AA22-321A: #StopRansomware: Hive Ransomware

Original release date: November 17, 2022SummaryActions to Take Today to Mitigate Cyber Threats from Ransomware: • Prioritize remediating known exploited vulnerabilities. • Enable and enforce multifactor authentication with strong passwords…

Comments Off on AA22-321A: #StopRansomware: Hive Ransomware

#StopRansomware: Hive

Original release date: November 17, 2022Today, CISA, the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) released joint Cybersecurity Advisory (CSA) #StopRansomware: Hive Ransomware to…

Comments Off on #StopRansomware: Hive

Cisco Releases Security Updates for Identity Services Engine

Original release date: November 16, 2022Cisco has released security updates for vulnerabilities affecting Cisco Identity Services Engine (ISE). A remote attacker could exploit some of these vulnerabilities to bypass authorization…

Comments Off on Cisco Releases Security Updates for Identity Services Engine

AA22-320A: Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester

Original release date: November 16, 2022SummaryFrom mid-June through mid-July 2022, CISA conducted an incident response engagement at a Federal Civilian Executive Branch (FCEB) organization where CISA observed suspected advanced persistent…

Comments Off on AA22-320A: Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester

Vulnerability Summary for the Week of November 7, 2022

Original release date: November 14, 2022 | Last revised: November 15, 2022  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info accusoft -- imagegear An…

Comments Off on Vulnerability Summary for the Week of November 7, 2022

CISA Releases One Industrial Control Systems Advisory

Original release date: November 15, 2022CISA released one Industrial Control Systems (ICS) advisory on November 15, 2022. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding…

Comments Off on CISA Releases One Industrial Control Systems Advisory

CISA Releases SSVC Methodology to Prioritize Vulnerabilities

Original release date: November 10, 2022Today CISA published its guide on Stakeholder-Specific Vulnerability Categorization (SSVC), a vulnerability management methodology that assesses vulnerabilities and prioritizes remediation efforts based on exploitation status,…

Comments Off on CISA Releases SSVC Methodology to Prioritize Vulnerabilities

Microsoft Releases November 2022 Security Updates

Original release date: November 9, 2022Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected…

Comments Off on Microsoft Releases November 2022 Security Updates