Alerts – Page 9 – CYNET-CSIRT

AA22-187A: North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector

Original release date: July 6, 2022SummaryThe Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of the Treasury (Treasury) are releasing this joint Cybersecurity Advisory…

Comments Off

July 6, 2022

Alerts

AA22-181A: #StopRansomware: MedusaLocker

Original release date: June 30, 2022SummaryActions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts.…

Comments Off

June 30, 2022

Alerts

AA22-174A: Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems

Original release date: June 23, 2022SummaryActions to take today: • Install fixed builds, updating all affected VMware Horizon and UAG systems to the latest versions. If updates or workarounds were…

Comments Off

June 23, 2022

Alerts

AA22-158A: People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices

Original release date: June 7, 2022SummaryBest Practices • Apply patches as soon as possible • Disable unnecessary ports and protocols • Replace end-of-life infrastructure • Implement a centralized patch management…

Comments Off

June 8, 2022

Alerts

AA22-152A: Karakurt Data Extortion Group

Original release date: June 1, 2022SummaryActions to take today to mitigate cyber threats from ransomware: • Prioritize patching known exploited vulnerabilities. • Train users to recognize and report phishing attempts.…

Comments Off

June 1, 2022

Alerts

AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control

Original release date: May 18, 2022SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is releasing this Cybersecurity Advisory (CSA) to warn organizations that malicious cyber actors, likely advanced persistent threat (APT)…

Comments Off

May 18, 2022

Alerts

AA22-138A: Threat Actors Exploiting F5 BIG-IP CVE-2022-1388

Original release date: May 18, 2022SummaryActions for administrators to take today: • Do not expose management interfaces to the internet. • Enforce multi-factor authentication. • Consider using CISA’s Cyber Hygiene…

Comments Off

May 18, 2022

Alerts

AA22-137A: Weak Security Controls and Practices Routinely Exploited for Initial Access

Original release date: May 17, 2022SummaryBest Practices to Protect Your Systems: • Control access. • Harden Credentials. • Establish centralized log management. • Use antivirus solutions. • Employ detection tools.…

Comments Off

May 17, 2022

Alerts

AA22-131A: Protecting Against Cyber Threats to Managed Service Providers and their Customers

Original release date: May 11, 2022SummaryTactical actions for MSPs and their customers to take today: • Identify and disable accounts that are no longer in use. • Enforce MFA on…

Comments Off

May 12, 2022

Alerts

AA22-117A: 2021 Top Routinely Exploited Vulnerabilities

Original release date: April 27, 2022SummaryThis joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and…

Comments Off

April 27, 2022