Sicherheitshinweise

Hinweise zu Schwachstellen und Gefährdungen

Veröffentlichungen von Partnern und Behörden

Nachfolgend finden Sie Sicherheitshinweise von Partnern und Behörden zu Schwachstellen und Gefährdungen.

Die Hinweise enthalten Links zu externen Websites Dritter, auf deren Inhalte wir keinen Einfluss haben. Deshalb können wir für diese fremden Inhalte auch keine Gewähr übernehmen. Für die Inhalte der verlinkten Seiten ist stets der jeweilige Anbieter oder Betreiber der Seiten verantwortlich.

Cisco Systems - Security Advisory (in englisch)

  • Vulnerabilities in Layer 2 Network Security Controls Affecting Cisco Products: September 2022
    On September 27, 2022, the following vulnerabilities affecting Cisco products were disclosed by Cert/CC as part of VU855201, titled L2 network security controls can be bypassed using VLAN 0 stacking and/or 802.3 headers: CVE-2021-27853: Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2022-10-05
  • Cisco Enterprise NFV Infrastructure Software Improper Signature Verification Vulnerability
    A vulnerability in the upgrade signature verification of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, local attacker to provide an unauthentic upgrade file for upload. This vulnerability is due to insufficient cryptographic signature verification of upgrade files. An attacker could exploit this vulnerability by providing an administrator with... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2022-10-05
  • Cisco Jabber Client Software Extensible Messaging and Presence Protocol Stanza Smuggling Vulnerability
    A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper handling of nested XMPP messages within requests that are... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2022-10-05
  • Cisco Touch 10 Devices Downgrade Vulnerability
    A vulnerability in the version control of Cisco TelePresence CE Software for Cisco Touch 10 Devices could allow an unauthenticated, adjacent attacker to install an older version of the software on an affected device. This vulnerability is due to insufficient version control. An attacker could exploit this vulnerability by installing an older... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2022-10-05
  • Cisco Secure Web Appliance Content Encoding Filter Bypass Vulnerability
    A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an unauthenticated, remote attacker to bypass a configured rule, thereby allowing traffic onto a network that should have been blocked. This vulnerability exists because malformed, encoded traffic is... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2022-10-05
  • Cisco Touch 10 Devices Insufficient Identity Verification Vulnerability
    A vulnerability in pairing process of Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices could allow an unauthenticated, remote attacker to impersonate a legitimate device and pair with an affected device. This vulnerability is due to insufficient identity verification. An attacker could exploit this vulnerability by impersonating a... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2022-10-05
  • Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities
    Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series Software and Cisco TelePresence Video Communication Server (VCS) Software could allow a remote attacker to bypass certificate validation or conduct cross-site request forgery attacks on an affected device. Note: Cisco Expressway Series refers to the Expressway Control (Expressway-C)... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2022-10-05
  • Cisco ATA 190 Series Analog Telephone Adapter Software Vulnerabilities
    Multiple vulnerabilities in the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) for Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to execute code, cause the service to reload unexpectedly, or cause Cisco Discovery Protocol or LLDP database corruption on an affected device. Note: Cisco Discovery Protocol and LLDP... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2022-10-05
  • Cisco BroadWorks Hosted Thin Receptionist Cross-Site Scripting Vulnerability
    A vulnerability in the web management interface of Cisco BroadWorks Hosted Thin Receptionist could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by persuading a user... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2022-10-05
  • Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability
    A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem could allow an authenticated, remote attacker to elevate privileges on an affected system. This vulnerability is due to inadequate protection of sensitive user information. An attacker could exploit this vulnerability by accessing certain logs on an affected system.... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2022-10-05
  • Cisco Access Points VLAN Bypass from Native VLAN Vulnerability
    A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due to a logic error on the AP that forwards packets that are... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2022-10-04
  • Cisco Secure Web Appliance Privilege Escalation Vulnerability
    A vulnerability in the web management interface of Cisco AsyncOS for Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to perform a command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied input for the web interface. An attacker could... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2022-10-03
  • Cisco SD-WAN Software Privilege Escalation Vulnerabilities
    Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2022-09-29
  • Cisco Duo for macOS Authentication Bypass Vulnerability
    A vulnerability in the smart card login authentication of Cisco Duo for macOS could allow an unauthenticated attacker with physical access to bypass authentication. This vulnerability exists because the assigned user of a smart card is not properly matched with the authenticating user. An attacker could exploit this vulnerability by configuring... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2022-09-29
  • Cisco IOS and IOS XE Software Common Industrial Protocol Request Denial of Service Vulnerability
    A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2022-09-29
  • Cisco IOS XE Software for Catalyst Switches MPLS Denial of Service Vulnerability
    A vulnerability in the egress MPLS packet processing function of Cisco IOS XE Software for Cisco Catalyst 3650, Catalyst 3850, and Catalyst 9000 Family Switches could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2022-09-29
  • Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points Privilege Escalation Vulnerability
    A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points could allow an authenticated, local attacker to escape the restricted controller shell and execute arbitrary commands on the underlying operating system of the access point. This vulnerability is due to improper checks... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2022-09-29
  • Cisco SD-WAN Software Arbitrary File Corruption Vulnerability
    A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary commands that are executed as the root user account.... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2022-09-29
  • Cisco Catalyst 9100 Series Access Points Association Request Denial of Service Vulnerability
    A vulnerability in the 802.11 association frame validation of Cisco Catalyst 9100 Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of certain parameters within association request frames received by... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2022-09-29
  • Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Mobility Denial of Service Vulnerability
    A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) Mobility messages in Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2022-09-29

