MAR–10369127–1.v1 – MuddyWater
AR22-055A
MAR–10369127–1.v1 – MuddyWater Read More »
AA22-055A : Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks
Original release date: February 24, 2022 Summary Actions to Take Today to Protect Against Malicious Activity * Search for indicators of compromise. * Use antivirus software. * Patch all systems. * Prioritize patching known exploited vulnerabilities. * Train users to recognize and report phishing attempts. * Use multi-factor authentication. Note: this advisory uses the MITRE
New Sandworm Malware Cyclops Blink Replaces VPNFilter
Original release date: February 23, 2022 The United Kingdom’s National Cyber Security Centre, CISA, the National Security Agency, and the Federal Bureau of Investigation have released a joint Cybersecurity Advisory (CSA) reporting that the malicious cyber actor known as Sandworm or Voodoo Bear is using new malware, referred to as Cyclops Blink. Cyclops Blink appears to
New Sandworm Malware Cyclops Blink Replaces VPNFilter Read More »
AA22-054A: New Sandworm Malware Cyclops Blink Replaces VPNFilter
Original release date: February 23, 2022 Summary The Sandworm actor, which the United Kingdom and the United States have previously attributed to the Russian GRU, has replaced the exposed VPNFilter malware with a new more advanced framework. The United Kingdom’s (UK) National Cyber Security Centre (NCSC), the Cybersecurity and Infrastructure Security Agency (CISA), the National
AA22-054A: New Sandworm Malware Cyclops Blink Replaces VPNFilter Read More »
CISA Insights: Foreign Influence Operations Targeting Critical Infrastructure
Original release date: February 18, 2022 CISA has released CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure, which provides proactive steps organizations can take to assess and mitigate risks from information manipulation. Malicious actors may use tactics—such as misinformation, disinformation, and malinformation—to shape public opinion, undermine trust, and amplify division, which
CISA Insights: Foreign Influence Operations Targeting Critical Infrastructure Read More »
NCSC-NZ Releases Advisory on Cyber Threats Related to Russia-Ukraine Tensions
Original release date: February 18, 2022 The New Zealand National Cyber Security Centre (NCSC-NZ) has released a General Security Advisory (GSA) on preparing for cyber threats relating to tensions between Russia and Ukraine. The advisory recommends organizations review their security posture and monitor for cyber incidents and provides additional resources to help protect against potential
NCSC-NZ Releases Advisory on Cyber Threats Related to Russia-Ukraine Tensions Read More »
CISA Compiles Free Cybersecurity Services and Tools for Network Defenders
Original release date: February 18, 2022 CISA has compiled and published a list of free cybersecurity services and tools to help organizations reduce cybersecurity risk and strengthen resiliency. This non-exhaustive living repository includes services provided by CISA, widely used open source tools, and free tools and services offered by private and public sector organizations across the cybersecurity
CISA Compiles Free Cybersecurity Services and Tools for Network Defenders Read More »
NSA Best Practices for Selecting Cisco Password Types
Original release date: February 17, 2022 The National Security Agency (NSA) has released a Cybersecurity Information (CSI) sheet with guidance on securing network infrastructure devices and credentials. Cisco devices are used globally to secure network infrastructure devices, including across the Department of Defense, National Security Systems, and the Defense Industrial Base. Credentials within Cisco configuration
NSA Best Practices for Selecting Cisco Password Types Read More »
Cisco Releases Security Updates for Email Security Appliance
Original release date: February 17, 2022 Cisco has released security updates to address a vulnerability affecting Cisco Email Security Appliance. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to review Cisco Advisory cisco-sa-esa-dos-MxZvGtgU and
Cisco Releases Security Updates for Email Security Appliance Read More »
Russian State-Sponsored Actors Target Cleared Defense Contractor Networks
Original release date: February 16, 2022 CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA) highlighting regular targeting of U.S. cleared defense contractors (CDCs) by Russian state-sponsored cyber actors. These CDCs support contracts for the U.S. Department of Defense and Intelligence Community. The CSA
Russian State-Sponsored Actors Target Cleared Defense Contractor Networks Read More »