the security of customer information. The Safeguards Rule took effect in Read more…
https://www.cisa.gov/uscert/ncas/current-activity/2022/04/28/cisco-releases-security-updates-multiple-products Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Cisco Security Advisories page and apply the necessary updates.
https://www.cisa.gov/uscert/ncas/current-activity/2022/04/28/cisa-and-fbi-update-advisory-destructive-malware-targeting CISA and the Federal Bureau of Investigation (FBI) have updated joint Cybersecurity Advisory AA22-057A: Destructive Malware Targeting Organizations in Ukraine, originally released February 26, 2022. The advisory has been updated to include additional indicators of compromise for WhisperGate and technical details for HermeticWiper, IsaacWiper, HermeticWizard, and CaddyWiper Read more…
https://www.cisa.gov/uscert/ncas/current-activity/2022/04/27/2021-top-routinely-exploited-vulnerabilities CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NZ NCSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK) have released a joint Read more…
Vulnerability Summary for the Week of April 18 2022 https://www.cisa.gov/uscert/ncas/bulletins/sb22-115 The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities Read more…
https://www.cisa.gov/uscert/ncas/current-activity/2022/04/25/cisa-adds-seven-known-exploited-vulnerabilities-catalog CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in Read more…
Coming soon!