• 1 (current)
  • 2
  • 3
Mai 2022
Titel
AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control
Veröffentlicht
18. Mai 2022 20:00
Text
Original release date: May 18, 2022SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is releasing this Cybersecurity Advisory (CSA) to warn organizations that malicious cyber actors, likely advanced persistent threat (APT) actors, are exploiting CVE-2022-22954 and CVE-2022-22960 separately and in combination. These vulnerabilities affect certain versions of VMware Workspace ONE Access, ...
Titel
AA22-138A: Threat Actors Exploiting F5 BIG-IP CVE-2022-1388
Veröffentlicht
18. Mai 2022 15:00
Text
Original release date: May 18, 2022SummaryActions for administrators to take today: • Do not expose management interfaces to the internet. • Enforce multi-factor authentication. • Consider using CISA’s Cyber Hygiene Services. The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) are releasing this ...
Titel
AA22-137A: Weak Security Controls and Practices Routinely Exploited for Initial Access
Veröffentlicht
17. Mai 2022 15:00
Text
Original release date: May 17, 2022SummaryBest Practices to Protect Your Systems: • Control access. • Harden Credentials. • Establish centralized log management. • Use antivirus solutions. • Employ detection tools. • Operate services exposed on internet-accessible hosts with secure configurations. • Keep software updated. Cyber actors routinely exploit poor security ...
Titel
AA22-131A: Protecting Against Cyber Threats to Managed Service Providers and their Customers
Veröffentlicht
11. Mai 2022 13:00
Text
Original release date: May 11, 2022SummaryTactical actions for MSPs and their customers to take today: • Identify and disable accounts that are no longer in use. • Enforce MFA on MSP accounts that access the customer environment and monitor for unexplained failed authentication. • Ensure MSP-customer contracts transparently identify ownership ...
April 2022
Titel
AA22-117A: 2021 Top Routinely Exploited Vulnerabilities
Veröffentlicht
27. April 2022 16:00
Text
Original release date: April 27, 2022SummaryThis joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), Canadian Centre ...
Titel
AA22-110A: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
Veröffentlicht
20. April 2022 19:00
Text
Original release date: April 20, 2022SummaryActions critical infrastructure organizations should implement to immediately protect against Russian state-sponsored and criminal cyber threats: • Patch all systems. Prioritize patching known exploited vulnerabilities. • Enforce multifactor authentication. • Secure and monitor Remote Desktop Protocol and other risky services. • Provide end-user awareness and ...
Titel
AA22-108A: TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies
Veröffentlicht
18. April 2022 15:38
Text
Original release date: April 18, 2022SummaryActions to take today to mitigate cyber threats to cryptocurrency: • Patch all systems. • Prioritize patching known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Use multifactor authentication. The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency ...
Titel
AA22-103A: APT Cyber Tools Targeting ICS/SCADA Devices
Veröffentlicht
13. April 2022 19:00
Text
Original release date: April 13, 2022SummaryActions to Take Today to Protect ICS/SCADA Devices: • Enforce multifactor authentication for all remote access to ICS networks and devices whenever possible. • Change all passwords to ICS/SCADA devices and systems on a consistent schedule, especially all default passwords, to device-unique strong passwords to ...
März 2022
Titel
AA22-083A: Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector
Veröffentlicht
24. März 2022 15:00
Text
Original release date: March 24, 2022SummaryActions to Take Today to Protect Energy Sector Networks: • Implement and ensure robust network segmentation between IT and ICS networks. • Enforce MFA to authenticate to a system. • Manage the creation of, modification of, use of—and permissions associated with—privileged accounts. This joint Cybersecurity ...
Titel
AA22-076A: Strengthening Cybersecurity of SATCOM Network Providers and Customers
Veröffentlicht
17. März 2022 20:00
Text
Original release date: March 17, 2022SummaryActions to Take Today: • Use secure methods for authentication. • Enforce principle of least privilege. • Review trust relationships. • Implement encryption. • Ensure robust patching and system configuration audits. • Monitor logs for suspicious activity. • Ensure incident response, resilience, and continuity of ...
Titel
AA22-074A: Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability
Veröffentlicht
15. März 2022 15:00
Text
Original release date: March 15, 2022SummaryMultifactor Authentication (MFA): A Cybersecurity Essential • MFA is one of the most important cybersecurity practices to reduce the risk of intrusions—according to industry research, users who enable MFA are up to 99 percent less likely to have an account compromised. • Every organization should ...
Februar 2022
Titel
AA22-057A: Destructive Malware Targeting Organizations in Ukraine
Veröffentlicht
26. Februar 2022 16:00
Text
Original release date: February 26, 2022SummaryActions to Take Today: • Set antivirus and antimalware programs to conduct regular scans. • Enable strong spam filters to prevent phishing emails from reaching end users. • Filter network traffic. • Update software. • Require multifactor authentication. Leading up to Russia’s unprovoked attack against ...
Titel
AA22-057A: Update: Destructive Malware Targeting Organizations in Ukraine
Veröffentlicht
26. Februar 2022 16:00
Text
Original release date: February 26, 2022 | Last revised: April 28, 2022SummaryActions to Take Today: • Set antivirus and antimalware programs to conduct regular scans. • Enable strong spam filters to prevent phishing emails from reaching end users. • Filter network traffic. • Update software. • Require multifactor authentication. (Updated ...
