CISA warned today that threat actors including state-backed hacking groups are still targeting VMware Horizon and Unified Access Gateway (UAG) servers using the Log4Shell (CVE-2021-44228) remote code execution vulnerability. [...]...
AA22-174A: Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems
vom 1169.63 Punkte
Original release date: June 23, 2022SummaryActions to take today:
• Install fixed builds, updating all affected VMware Horizon and UAG systems to the latest versions. If updates or workarounds were not promptly applied following VMware’s release of upda
AA20-258A: Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity
vom 1091.88 Punkte
Original release date: September 14, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) has consistently observed Chinese Ministry of State Security (MSS)-affiliated cyber threat actors using publicly available information sources and com
AA22-110A: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
vom 894.45 Punkte
Original release date: April 20, 2022 | Last revised: May 9, 2022SummaryActions critical infrastructure organizations should implement to immediately protect against Russian state-sponsored and criminal cyber threats:
• Patch all systems. Prioritize patchin
AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control
vom 847.86 Punkte
Original release date: May 18, 2022 | Last revised: June 2, 2022SummaryUpdate June 2, 2022:
This Cybersecurity Advisory (CSA) has been updated with additional indicators of compromise (IOCs) and detection signatures, as well as tactics, techniques, and
AA22-117A: 2021 Top Routinely Exploited Vulnerabilities
vom 814.25 Punkte
Original release date: April 27, 2022 | Last revised: April 28, 2022SummaryThis joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecuri
AA22-131A: Protecting Against Cyber Threats to Managed Service Providers and their Customers
vom 721.7 Punkte
Original release date: May 11, 2022SummaryTactical actions for MSPs and their customers to take today:
• Identify and disable accounts that are no longer in use.
• Enforce MFA on MSP accounts that access the customer environment and monitor for unex
AA20-302A: Ransomware Activity Targeting the Healthcare and Public Health Sector
vom 717.66 Punkte
Original release date: October 28, 2020SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques.
This joint cybersecurity
AA20-107A: Continued Threat Actor Exploitation Post Pulse Secure VPN Patching
vom 688.67 Punkte
Original release date: April 16, 2020 | Last revised: June 30, 2020SummaryNote: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all re
AA20-107A: Continued Threat Actor Exploitation Post Pulse Secure VPN Patching
vom 603.43 Punkte
Original release date: April 16, 2020SummaryNote: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques and mitigations.
This Alert provides an u
AA20-275A: Potential for China Cyber Response to Heightened U.S.–China Tensions
vom 551.14 Punkte
Original release date: October 1, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.
In light of heightened
AA22-158A: People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices
vom 541.54 Punkte
Original release date: June 7, 2022 | Last revised: June 8, 2022SummaryBest Practices
• Apply patches as soon as possible
• Disable unnecessary ports and protocols
• Replace end-of-life infrastructure
• Implement a centralized patch management system
This jo
AA20-304A: Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data
vom 537.07 Punkte
Original release date: October 30, 2020SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques.
This joint cybersecurity