Category: alerts

Original release date: August 11, 2022 CISA and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA), #StopRansomware: Zeppelin Ransomware, to provide information on Zeppelin Ransomware. Actors use Zeppelin Ransomware, a ransomware-as-a-service (RaaS), against a wide range of businesses and critical infrastructure organizations to encrypt victims’ files for financial gain. CISA… Read more

Original release date: August 11, 2022 Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce multifactor authentication. Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for… Read more

Original release date: August 10, 2022 Palo Alto Networks has released a security update to address a vulnerability in PAN-OS firewall configurations. A remote attacker could exploit this vulnerability to conduct a reflected denial-of service. CISA encourages users and administrators to review the Palo Alto Networks Security Advisory CVE-2022-0028 and apply the necessary updates or workarounds. … Read more

Original release date: August 10, 2022 CISA—through the Joint Cyber Defense Collaborative (JCDC)—has released a toolkit of free cybersecurity resources for the election community. The toolkit aims to help state and local government officials, election officials, and vendors enhance the cybersecurity and cyber resilience of U.S. election infrastructure. The toolkit resources, which come from CISA,… Read more

August Patch Tuesday tackles 121 CVEs, 17 critical bugs and one zero-day bug exploited in the wild. Read more

Original release date: August 8, 2022 | Last revised: August 9, 2022   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info There were no high vulnerabilities recorded this week. Back to top   Medium Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info There were… Read more

Original release date: August 9, 2022 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s August 2022 Security Update Guide and Deployment Information and apply the necessary updates. This product is provided… Read more

Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among others, to trick victims. Read more

Original release date: August 4, 2022 Summary Immediate Actions You Can Take Now to Protect Against Malware: • Patch all systems and prioritize patching known exploited vulnerabilities. • Enforce multifactor authentication (MFA). • Secure Remote Desktop Protocol (RDP) and other risky services. • Make offline backups of your data. • Provide end-user awareness and training… Read more

Vulnerability—for which a proof-of-concept is forthcoming—is one of a string of flaws the company fixed that could lead to an attack chain. Read more