Titel
AA22-055A : Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks
Veröffentlicht
24. Februar 2022 17:00
Text
Original release date: February 24, 2022SummaryActions to Take Today to Protect Against Malicious Activity * Search for indicators of compromise. * Use antivirus software. * Patch all systems. * Prioritize patching known exploited vulnerabilities. * Train users to recognize and report phishing attempts. * Use multi-factor authentication. Note: this advisory ...
Titel
AA22-054A: New Sandworm Malware Cyclops Blink Replaces VPNFilter
Veröffentlicht
23. Februar 2022 16:00
Text
Original release date: February 23, 2022SummaryThe Sandworm actor, which the United Kingdom and the United States have previously attributed to the Russian GRU, has replaced the exposed VPNFilter malware with a new more advanced framework. The United Kingdom's (UK) National Cyber Security Centre (NCSC), the Cybersecurity and Infrastructure Security Agency ...
Titel
AA22-047A: Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology
Veröffentlicht
16. Februar 2022 16:00
Text
Original release date: February 16, 2022SummaryActions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity: • Enforce multifactor authentication. • Enforce strong, unique passwords. • Enable M365 Unified Audit Logs. • Implement endpoint detection and response tools. From at least January 2020, through February 2022, the Federal Bureau of Investigation ...
Titel
AA22-040A: 2021 Trends Show Increased Globalized Threat of Ransomware
Veröffentlicht
9. Februar 2022 15:00
Text
Original release date: February 9, 2022SummaryImmediate Actions You Can Take Now to Protect Against Ransomware: • Update your operating system and software. • Implement user training and phishing exercises to raise awareness about the risk of suspicious links and attachments. • If you use Remote Desktop Protocol (RDP), secure and ...
Januar 2022
Titel
AA22-011A: Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
Veröffentlicht
11. Januar 2022 16:00
Text
Original release date: January 11, 2022SummaryActions Critical Infrastructure Organizations Should Implement to Immediately Strengthen Their Cyber Posture. • Patch all systems. Prioritize patching known exploited vulnerabilities. • Implement multi-factor authentication. • Use antivirus software. • Develop internal contact lists and surge support. Note: this advisory uses the MITRE Adversarial Tactics, ...
Dezember 2021
Titel
AA21-356A: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
Veröffentlicht
22. Dezember 2021 16:00
Text
Original release date: December 22, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), the Computer Emergency Response Team New Zealand (CERT NZ), the New Zealand National Cyber Security Centre (NZ ...
Titel
AA21-336A: APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus
Veröffentlicht
2. Dezember 2021 19:00
Text
Original release date: December 2, 2021 | Last revised: December 6, 2021SummaryThis joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise framework for referenced threat actor techniques and for mitigations. This joint advisory is the result of analytic ...
November 2021
Titel
AA21-321A: Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
Veröffentlicht
17. November 2021 15:00
Text
Original release date: November 17, 2021 | Last revised: November 19, 2021SummaryActions to Take Today to Protect Against Iranian State-Sponsored Malicious Cyber Activity • Immediately patch software affected by the following vulnerabilities: CVE-2021-34473, 2018-13379, 2020-12812, and 2019-5591. • Implement multi-factor authentication. • Use strong, unique passwords. Note: this advisory uses ...
Oktober 2021
Titel
AA21-291A: BlackMatter Ransomware
Veröffentlicht
18. Oktober 2021 19:00
Text
Original release date: October 18, 2021SummaryActions You Can Take Now to Protect Against BlackMatter Ransomware • Implement and enforce backup and restoration policies and procedures. • Use strong, unique passwords. • Use multi-factor authentication. • Implement network segmentation and traversal monitoring. Note: this advisory uses the MITRE Adversarial Tactics, Techniques, ...
Titel
AA21-287A: Ongoing Cyber Threats to U.S. Water and Wastewater Systems
Veröffentlicht
14. Oktober 2021 20:00
Text
Original release date: October 14, 2021SummaryImmediate Actions WWS Facilities Can Take Now to Protect Against Malicious Cyber Activity • Do not click on suspicious links. • If you use RDP, secure and monitor it. • Use strong passwords. • Use multi-factor authentication. Note: This advisory uses the MITRE Adversarial Tactics, ...
September 2021
Titel
AA21-265A: Conti Ransomware
Veröffentlicht
22. September 2021 19:00
Text
Original release date: September 22, 2021SummaryImmediate Actions You Can Take Now to Protect Against Conti Ransomware • Use multi-factor authentication. • Segment and segregate networks and functions. • Update your operating system and software. Note: This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, version 9. ...
Titel
AA21-259A: APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus
Veröffentlicht
16. September 2021 19:00
Text
Original release date: September 16, 2021SummaryThis Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 8. See the ATT&CK for Enterprise for referenced threat actor tactics and for techniques. This joint advisory is the result of analytic efforts between the Federal Bureau of Investigation ...
  • 1 (current)
  • 2
  • 3

Letzte Updates

BOSCH PSIRT
02.05.2022
CODESYS
14.04.2022
SIEMENS CERT
10.05.2022
US CERT
18.05.2022
US CERT (ICS)
24.05.2022

Nach Quelle

Archiv

2022
2021
2020
2019
2018
2017

Feeds