[CDP-development] CISA Adds 95 Known Exploited Vulnerabilities to Catalog
Masse, Theresa
theresa.masse at cisa.dhs.gov
Thu Mar 3 09:29:08 PST 2022
FYSA
Today, CISA added a significant number of known exploited vulnerabilities to its catalog<https://www.cisa.gov/known-exploited-vulnerabilities-catalog>. CISA's goal is to drive cybersecurity resources to fix the specific vulnerabilities that are actively exploited by nation-states and criminal groups in their attempts to compromise federal agencies, as well as U.S. critical infrastructure. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to organizations of all sectors and sizes.
This latest addition of nearly 100 vulnerabilities is in part an outcome of our deep, trusted, and ongoing operational collaboration with our federal, industry, and Joint Cyber Defense Collaborative<https://www.cisa.gov/jcdc> (JCDC) partners to identify and publish information about vulnerabilities that are being actively exploited by significant adversaries. Recognizing the significant number of vulnerabilities included in this update, CISA recommends that organizations prioritize mitigations of those vulnerabilities that are accessible via the Internet, affect mission-critical assets, or cannot be mitigated by compensating controls.
CISA is leaning forward, sharing these new vulnerabilities<https://www.cisa.gov/known-exploited-vulnerabilities-catalog> quickly so our partners in the federal government and across critical infrastructure can take action and remain vigilant. As America's cyber defense agency, this is a key part of our mission to help our critical infrastructure partners reduce their risk to exploitation by threat actors. At this time, we are asking all organizations to have their 'Shields Up'<https://www.cisa.gov/shields-up>. The patching and mitigating of known exploited vulnerabilities is a key step to reducing the risk or impact of malicious cyber activity.
Theresa A. Masse
Cyber Security Advisor, Region 10 (Oregon)
Cybersecurity and Infrastructure Security Agency
Department of Homeland Security
Phone: (503) 930-5671
Email: theresa.masse at cisa.dhs.gov<mailto:theresa.masse at cisa.dhs.gov>
[cid:image001.png at 01D82EE0.B72C85D0]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220303/ce928981/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 16152 bytes
Desc: image001.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220303/ce928981/attachment-0001.png>
More information about the CDP-development
mailing list