Month: August 2022

Original release date: August 15, 2022 | Last revised: August 16, 2022   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info There were no high vulnerabilities recorded this week. Back to top   Medium Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info There were… Read more

Original release date: August 16, 2022 CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have released a joint Cybersecurity Advisory (CSA) in response to active exploitation of multiple vulnerabilities against Zimbra Collaboration Suite (ZCS), an enterprise cloud-hosted collaboration software and email platform.  CISA and MS-ISAC encourage users and administrators review Threat Actors Exploiting Multiple… Read more

Original release date: August 16, 2022 Summary Actions for ZCS administrators to take today to mitigate malicious cyber activity: • Patch all systems and prioritize patching known exploited vulnerabilities. • Deploy detection signatures and hunt for indicators of compromise (IOCs). • If ZCS was compromised, remediate malicious activity. The Cybersecurity and Infrastructure Security Agency (CISA)… Read more

Mobile transactions could’ve been disabled, created and signed by attackers. Read more

‘Summer Camp’ for hackers features a compromised satellite, a homecoming for hackers and cyberwarfare warnings. Read more

The CISA has seen a resurgence of the malware targeting a range of verticals and critical infrastructure organizations by exploiting RDP, firewall vulnerabilities. Read more

Original release date: August 11, 2022 Cisco has released a security update to address a vulnerability affecting Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software. This vulnerability could allow a remote attacker to obtain sensitive information. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators… Read more

Original release date: August 11, 2022 CISA and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA), #StopRansomware: Zeppelin Ransomware, to provide information on Zeppelin Ransomware. Actors use Zeppelin Ransomware, a ransomware-as-a-service (RaaS), against a wide range of businesses and critical infrastructure organizations to encrypt victims’ files for financial gain. CISA… Read more

Original release date: August 11, 2022 Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce multifactor authentication. Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for… Read more

Original release date: August 10, 2022 Palo Alto Networks has released a security update to address a vulnerability in PAN-OS firewall configurations. A remote attacker could exploit this vulnerability to conduct a reflected denial-of service. CISA encourages users and administrators to review the Palo Alto Networks Security Advisory CVE-2022-0028 and apply the necessary updates or workarounds. … Read more