Original release date: March 29, 2022CISA and the Department of Energy (DOE) are aware of threat actors gaining access to a variety of internet-connected uninterruptable power supply (UPS) devices, often…
Original release date: March 28, 2022CISA has added 32 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent…
Original release date: March 25, 2022CISA has added 66 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent…
Original release date: March 24, 2022CISA, the Federal Bureau of Investigation, and the Department of Energy have released a joint Cybersecurity Advisory (CSA) detailing campaigns conducted by state-sponsored Russian cyber actors…
Original release date: March 22, 2022The Federal Bureau of Investigation (FBI) and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) have released a joint Cybersecurity Advisory identifying indicators of…
Original release date: March 18, 2022CRI-O has released a security update addressing a critical vulnerability—CVE-2022-0811—in CRI-O 1.19. A local attacker could exploit this vulnerability to take control of an affected…
Original release date: March 15, 2022CISA has added 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the…
Original release date: March 15, 2022The National Security Agency (NSA) and CISA have updated their joint Cybersecurity Technical Report (CTR): Kubernetes Hardening Guide, originally released in August 2021, based on…
Original release date: March 15, 2022CISA and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory that details how Russian state-sponsored cyber actors accessed a network with misconfigured…
Original release date: March 10, 2022CISA is aware of a privilege escalation vulnerability in Linux kernel versions 5.8 and later known as “Dirty Pipe” (CVE-2022-0847). A local attacker could exploit…
