Security Updates
“Many things in life can be safely ignored but ignoring Cybersecurity Safe Practices is an open invitation for disaster.”
Security Updates
Security Alerts
CISA Alerts Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.
- AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Controlby CISA on May 18, 2022 at 6:00 PM
Original release date: May 18, 2022 | Last revised: May 19, 2022SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is releasing this […]
- AA22-138A: Threat Actors Exploiting F5 BIG-IP CVE-2022-1388by CISA on May 18, 2022 at 1:00 PM
Original release date: May 18, 2022SummaryActions for administrators to take today: • Do not expose management interfaces to the internet. • Enforce […]
- AA22-137A: Weak Security Controls and Practices Routinely Exploited for Initial Accessby CISA on May 17, 2022 at 1:00 PM
Original release date: May 17, 2022SummaryBest Practices to Protect Your Systems: • Control access. • Harden Credentials. • Establish centralized log […]
- AA22-131A: Protecting Against Cyber Threats to Managed Service Providers and their Customersby CISA on May 11, 2022 at 11:00 AM
Original release date: May 11, 2022SummaryTactical actions for MSPs and their customers to take today: • Identify and disable accounts that are no longer in […]
- AA22-117A: 2021 Top Routinely Exploited Vulnerabilitiesby CISA on April 27, 2022 at 2:00 PM
Original release date: April 27, 2022 | Last revised: April 28, 2022SummaryThis joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities […]
- AA22-110A: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructureby CISA on April 20, 2022 at 5:00 PM
Original release date: April 20, 2022 | Last revised: May 9, 2022SummaryActions critical infrastructure organizations should implement to immediately protect […]
- AA22-108A: TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companiesby CISA on April 18, 2022 at 1:38 PM
Original release date: April 18, 2022 | Last revised: April 20, 2022SummaryActions to take today to mitigate cyber threats to cryptocurrency: • Patch all […]
- AA22-103A: APT Cyber Tools Targeting ICS/SCADA Devicesby CISA on April 13, 2022 at 5:00 PM
Original release date: April 13, 2022 | Last revised: April 14, 2022SummaryActions to Take Today to Protect ICS/SCADA Devices: • Enforce multifactor […]
- AA22-083A: Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sectorby CISA on March 24, 2022 at 2:00 PM
Original release date: March 24, 2022SummaryActions to Take Today to Protect Energy Sector Networks: • Implement and ensure robust network segmentation […]
- AA22-076A: Strengthening Cybersecurity of SATCOM Network Providers and Customersby CISA on March 17, 2022 at 7:00 PM
Original release date: March 17, 2022 | Last revised: May 10, 2022SummaryUpdated May 10, 2022: The U.S. government attributes this threat activity to Russian […]
Security Tips
CISA TIPS feed US-CERT Tips describe and offer advice about common security issues for non-technical computer users. Tips are restricted to a single topic, although complex issues may span multiple tips. Each tip builds upon the knowledge, both terminology and content, of those published prior to it.
- Privacy and Mobile Device Appsby CISA on July 9, 2019 at 12:59 PM
Original release date: July 9, 2019 | Last revised: November 15, 2019What are the risks associated with mobile device apps? Applications (apps) on your […]
- Best Practices for Securing Election Systemsby CISA on May 21, 2019 at 4:00 AM
Original release date: May 21, 2019 | Last revised: November 2, 2020By adhering to cybersecurity best practices, election organizations—including state, […]
- Protecting Against Ransomwareby CISA on April 11, 2019 at 4:09 PM
Original release date: April 11, 2019 | Last revised: September 2, 2021What is ransomware? Ransomware is a type of malware threat actors use to infect […]
- Questions Every CEO Should Ask About Cyber Risksby CISA on December 4, 2018 at 3:52 PM
Original release date: December 4, 2018 | Last revised: November 15, 2019As technology continues to evolve, cyber threats continue to grow in sophistication […]
Security Bulletins
CISA Bulletins Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.
- Vulnerability Summary for the Week of May 9, 2022by CISA on May 16, 2022 at 1:55 PM
Original release date: May 16, 2022 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & […]
- Vulnerability Summary for the Week of May 2, 2022by CISA on May 9, 2022 at 10:20 AM
Original release date: May 9, 2022 | Last revised: May 11, 2022 High Vulnerabilities Primary Vendor -- Product Description Published […]
- Vulnerability Summary for the Week of April 25, 2022by CISA on May 2, 2022 at 10:16 AM
Original release date: May 2, 2022 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & […]
- Vulnerability Summary for the Week of April 18, 2022by CISA on April 25, 2022 at 10:37 AM
Original release date: April 25, 2022 | Last revised: April 26, 2022 High Vulnerabilities Primary Vendor -- Product Description […]
- Vulnerability Summary for the Week of April 11, 2022by CISA on April 18, 2022 at 11:06 AM
Original release date: April 18, 2022 | Last revised: April 19, 2022 High Vulnerabilities Primary Vendor -- Product Description […]