Insights

Original release date: October 31, 2022 CISA has released two fact sheets to highlight threats against accounts and systems using certain forms of multifactor authentication (MFA). CISA strongly urges all organizations to implement phishing-resistant MFA to protect against phishing and other known cyber threats. If an organization using mobile push-notification-based MFA is unable to implement phishing-resistant MFA, CISA recommends using number matching to mitigate MFA fatigue. Although number matching is not as strong as phishing-resistant…

Read More

Original release date: October 28, 2022 CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have released Understanding and Responding to Distributed Denial-of-Service Attacks to provide organizations proactive steps to reduce the likelihood and impact of distributed denial-of-service (DDoS) attacks. The guidance is for both network defenders and leaders to help them understand and respond to DDoS attacks, which can cost an organization time, money, and reputational damage.…

Read More

Original release date: October 28, 2022 VMware has released security updates to address multiple vulnerabilities in VMware Cloud Foundation. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2022-002 and apply the necessary updates and workarounds. This product is provided subject to this Notification and this Privacy & Use policy.

Read More

Original release date: October 27, 2022 CISA has released four (4) Industrial Control Systems (ICS) advisories on October 27, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations: •    ICSA-22-300-01 Rockwell Automation FactoryTalk Alarm and Events Server •    ICSA-22-300-02 SAUTER Controls moduWeb •    ICSA-22-300-03 Rockwell Automation Stratix Devices Containing Cisco IOS •  …

Read More

Original release date: October 26, 2022 Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device.    CISA encourages users and administrators to review the Apple security updates page for the following products and apply the necessary updates as soon as possible:  •    Safari 16.1  •    iOS 16.1 and iPadOS 16  •    macOS Big Sur 11.7.1  •    macOS Monterey 12.6.1…

Read More

Original release date: October 26, 2022 The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the following Samba Security Announcements and apply the necessary updates and workarounds.  •    CVE-2022-3437   •    CVE-2022-3592 This product is provided subject to this Notification and this Privacy & Use policy.

Read More

Original release date: October 25, 2022 CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column, which will sort by descending dates.       Binding Operational Directive…

Read More

Original release date: October 25, 2022 CISA has released eight (8) Industrial Control Systems (ICS) advisories on October 25, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations: •    ICSMA-22-298-01 AliveCor KardiaMobile •    ICSA-22-298-01 Haas Controller •    ICSA-22-298-02 HEIDENHAIN Controller TNC •    ICSA-22-298-03 Siemens Siveillance Video Mobile Server •    ICSA-22-298-04 Hitachi Energy…

Read More

Original release date: October 25, 2022 On Nov. 1, 2022, CISA will upgrade from Traffic Light Protocol (TLP) 1.0 to TLP 2.0 in accordance with the recommendation by the Forum of Incident Response Security Teams (FIRST) that organizations move to 2.0 by the end of 2022. TLP Version 2.0 brings the following key updates: TLP:CLEAR replaces TLP:WHITE for publicly releasable information. TLP:AMBER+STRICT supplements TLP:AMBER, clarifying when information  may be shared with the recipient’s organization only. CISA…

Read More