Alert

CISA has ordered U.S. federal agencies to address risks from the breach of multiple Microsoft email accounts by the Russian APT29 hacking group. Emergency Directive 24-02 requires Federal Civilian Executive Branch (FCEB) agencies to investigate affected emails, reset any compromised credentials, and secure privileged Microsoft Azure accounts. CISA reports that …

ESET researchers found a spying campaign targeting Android users. The campaign uses fake messaging apps that include XploitSPY malware. The campaign, called eXotic Visit, has been active from November 2021 to the end of 2023. Malicious Android apps were distributed through targeted campaigns using dedicated websites and the Google Play …

CISA released two advisories on April 4, 2024 about security issues, vulnerabilities, and exploits for Industrial Control Systems (ICS). ICSA-24-095-01 Hitachi Energy Asset Suite 9 ICSA-24-095-02 Schweitzer Engineering Laboratories SEL CISA recommends reviewing the newly issued ICS advisory for more information and ways to address the issue.    

Cisco has released updates to fix security issues in Cisco IOS, IOS XE, and AP software that could be exploited to disrupt services. CISA encourages users and administrators to review the following advisories and apply the necessary updates: Cisco Event Response: March 2024 Semiannual Cisco IOS and IOS XE Software …

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) included a Microsoft SharePoint Server vulnerability in its list of known exploited vulnerabilities due to signs of active use by attackers. CVE-2023-24955 is a critical flaw that lets a user with Site Owner access run any code they choose. “In a network-based …

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint alert about making software secure by eliminating SQL injection vulnerabilities. This was in response to a recent major incident involving SQL injection that affected thousands of organizations and emphasizes how common this type of security flaw is. …

FortiGuard Labs found a phishing campaign that tricks users into downloading a malicious Java downloader to spread new VCURMS and STRRAT remote access trojans. The attackers stored malware on public services like Amazon Web Services (AWS) and GitHub to avoid detection. They used email as its command and control throughout …

Apple released security updates to fix vulnerabilities in Safari, macOS, watchOS, tvOS, and visionOS. A cyber threat actor could use some of these vulnerabilities to take control of a system that is affected. CISA encourages users and administrators to review the following advisories and apply the necessary updates: Safari 17.4  …

CISA and the UK’s NCSC released a joint advisory about new tactics of Russian Foreign Intelligence Service (SVR) cyber actors. This group, also known as APT29, Midnight Blizzard, the Dukes or Cozy Bear, has been identified by the US as a cyber-espionage entity linked to the Russian SVR intelligence agency. …