AA22-054A: New Sandworm Malware Cyclops Blink Replaces VPNFilter

Original release date: February 23, 2022SummaryThe Sandworm actor, which the United Kingdom and the United States have previously attributed to the Russian GRU, has replaced the exposed VPNFilter malware with…

Comments Off on AA22-054A: New Sandworm Malware Cyclops Blink Replaces VPNFilter

New Sandworm Malware Cyclops Blink Replaces VPNFilter

Original release date: February 23, 2022The United Kingdom’s National Cyber Security Centre, CISA, the National Security Agency, and the Federal Bureau of Investigation have released a joint Cybersecurity Advisory (CSA) reporting…

Comments Off on New Sandworm Malware Cyclops Blink Replaces VPNFilter

Vulnerability Summary for the Week of February 14, 2022

Original release date: February 21, 2022  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info accel-ppp -- accel-ppp The rad_packet_recv function in opt/src/accel-pppd/radius/packet.c suffers from…

Comments Off on Vulnerability Summary for the Week of February 14, 2022

CISA Compiles Free Cybersecurity Services and Tools for Network Defenders

Original release date: February 18, 2022CISA has compiled and published a list of free cybersecurity services and tools to help organizations reduce cybersecurity risk and strengthen resiliency. This non-exhaustive living repository includes…

Comments Off on CISA Compiles Free Cybersecurity Services and Tools for Network Defenders

NSA Best Practices for Selecting Cisco Password Types

Original release date: February 17, 2022The National Security Agency (NSA) has released a Cybersecurity Information (CSI) sheet with guidance on securing network infrastructure devices and credentials. Cisco devices are used…

Comments Off on NSA Best Practices for Selecting Cisco Password Types

Cisco Releases Security Updates for Email Security Appliance

Original release date: February 17, 2022Cisco has released security updates to address a vulnerability affecting Cisco Email Security Appliance. A remote attacker could exploit this vulnerability to cause a denial-of-service…

Comments Off on Cisco Releases Security Updates for Email Security Appliance

Mozilla Releases Security Update for Thunderbird  

Original release date: February 16, 2022Mozilla has released a security update to address a vulnerability in Thunderbird. An attacker could exploit this vulnerability to take control of an affected system. CISA…

Comments Off on Mozilla Releases Security Update for Thunderbird  

AA22-047A: Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology

Original release date: February 16, 2022SummaryActions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity: • Enforce multifactor authentication. • Enforce strong, unique passwords. • Enable M365 Unified Audit Logs.…

Comments Off on AA22-047A: Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology