Archive for Cybersecurity - page 132

Mitigating Attacks Against Uninterruptable Power Supply Devices

Original release date: March 29, 2022 CISA and the Department of Energy (DOE) are aware of threat actors gaining access to a variety of internet-connected uninterruptable power supply (UPS) devices, often through unchanged default usernames and passwords. Organizations can mitigate attacks against their UPS devices,…

Continue reading →

State-Sponsored Russian Cyber Actors Targeted Energy Sector from 2011 to 2018

Original release date: March 24, 2022 CISA, the Federal Bureau of Investigation, and the Department of Energy have released a joint Cybersecurity Advisory (CSA) detailing campaigns conducted by state-sponsored Russian cyber actors from 2011 to 2018 that targeted U.S. and international Energy Sector organizations. The CSA…

Continue reading →

CISA Adds 66 Known Exploited Vulnerabilities to Catalog

Original release date: March 25, 2022 CISA has added 66 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise….

Continue reading →

VMware Releases Security Updates

Original release date: March 24, 2022 VMware has released security updates to address multiple vulnerabilities in VMware Carbon Black App Control software. A remote attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security…

Continue reading →

FBI and FinCEN Release Advisory on AvosLocker Ransomware

Original release date: March 22, 2022 The Federal Bureau of Investigation (FBI) and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) have released a joint Cybersecurity Advisory identifying indicators of compromise associated with AvosLocker ransomware. AvosLocker is a ransomware-as-a-service affiliate-based group that has targeted…

Continue reading →

WordPress Releases Security Update

Original release date: March 17, 2022 WordPress versions prior to 5.9.2 are affected by multiple vulnerabilities. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected website. CISA encourages users and administrators to review the WordPress Security Release and…

Continue reading →

CRI-O Security Update for Kubernetes

Original release date: March 18, 2022 CRI-O has released a security update addressing a critical vulnerability—CVE-2022-0811—in CRI-O 1.19. A local attacker could exploit this vulnerability to take control of an affected Kubernetes environment as well as other software or platforms that use CRI-O runtime containers….

Continue reading →

Apple Releases Security Updates for Multiple Products

Original release date: March 16, 2022 Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the Apple security page and apply…

Continue reading →

Page 132 of 137 ← First ... 130 131 132 133 134 ... Last →