Tag archive for Cisa

CISA Adds One Known Exploited Vulnerability to Catalog

Original release date: July 1, 2022 CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise….

Continue reading →

#StopRansomware: MedusaLocker

Original release date: June 30, 2022 CISA, the Federal Bureau of Investigation (FBI), the Department of the Treasury (Treasury), and the Financial Crimes Enforcement Network (FinCEN) have released a joint Cybersecurity Advisory (CSA), #StopRansomware: MedusaLocker, to provide information on MedusaLocker ransomware. MedusaLocker actors target vulnerabilities…

Continue reading →

CISA Releases Guidance on Switching to Modern Auth in Exchange Online before October 1

Original release date: June 28, 2022  CISA has released guidance on switching from Basic Authentication (“Basic Auth”) in Microsoft Exchange Online to Modern Authentication (“Modern Auth”) before Microsoft begins permanently disabling Basic Auth on October 1, 2022. Basic Auth is a legacy authentication method that…

Continue reading →

Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems

Original release date: June 23, 2022  CISA and the United States Coast Guard Cyber Command (CGCYBER) have released a joint Cybersecurity Advisory (CSA) to warn network defenders that cyber threat actors, including state-sponsored advanced persistent threat (APT) actors, have continued to exploit CVE-2021-44228 (Log4Shell) in…

Continue reading →

Citrix Releases Security Updates for Hypervisor

Original release date: June 24, 2022 Citrix has released security updates to address vulnerabilities that could affect Hypervisor. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Citrix Security Update CTX460064 and apply…

Continue reading →

Google Releases Security Updates for Chrome

Original release date: June 22, 2022 Google has released Chrome version 103.0.5060.53 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.  CISA encourages users and administrators to review the Chrome Release Note and apply…

Continue reading →

SAP Releases June 2022 Security Updates

Original release date: June 14, 2022 SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review SAP Security Patch Day – June…

Continue reading →

Cisco Releases Security Updates for Multiple Products

Original release date: June 16, 2022 Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page….

Continue reading →

Page 1 of 10 1 2 3 4 5 ... Last →