Security News

The U.S. Cybersecurity & Infrastructure Security Agency has released 'Decider,' an open-source tool that helps defenders and security analysts quickly generate MITRE ATT&CK mapping reports.CISA recently published a "Best practices" guide about MITRE ATT&CK mapping, highlighting the importance of using the standard.

The U.S. Cybersecurity & Infrastructure Security Agency has added CVE-2022-36537 to its "Known Exploited Vulnerabilities Catalog" after threat actors began actively exploiting the remote code execution flaw in attacks. CVE-2022-36537 is a high-severity flaw impacting the ZK Framework versions 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1, enabling attackers to access sensitive information by sending a specially crafted POST request to the AuUploader component.

The U.S. Cybersecurity and Infrastructure Security Agency has added a high-severity flaw affecting the ZK Framework to its Known Exploited Vulnerabilities catalog based on evidence of active exploitation. Tracked as CVE-2022-36537, the issue impacts ZK Framework versions 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2, and 8.6.4.1, and allows threat actors to retrieve sensitive information via specially crafted requests.

The U.S. Cybersecurity and Infrastructure Security Agency is urging organizations and individuals to increase their cyber vigilance, as Russia's military invasion of Ukraine officially enters one year. "CISA assesses that the United States and European nations may experience disruptive and defacement attacks against websites in an attempt to sow chaos and societal discord on February 24, 2023, the anniversary of Russia's 2022 invasion of Ukraine," the agency said.

The U.S. Cybersecurity and Infrastructure Security Agency on Tuesday added three security flaws to its Known Exploited Vulnerabilities catalog, based on evidence of active exploitation.CVE-2022-47986 is described as a YAML deserialization flaw in the file transfer solution that could allow a remote attacker to execute code on the system.

The U.S. Cybersecurity and Infrastructure Security Agency has added four security vulnerabilities exploited in attacks as zero-day to its list of bugs known to be abused in the wild.According to a November 2021 binding operational directive, all Federal Civilian Executive Branch Agencies agencies are required to secure their systems against security bugs added to CISA's catalog of Known Exploited Vulnerabilities.

In a refresh, CISA and NIST should acknowledge the reality that an organization is made up of component parts including the network, the cloud, mobile and countless endpoints. Too few companies and organizations are seeing what CISA produces and following its valuable advice.

After the U.S. Cybersecurity and Infrastructure Security Agency released a decryptor for affected victims to recover from ESXiArgs ransomware attacks, the threat actors have bounced back with an updated version that encrypts more data. The threat actors "Realized that researchers were tracking their payments, and they may have even known before they released the ransomware that the encryption process in the original variant was relatively easy to circumvent," Censys said in a write-up.

The U.S. Cybersecurity and Infrastructure Security Agency on Friday added three flaws to its Known Exploited Vulnerabilities catalog, citing evidence of active abuse in the wild. Details about the flaw were disclosed by Ethiopian cyber security research firm Octagon Networks in March 2022.

The US Cybersecurity and Infrastructure Security Agency has released a recovery script to help companies whose servers were scrambled in the recent ESXiArgs ransomware outbreak. In addition to the script, CISA and the FBI today published ESXiArgs ransomware virtual machine recovery guidance on how to recover systems as soon as possible.