Security News

CISA is putting the thumbscrews on federal agencies to get them to patch an actively exploited Windows vulnerability. The move means that Federal Civilian Executive Branch agencies have until Feb. 18, 2022 to remediate the vulnerability, which affects all unpatched versions of Windows 10.

The U.S. Cybersecurity and Infrastructure Security Agency is urging federal agencies to secure their systems against an actively exploited security vulnerability in Windows that could be abused to gain elevated permissions on affected hosts. To that end, the agency has added CVE-2022-21882 to the Known Exploited Vulnerabilities Catalog, necessitating that Federal Civilian Executive Branch agencies patch all systems against this vulnerability by February 18, 2022.

The U.S. Cybersecurity and Infrastructure Security Agency on Thursday published an Industrial Controls Systems Advisory warning of multiple vulnerabilities in the Airspan Networks Mimosa equipment that could be abused to gain remote code execution, create a denial-of-service condition, and obtain sensitive information. "Successful exploitation of these vulnerabilities could allow an attacker to gain user data and other sensitive data, compromise Mimosa's AWS cloud EC2 instance and S3 Buckets, and execute unauthorized remote code on all cloud-connected Mimosa devices," CISA said in the alert.

The Cybersecurity and Infrastructure Security Agency has ordered federal agencies to patch their systems against an actively exploited Windows vulnerability that enables attackers to gain SYSTEM privileges. Per a binding operational directive issued in November and today's announcement, all Federal Civilian Executive Branch Agencies agencies are now required to patch all systems against this vulnerability, tracked as CVE-2022-21882 within two weeks, until February 18th. While BOD 22-01 only applies to FCEB agencies, CISA strongly urges all private and public sector organizations to reduce their exposure to ongoing cyberattacks by adopting this Directive and prioritizing mitigation of vulnerabilities included in its catalog of actively exploited security flaws.

The US Cybersecurity & Infrastructure Security Agency has added eight more flaws to its catalog of exploited vulnerabilities that are known to be used in attacks, and they're a mix of old and new. The goal of publishing these vulnerabilities is to raise awareness and remind federal organizations of their obligation to apply security updates by a specified strict deadline.

This week, the Cybersecurity and Infrastructure Security Agency added seventeen actively exploited vulnerabilities to the 'Known Exploited Vulnerabilities Catalog. The 'Known Exploited Vulnerabilities Catalog' is a list of vulnerabilities that have been seen abused by threat actors in attacks and that are required to be patched by Federal Civilian Executive Branch agencies.

The Cybersecurity and Infrastructure Security Agency urges U.S. organizations to strengthen their cybersecurity defenses against data-wiping attacks recently seen targeting Ukrainian government agencies and businesses.CISA is now urging business leaders and U.S. organizations to take the following steps to prevent similar destructive attacks on their networks.

Amid renewed tensions between the U.S. and Russia over Ukraine and Kazakhstan, American cybersecurity and intelligence agencies on Tuesday released a joint advisory on how to detect, respond to, and mitigate cyberattacks orchestrated by Russian state-sponsored actors. To that end, the Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and National Security Agency have laid bare the tactics, techniques, and procedures adopted by the adversaries, including spear-phishing, brute-force, and exploiting known vulnerabilities to gain initial access to target networks.

The U.S. Cybersecurity and Infrastructure Security Agency has updated its list of known exploited vulnerabilities with 15 new security issues that serve as a frequent attack vector against federal enterprises. In combination with other factors such as a threat actor's foothold on the network, old and unpatched devices, and/or device exposure on the public internet, the vulnerabilities are a serious security gap and an opportunity for adversaries.

Cybersecurity agencies from Australia, Canada, New Zealand, the U.S., and the U.K. on Wednesday released a joint advisory in response to widespread exploitation of multiple vulnerabilities in Apache's Log4j software library by nefarious adversaries. "Sophisticated cyber threat actors are actively scanning networks to potentially exploit Log4Shell, CVE-2021-45046, and CVE-2021-45105 in vulnerable systems. These vulnerabilities are likely to be exploited over an extended period."