Bundesamt für Sicherheit in der Informationstechnik - CERT Bund

  • CB-K22/0321 Update 33
    OpenSSL ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert. Ein entfernter, anonymer Angreifer kann eine Schwachstelle in OpenSSL ausnutzen, um einen Denial of Service Angriff durchzuführen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0552 Update 4
    Der Kernel stellt den Kern des Linux Betriebssystems dar. Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0407 Update 23
    Das gzip-Paket ist ein GNU Kompressionsprogramm. Ein entfernter, anonymer Angreifer kann eine Schwachstelle in gzip ausnutzen, um Dateien zu manipulieren.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0411 Update 3
    Der Kernel stellt den Kern des Linux Betriebssystems dar. Ein lokaler Angreifer kann eine Schwachstelle im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0626 Update 8
    Der Kernel stellt den Kern des Linux Betriebssystems dar. Ein lokaler Angreifer kann eine Schwachstelle im Linux Kernel ausnutzen, um seine Privilegien zu erhöhen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K21/0849 Update 35
    Der Kernel stellt den Kern des Linux Betriebssystems dar. Ein lokaler Angreifer kann eine Schwachstelle im Linux Kernel ausnutzen, um seine Privilegien zu erhöhen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0361 Update 22
    Der Kernel stellt den Kern des Linux Betriebssystems dar. Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um seine Privilegien zu erhöhen und vertrauliche Informationen offenzulegen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0386 Update 26
    Die zlib ist eine freie Programmbibliothek zum Komprimieren und Dekomprimieren von Daten. Ein entfernter, anonymer Angreifer kann eine Schwachstelle in zlib ausnutzen, um beliebigen Programmcode auszuführen oder einen Denial of Service Zustand herbeizuführen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0311 Update 5
    QEMU ist eine freie Virtualisierungssoftware, die die gesamte Hardware eines Computers emuliert. Ein lokaler Angreifer kann mehrere Schwachstellen in QEMU ausnutzen, um Informationen offenzulegen oder sonstige Auswirkungen zu verursachen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0526 Update 2
    QEMU ist eine freie Virtualisierungssoftware, die die gesamte Hardware eines Computers emuliert. Ein lokaler Angreifer kann mehrere Schwachstelle in QEMU ausnutzen, um einen Denial of Service Angriff durchzuführen und beliebigen Code auszuführen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0570 Update 6
    cURL ist eine Client-Software, die das Austauschen von Dateien mittels mehrerer Protokolle wie z. B. HTTP oder FTP erlaubt. Ein Angreifer kann mehrere Schwachstellen in cURL ausnutzen, um Informationen offenzulegen, Sicherheitsvorkehrungen zu umgehen, Dateien zu löschen oder einen Denial of Service zu verursachen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0048 Update 8
    Der Kernel stellt den Kern des Linux Betriebssystems dar. Ein lokaler Angreifer kann eine Schwachstelle im Linux Kernel ausnutzen, um seine Privilegien zu erhöhen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K21/1198 Update 7
    Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution. Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat Enterprise Linux ausnutzen, um beliebigen Programmcode auszuführen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0397 Update 9
    Xen ist ein Virtueller-Maschinen-Monitor (VMM), der Hardware (x86, IA-64, PowerPC) für die darauf laufenden Systeme (Domains) paravirtualisiert. Ein lokaler Angreifer kann eine Schwachstelle in Xen ausnutzen, um einen Denial of Service zu verursachen und potentiell seine Privilegien zu erhöhen oder Informationen offenzulegen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0623 Update 2
    Das "Gnu Image Manipulation Program" ist eine Open Source Software zum Bearbeiten von Bildern. Es ist auch Bestandteil vieler Linux Distributionen. Ein entfernter, anonymer Angreifer kann eine Schwachstelle in GIMP ausnutzen, um einen Denial of Service Angriff durchzuführen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0404 Update 11
    Der Kernel stellt den Kern des Linux Betriebssystems dar. Ein lokaler Angreifer kann eine Schwachstelle im Linux Kernel ausnutzen, um seine Privilegien zu erhöhen oder einen Denial of Service zu verursachen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0641 Update 5
    Der Kernel stellt den Kern des Linux Betriebssystems dar. Ein lokaler Angreifer kann eine Schwachstelle im Linux Kernel ausnutzen, um seine Privilegien zu erhöhen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0201 Update 6
    PHP ist eine Programmiersprache, die zur Implementierung von Web-Applikationen genutzt wird. Ein entfernter, anonymer Angreifer kann eine Schwachstelle in PHP ausnutzen, um einen Denial of Service Angriff durchzuführen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0656 Update 2
    logrotate ist ein Werkzeug um Log-Dateien zu verwalten. Ein entfernter, anonymer Angreifer kann eine Schwachstelle in logrotate ausnutzen, um einen Denial of Service Angriff durchzuführen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0642 Update 8
    Firefox ist ein Open Source Web Browser. ESR ist die Variante mit verlängertem Support. Thunderbird ist ein Open Source E-Mail Client. Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird ausnutzen, um beliebigen Programmcode auszuführen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022

