Star Support – Page 26

State-Sponsored Russian Cyber Actors Targeted Energy Sector from 2011 to 2018

Original release date: March 24, 2022 CISA, the Federal Bureau of Investigation, and the Department of Energy have released a joint Cybersecurity Advisory (CSA) detailing campaigns conducted by state-sponsored Russian cyber actors from 2011 to 2018 that targeted U.S. and international Energy Sector organizations. The CSA highlights historical tactics, techniques, and procedures as well as mitigations […]

State-Sponsored Russian Cyber Actors Targeted Energy Sector from 2011 to 2018 Read More »

AA22-083A: Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector

CISA - Alerts / Star Support

Original release date: March 24, 2022 Summary Actions to Take Today to Protect Energy Sector Networks: • Implement and ensure robust network segmentation between IT and ICS networks. • Enforce MFA to authenticate to a system. • Manage the creation of, modification of, use of—and permissions associated with—privileged accounts. This joint Cybersecurity Advisory (CSA)—coauthored by

AA22-083A: Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector Read More »

FBI and FinCEN Release Advisory on AvosLocker Ransomware

CISA - Current Activity / Star Support

Original release date: March 22, 2022 The Federal Bureau of Investigation (FBI) and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) have released a joint Cybersecurity Advisory identifying indicators of compromise associated with AvosLocker ransomware. AvosLocker is a ransomware-as-a-service affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States

FBI and FinCEN Release Advisory on AvosLocker Ransomware Read More »

CRI-O Security Update for Kubernetes

CISA - Current Activity / Star Support

Original release date: March 18, 2022 CRI-O has released a security update addressing a critical vulnerability—CVE-2022-0811—in CRI-O 1.19. A local attacker could exploit this vulnerability to take control of an affected Kubernetes environment as well as other software or platforms that use CRI-O runtime containers. CISA encourages users and administrators to review the CRI-O Security

CRI-O Security Update for Kubernetes Read More »

AA22-076A: Strengthening Cybersecurity of SATCOM Network Providers and Customers

CISA - Alerts / Star Support

Original release date: March 17, 2022 Summary Actions to Take Today: • Use secure methods for authentication. • Enforce principle of least privilege. • Review trust relationships. • Implement encryption. • Ensure robust patching and system configuration audits. • Monitor logs for suspicious activity. • Ensure incident response, resilience, and continuity of operations plans are

AA22-076A: Strengthening Cybersecurity of SATCOM Network Providers and Customers Read More »

CISA Adds 15 Known Exploited Vulnerability to Catalog

CISA - Current Activity / Star Support

Original release date: March 15, 2022 CISA has added 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the

CISA Adds 15 Known Exploited Vulnerability to Catalog Read More »

AA22-074A: Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability

CISA - Alerts / Star Support

Original release date: March 15, 2022 Summary Multifactor Authentication (MFA): A Cybersecurity Essential • MFA is one of the most important cybersecurity practices to reduce the risk of intrusions—according to industry research, users who enable MFA are up to 99 percent less likely to have an account compromised. • Every organization should enforce MFA for

AA22-074A: Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability Read More »

Updated: Kubernetes Hardening Guide

CISA - Current Activity / Star Support

Original release date: March 15, 2022 The National Security Agency (NSA) and CISA have updated their joint Cybersecurity Technical Report (CTR): Kubernetes Hardening Guide, originally released in August 2021, based on valuable feedback and inputs from the cybersecurity community. Kubernetes is an open-source system that automates deployment, scaling, and management of applications run in containers.

Updated: Kubernetes Hardening Guide Read More »

Dirty Pipe Privilege Escalation Vulnerability in Linux

CISA - Current Activity / Star Support

Original release date: March 10, 2022 CISA is aware of a privilege escalation vulnerability in Linux kernel versions 5.8 and later known as “Dirty Pipe” (CVE-2022-0847). A local attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review (CVE-2022-0847) and update to Linux kernel versions 5.16.11,

Dirty Pipe Privilege Escalation Vulnerability in Linux Read More »

Updated: Conti Ransomware

CISA - Current Activity / Star Support

Original release date: March 9, 2022 CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the United States Secret Service (USSS) have re-released an advisory on Conti ransomware. Conti cyber threat actors remain active and reported Conti ransomware attacks against U.S. and international organizations have risen to more than 1,000. CISA,

Updated: Conti Ransomware Read More »