Original release date: April 22, 2022 The Federal Bureau of Investigation (FBI) has released a Flash report detailing indicators of compromise (IOCs) associated with attacks involving BlackCat/ALPHV, a Ransomware-as-a-Service that has compromised at least 60 entities worldwide. CISA encourages users and administrators to review the IOCs…
Original release date: April 21, 2022 Drupal has released security updates to address vulnerabilities affecting Drupal 9.2 and 9.3. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Drupal security advisories SA-CORE-008 and SA-CORE-009 and apply…
Original release date: April 19, 2022 Oracle has released its Critical Patch Update for April 2022 to address 520 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to…
Original release date: April 15, 2022 VMware has released security updates to address a remote code execution vulnerability in Cloud Director. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2022-0013 and…
Original release date: April 15, 2022 Google has released Chrome version 100.0.4896.127 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. This vulnerability has been detected in exploits in the wild. CISA…
Original release date: April 13, 2022 Microsoft has released an advisory to address CVE-2022-26809, a critical remote code execution vulnerability in Remote Procedure Call Runtime Library. A remote, unauthenticated attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to…
Original release date: April 11, 2022 CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise….
Original release date: April 7, 2022 VMware has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory Advisories VMSA-2022-0011 and VMSA-2022-0012 and…