US Department of Homeland Security - Alerts (in englisch)

  • AA22-279A: Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors
    Original release date: October 6, 2022SummaryThis joint Cybersecurity Advisory (CSA) provides the top Common Vulnerabilities and Exposures (CVEs) used since 2020 by People’s Republic of China (PRC) state-sponsored cyber actors as assessed by the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI).... more
    Source: Security - CISA-USA - Security Alerts Published on: 2022-10-06
  • AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization
    Original release date: October 4, 2022SummaryActions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity: • Enforce multifactor authentication (MFA) on all user accounts. • Implement network segmentation to separate network segments based on role and functionality. • Update software, including operating systems, applications, and firmware, on network assets. •... more
    Source: Security - CISA-USA - Security Alerts Published on: 2022-10-04
  • AA22-265A: Control System Defense: Know the Opponent
    Original release date: September 22, 2022SummaryTraditional approaches to securing OT/ICS do not adequately address current threats. Operational technology/industrial control system (OT/ICS) assets that operate, control, and monitor day-to-day critical infrastructure and industrial processes continue to be an attractive target for malicious cyber actors. These cyber actors, including advanced persistent threat... more
    Source: Security - CISA-USA - Security Alerts Published on: 2022-09-22
  • A22-264A: Iranian State Actors Conduct Cyber Operations Against the Government of Albania
    Original release date: September 21, 2022SummaryThe Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory to provide information on recent cyber operations against the Government of Albania in July and September. This advisory provides a timeline of activity observed, from... more
    Source: Security - CISA-USA - Security Alerts Published on: 2022-09-21
  • AA22-257A: Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations
    Original release date: September 14, 2022SummaryActions to take today to protect against ransom operations: • Keep systems and software updated and prioritize remediating known exploited vulnerabilities. • Enforce MFA. • Make offline backups of your data. This joint Cybersecurity Advisory (CSA) is the result of an analytic effort among the... more
    Source: Security - CISA-USA - Security Alerts Published on: 2022-09-14
  • AA22-249A: #StopRansomware: Vice Society
    Original release date: September 6, 2022SummaryActions to take today to mitigate cyber threats from ransomware: • Prioritize and remediate known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce multifactor authentication. Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to... more
    Source: Security - CISA-USA - Security Alerts Published on: 2022-09-06
  • AA22-228A: Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite
    Original release date: August 16, 2022SummaryActions for ZCS administrators to take today to mitigate malicious cyber activity: • Patch all systems and prioritize patching known exploited vulnerabilities. • Deploy detection signatures and hunt for indicators of compromise (IOCs). • If ZCS was compromised, remediate malicious activity. The Cybersecurity and Infrastructure... more
    Source: Security - CISA-USA - Security Alerts Published on: 2022-08-16
  • AA22-223A: #StopRansomware: Zeppelin Ransomware
    Original release date: August 11, 2022SummaryActions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce multifactor authentication. Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to... more
