Star Support

Original release date: February 15, 2022 CISA has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to

Original release date: February 15, 2022 The Federal Bureau of Investigation (FBI) and the United States Secret Service (USSS) have released a joint Cybersecurity Advisory (CSA) identifying indicators of compromise associated with BlackByte ransomware. BlackByte is a Ransomware-as-a-Service group that encrypts files on compromised Windows host systems, including physical and virtual servers. CISA encourages organizations to

Original release date: February 14, 2022 Adobe has released security updates to address a vulnerability affecting Adobe Commerce and Magento Open Source. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability has been detected in exploits in the wild. CISA encourages users and administrators to review Adobe Security Bulletin APSB22-12 and apply

Original release date: February 9, 2022 CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK) have released a joint Cybersecurity Advisory (CSA) highlighting a global increase in sophisticated, high-impact, ransomware incidents against critical infrastructure organizations in 2021.

Original release date: February 7, 2022 The Federal Bureau of Investigation (FBI) has released a Flash report detailing indicators of compromise (IOCs) associated with attacks, using LockBit 2.0, a Ransomware-as-a-Service that employs a wide variety of tactics, techniques, and procedures, creating significant challenges for defense and mitigation. CISA encourages users and administrators to review the IOCs

Original release date: February 4, 2022 CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to

Original release date: February 3, 2022 CISA has released an Industrial Controls Systems Advisory (ICSA) that details vulnerabilities in the Airspan Networks Mimosa product line. An attacker could exploit these vulnerabilities to achieve remote code execution, create a denial-of-service condition, or obtain sensitive information. CISA encourages users and administrators to review ICSA-22-034-02: Airspan Networks Mimosa for

Original release date: February 3, 2022 Cisco has released security updates to address vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators