AA22-103A: APT Cyber Tools Targeting ICS/SCADA Devices

Original release date: April 13, 2022SummaryActions to Take Today to Protect ICS/SCADA Devices: • Enforce multifactor authentication for all remote access to ICS networks and devices whenever possible. • Change…

Comments Off on AA22-103A: APT Cyber Tools Targeting ICS/SCADA Devices

APT Actors Target ICS/SCADA Devices

Original release date: April 13, 2022CISA, the Department of Energy (DOE), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA),…

Comments Off on APT Actors Target ICS/SCADA Devices

CISA Adds 10 Known Exploited Vulnerabilities to Catalog

Original release date: April 13, 2022CISA has added 10 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent…

Comments Off on CISA Adds 10 Known Exploited Vulnerabilities to Catalog

ICSJWG Spring 2022 Virtual Meeting

Original release date: April 13, 2022The Industrial Control Systems Joint Working Group (ICSJWG) will hold its Spring 2022 Virtual Meeting April 26–27. ICSJWG meetings facilitate relationship building among critical infrastructure…

Comments Off on ICSJWG Spring 2022 Virtual Meeting

Microsoft Releases April 2022 Security Updates

Original release date: April 12, 2022Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected…

Comments Off on Microsoft Releases April 2022 Security Updates

Vulnerability Summary for the Week of April 4, 2022

Original release date: April 11, 2022  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info escanav -- escan_anti-virus An local privilege escalation vulnerability due to…

Comments Off on Vulnerability Summary for the Week of April 4, 2022

Guidance on Sharing Cyber Incident Information

Original release date: April 7, 2022CISA’s Sharing Cyber Event Information Fact Sheet provides our stakeholders with clear guidance and information about what to share, who should share, and how to…

Comments Off on Guidance on Sharing Cyber Incident Information

CISA Adds Three Known Exploited Vulnerabilities to Catalog

Original release date: April 6, 2022CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent…

Comments Off on CISA Adds Three Known Exploited Vulnerabilities to Catalog