CISA – Current Activity

Original release date: April 28, 2022 CISA and the Federal Bureau of Investigation (FBI) have updated joint Cybersecurity Advisory AA22-057A: Destructive Malware Targeting Organizations in Ukraine, originally released February 26, 2022. The advisory has been updated to include additional indicators of compromise for WhisperGate and technical details for HermeticWiper, IsaacWiper, HermeticWizard, and CaddyWiper destructive malware. […]

Original release date: April 27, 2022 CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NZ NCSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK)  have released a joint Cybersecurity Advisory that

Original release date: April 22, 2022 The Federal Bureau of Investigation (FBI) has released a Flash report detailing indicators of compromise (IOCs) associated with attacks involving BlackCat/ALPHV, a Ransomware-as-a-Service that has compromised at least 60 entities worldwide. CISA encourages users and administrators to review the IOCs and technical details in FBI Flash CU-000167-MW and apply the recommend

Original release date: April 20, 2022 The cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom have released a joint Cybersecurity Advisory (CSA) to warn organizations that Russia’s invasion of Ukraine could expose organizations both within and beyond the region to increased malicious cyber activity from Russian state-sponsored cyber actors or

Original release date: April 19, 2022 Oracle has released its Critical Patch Update for April 2022 to address 520 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the Oracle April 2022 Critical Patch Update and apply the

Original release date: April 18, 2022 | Last revised: April 19, 2022 CISA has released draft versions of two guidance documents—along with a request for comment (RFC)—that are a part of the recently launched Secure Cloud Business Applications (SCuBA) project: Secure Cloud Business Applications (SCuBA) Technical Reference Architecture (TRA)  Extensible Visibility Reference Framework (eVRF) Program

Original release date: April 18, 2022 CISA,  the Federal Bureau of Investigation (FBI), and the U.S. Treasury Department have released a joint Cybersecurity Advisory (CSA) that details cyber threats associated with cryptocurrency thefts and tactics used by a North Korean state-sponsored advanced persistent threat (APT) actor known as the Lazarus Group.   CISA encourages organizations to

Original release date: April 15, 2022 VMware has released security updates to address a remote code execution vulnerability in Cloud Director. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2022-0013 and apply the necessary updates. This product is provided subject to

Original release date: April 13, 2022 Microsoft has released an advisory to address CVE-2022-26809, a critical remote code execution vulnerability in Remote Procedure Call Runtime Library. A remote, unauthenticated attacker could exploit this vulnerability to take control of an affected system.  CISA encourages users and administrators to review Microsoft’s advisory and apply the recommended mitigations. This product is

Original release date: April 13, 2022 CISA, the Department of Energy (DOE), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA), warning that certain advanced persistent threat (APT) actors have exhibited the capability to gain full system access to multiple industrial control system (ICS)/supervisory control