Star Support

We Love Our Clients!

CISA Issues Emergency Directive and Releases Advisory Related to VMware Vulnerabilities

CISA - Current Activity /

Original release date: May 18, 2022 CISA has issued Emergency Directive (ED) 22-03 and released a Cybersecurity Advisory (CSA) in response to active and expected exploitation of multiple vulnerabilities in the following VMware products: VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation, vRealize Suite Lifecycle Manager. The CSA, AA22-138B: […]

CISA Issues Emergency Directive and Releases Advisory Related to VMware Vulnerabilities Read More »

AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control

CISA - Alerts /

Original release date: May 18, 2022 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this Cybersecurity Advisory (CSA) to warn organizations that malicious cyber actors, likely advanced persistent threat (APT) actors, are exploiting CVE-2022-22954 and CVE-2022-22960 separately and in combination. These vulnerabilities affect certain versions of VMware Workspace ONE Access, VMware Identity Manager

AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control Read More »

Threat Actors Exploiting F5 BIG IP CVE-2022-1388

CISA - Current Activity /

Original release date: May 18, 2022 CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have released the joint Cybersecurity Advisory Threat Actors Exploiting F5 BIG-IP CVE-2022-1388 in response to active exploitation of CVE-2022-1388, which affects F5 Networks BIG-IP devices. The vulnerability allows an unauthenticated actor to gain control of affected systems via the management

Threat Actors Exploiting F5 BIG IP CVE-2022-1388 Read More »

AA22-138A: Threat Actors Exploiting F5 BIG-IP CVE-2022-1388

CISA - Alerts /

Original release date: May 18, 2022 Summary Actions for administrators to take today: • Do not expose management interfaces to the internet. • Enforce multi-factor authentication. • Consider using CISA’s Cyber Hygiene Services. The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) are releasing this joint Cybersecurity Advisory

AA22-138A: Threat Actors Exploiting F5 BIG-IP CVE-2022-1388 Read More »

AA22-137A: Weak Security Controls and Practices Routinely Exploited for Initial Access

CISA - Alerts /

Original release date: May 17, 2022 Summary Best Practices to Protect Your Systems: • Control access. • Harden Credentials. • Establish centralized log management. • Use antivirus solutions. • Employ detection tools. • Operate services exposed on internet-accessible hosts with secure configurations. • Keep software updated. Cyber actors routinely exploit poor security configurations (either misconfigured

AA22-137A: Weak Security Controls and Practices Routinely Exploited for Initial Access Read More »

CISA Temporarily Removes CVE-2022-26925 from Known Exploited Vulnerability Catalog

CISA - Current Activity /

Original release date: May 13, 2022 CISA is temporarily removing CVE-2022-26925 from its Known Exploited Vulnerability Catalog due to a risk of authentication failures when the May 10, 2022 Microsoft rollup update is applied to domain controllers. After installing May 10, 2022 rollup update on domain controllers, organizations might experience authentication failures on the server or

CISA Temporarily Removes CVE-2022-26925 from Known Exploited Vulnerability Catalog Read More »

AA22-131A: Protecting Against Cyber Threats to Managed Service Providers and their Customers

CISA - Alerts /

Original release date: May 11, 2022 Summary Tactical actions for MSPs and their customers to take today: • Identify and disable accounts that are no longer in use. • Enforce MFA on MSP accounts that access the customer environment and monitor for unexplained failed authentication. • Ensure MSP-customer contracts transparently identify ownership of ICT security

AA22-131A: Protecting Against Cyber Threats to Managed Service Providers and their Customers Read More »

U.S. Government Attributes Cyberattacks on SATCOM Networks to Russian State-Sponsored Malicious Cyber Actors

CISA - Current Activity /

Original release date: May 10, 2022 CISA and the Federal Bureau of Investigation (FBI) have updated the joint cybersecurity advisory, Strengthening Cybersecurity of SATCOM Network Providers and Customers, originally released March 17, 2022, with U.S. government attribution to Russian state-sponsored malicious cyber actors. The United States assesses Russia launched cyberattacks in late February against commercial

U.S. Government Attributes Cyberattacks on SATCOM Networks to Russian State-Sponsored Malicious Cyber Actors Read More »

Microsoft Releases Security Advisory for Azure Data Factory and Azure Synapse Pipelines

CISA - Current Activity /

Original release date: May 9, 2022 | Last revised: May 10, 2022 Microsoft has released a security advisory to address a remote code execution vulnerability affecting Azure Data Factory and Azure Synapse Pipelines. A remote attacker could exploit this vulnerability to take control of an affected system.  CISA encourages users and administrators to review Microsoft

Microsoft Releases Security Advisory for Azure Data Factory and Azure Synapse Pipelines Read More »

Cisco Releases Security Updates for Enterprise NFV Infrastructure Software

CISA - Current Activity /

Original release date: May 5, 2022 Cisco has released security updates to address multiple vulnerabilities in Enterprise NFV Infrastructure Software. An attacker could exploit these vulnerabilities to take control of an affected system.   CISA encourages users and administrators to review Cisco advisory cisco-sa-NFVIS-MUL-7DySRX9 and apply the necessary updates. For updates addressing lower severity vulnerabilities, see

Cisco Releases Security Updates for Enterprise NFV Infrastructure Software Read More »