FBI and FinCEN Release Advisory on AvosLocker Ransomware

Original release date: March 22, 2022The Federal Bureau of Investigation (FBI) and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) have released a joint Cybersecurity Advisory identifying indicators of…

Comments Off on FBI and FinCEN Release Advisory on AvosLocker Ransomware

Vulnerability Summary for the Week of March 14, 2022

Original release date: March 21, 2022  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info 10web -- photo_gallery The Photo Gallery by 10Web WordPress plugin…

Comments Off on Vulnerability Summary for the Week of March 14, 2022

CRI-O Security Update for Kubernetes

Original release date: March 18, 2022CRI-O has released a security update addressing a critical vulnerability—CVE-2022-0811—in CRI-O 1.19. A local attacker could exploit this vulnerability to take control of an affected…

Comments Off on CRI-O Security Update for Kubernetes

CISA Adds 15 Known Exploited Vulnerability to Catalog

Original release date: March 15, 2022CISA has added 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the…

Comments Off on CISA Adds 15 Known Exploited Vulnerability to Catalog

Updated: Kubernetes Hardening Guide

Original release date: March 15, 2022The National Security Agency (NSA) and CISA have updated their joint Cybersecurity Technical Report (CTR): Kubernetes Hardening Guide, originally released in August 2021, based on…

Comments Off on Updated: Kubernetes Hardening Guide

AA22-074A: Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability

Original release date: March 15, 2022SummaryMultifactor Authentication (MFA): A Cybersecurity Essential • MFA is one of the most important cybersecurity practices to reduce the risk of intrusions—according to industry research,…

Comments Off on AA22-074A: Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability

Vulnerability Summary for the Week of March 7, 2022

Original release date: March 14, 2022  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info a3rev -- page_view_count The Page View Count WordPress plugin before…

Comments Off on Vulnerability Summary for the Week of March 7, 2022