[CDP-development] Cyber Alert Updates
Masse, Theresa
theresa.masse at cisa.dhs.gov
Fri Mar 11 15:10:13 PST 2022
FYSA
Just a couple of Cyber threat alert highlights from this week:
1. 03/06/22 - FBI and CISA published a joint message to law enforcement community. If you are aware of a cyber incident contact the FBI or CISA (see attached).
1. 03/07/22 - CISA, FBI, NSA, and USSS added additional indicators of compromise to the Conti Ransomware advisory: go.usa.gov/xz87x<http://go.usa.gov/xz87x?trk=public_post_share-update_update-text> Malicious cyber actors can use ransomware to hold your data hostage. We encourage all organizations to review this advisory to mitigate risk. This update is part of our larger efforts to help organizations stay on top of cybersecurity threats. We encourage all organizations to go Shields Up and protect their sensitive information. Learn more: cisa.gov/shields-up<http://cisa.gov/shields-up?trk=public_post_share-update_update-text> For more information about ransomware, visit StopRansomware.gov<http://stopransomware.gov/?trk=public_post_share-update_update-text> #StopRansomware<https://www.linkedin.com/signup/cold-join?session_redirect=https%3A%2F%2Fwww%2Elinkedin%2Ecom%2Ffeed%2Fhashtag%2Fstopransomware&trk=public_post_share-update_update-text>
1. 03/08/22 - SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the SAP Security Notes for March 2022<https://dam.sap.com/mac/app/e/pdf/preview/embed/ucQrx6G?ltr=a&rc=10> and apply the necessary updates.
1. 03/09/22 - TLP AMBER Alert Indicators of Compromise (IOCs) for APT41 (China state sponsored) shared with State CISOs. There has been a lot on Russian threats just beware there are other actors still operating. More information can be found here on APT41: APT41, WICKED PANDA, Group G0096 | MITRE ATT&CK(r)<https://attack.mitre.org/groups/G0096/>
1. 03/10/22 - CISA is aware of a privilege escalation vulnerability in Linux kernel versions 5.8 and later known as "Dirty Pipe" (CVE-2022-0847<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0847>). A local attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review (CVE-2022-0847<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0847>) and update to Linux kernel versions 5.16.11, 5.15.25, and 5.10.102 or later.
Theresa A. Masse
Cyber Security Advisor, Region 10 (Oregon)
Cybersecurity and Infrastructure Security Agency
Department of Homeland Security
Phone: (503) 930-5671
Email: theresa.masse at cisa.dhs.gov<mailto:theresa.masse at cisa.dhs.gov>
[cid:image001.png at 01D83538.AC484DD0]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220311/f627b674/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 16152 bytes
Desc: image001.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220311/f627b674/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: FBI CISA Joint LE Message.pdf
Type: application/pdf
Size: 202432 bytes
Desc: FBI CISA Joint LE Message.pdf
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220311/f627b674/attachment-0001.pdf>
More information about the CDP-development
mailing list