CISA Cybersecurity Alerts

CISA Cybersecurity Alerts

Flash cybersecurity advisories from the US Government. These alerts provide timely technical and operational information, indicators of compromise, and mitigations for current major security threats, vulnerabilities, and exploits. These alerts have been edited and adapted for audio by The CyberWire as a public service.

Trailer

Recent Episodes

Ep 18 | 5.20.22

CISA Alert AA22-138B – Threat actors chaining unpatched VMware vulnerabilities for full system control.

CISA is releasing this cybersecurity advisory to warn organizations that malicious cyber actors are exploiting CVE-2022-22954 and CVE-2022-22960 separately and in combination. These vulnerabilities affect versions of VMware products. Successful exploitation permits malicious actors to trigger a server-side template injection that may result in remote code execution or escalation of privileges to root level access. Based on this activity, CISA expects malicious cyber actors to quickly develop a capability to exploit newly released VMware vulnerabilities CVE-2022-22972 and CVE-2022-22973 in the same impacted VMware products.

TranscriptTranscript
Ep 17 | 5.18.22

CISA Alert AA22-138A – Threat Actors Exploiting F5 BIG-IP CVE-2022-1388.

CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC), are releasing this joint Cybersecurity Advisory in response to active exploitation of CVE-2022-1388. This vulnerability is a critical iControl REST authentication bypass vulnerability affecting multiple versions of F5 Networks BIG-IP.

TranscriptTranscript
Ep 16 | 5.17.22

CISA Alert AA22-137A – Weak security controls and practices routinely exploited for initial access.

This joint cybersecurity advisory was coauthored by the cybersecurity authorities of the US, Canada, New Zealand, the Netherlands, and the UK. Cyber actors routinely exploit poor security configurations, weak controls, and other poor cyber hygiene practices to gain initial access or as part of other tactics to compromise a victim’s system. This joint Cybersecurity Advisory identifies commonly exploited controls and practices, and includes best practices to mitigate these risks.

TranscriptTranscript
Ep 15 | 5.12.22

CISA Alert AA22-131A – Protecting against cyber threats to managed service providers and their customers.

The cybersecurity authorities of the UK, Australia, Canada, New Zealand, and the US have observed a recent increase in malicious cyber activity against managed service providers (MSPs). Allied cybersecurity authorities expect state-sponsored cyber actors to increase their targeting of MSPs in an attempt to exploit provider-customer trust relationships. This advisory includes security guidance tailored for both MSPs and their customers.

TranscriptTranscript
Ep 14 | 5.10.22

Update 1 to CISA Alert AA22-076A – Strengthening cybersecurity of SATCOM network providers and customers.

The US government attributes cyberattacks on satellite communication (SATCOM) networks to Russian state-sponsored malicious cyber actors. The FBI and CISA are aware of possible threats to US and international SATCOM networks. Intrusions into SATCOM networks could create risk in customer environments.

TranscriptTranscript
Load More
CISA Cybersecurity Alerts
Schedule: Ad Hoc
Credits: Alert sources include the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA). Technical Editor is Brandon Karpf, Producer is Jennifer Eiben, Audio Engineering, Editing and original music by Elliott Peltzman.
Creator: CyberWire, Inc.
CyberWire logo