    Source: Security - CISA-USA - Security Alerts Published on: 2022-08-11
  • AA22-216A: 2021 Top Malware Strains
    Original release date: August 4, 2022SummaryImmediate Actions You Can Take Now to Protect Against Malware: • Patch all systems and prioritize patching known exploited vulnerabilities. • Enforce multifactor authentication (MFA). • Secure Remote Desktop Protocol (RDP) and other risky services. • Make offline backups of your data. • Provide end-user... more
    Source: Security - CISA-USA - Security Alerts Published on: 2022-08-04
  • AA22-187A: North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector
    Original release date: July 6, 2022SummaryThe Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of the Treasury (Treasury) are releasing this joint Cybersecurity Advisory (CSA) to provide information on Maui ransomware, which has been used by North Korean state-sponsored cyber actors since at least... more
    Source: Security - CISA-USA - Security Alerts Published on: 2022-07-06
  • AA22-181A: #StopRansomware: MedusaLocker
    Original release date: June 30, 2022SummaryActions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce multifactor authentication. Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to... more
    Source: Security - CISA-USA - Security Alerts Published on: 2022-06-30
  • AA22-174A: Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems
    Original release date: June 23, 2022SummaryActions to take today: • Install fixed builds, updating all affected VMware Horizon and UAG systems to the latest versions. If updates or workarounds were not promptly applied following VMware’s release of updates for Log4Shell in December 2021, treat all affected VMware systems as compromised.... more
    Source: Security - CISA-USA - Security Alerts Published on: 2022-06-23
  • AA22-158A: People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices
    Original release date: June 7, 2022SummaryBest Practices • Apply patches as soon as possible • Disable unnecessary ports and protocols • Replace end-of-life infrastructure • Implement a centralized patch management system This joint Cybersecurity Advisory describes the ways in which People’s Republic of China (PRC) state-sponsored cyber actors continue to... more
    Source: Security - CISA-USA - Security Alerts Published on: 2022-06-08
  • AA22-152A: Karakurt Data Extortion Group
    Original release date: June 1, 2022SummaryActions to take today to mitigate cyber threats from ransomware: • Prioritize patching known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enforce multifactor authentication. The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Department of... more
    Source: Security - CISA-USA - Security Alerts Published on: 2022-06-01
  • AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control
    Original release date: May 18, 2022SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is releasing this Cybersecurity Advisory (CSA) to warn organizations that malicious cyber actors, likely advanced persistent threat (APT) actors, are exploiting CVE-2022-22954 and CVE-2022-22960 separately and in combination. These vulnerabilities affect certain versions of VMware Workspace ONE Access,... more
    Source: Security - CISA-USA - Security Alerts Published on: 2022-05-18
  • AA22-138A: Threat Actors Exploiting F5 BIG-IP CVE-2022-1388
    Original release date: May 18, 2022SummaryActions for administrators to take today: • Do not expose management interfaces to the internet. • Enforce multi-factor authentication. • Consider using CISA’s Cyber Hygiene Services. The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) are releasing this... more
    Source: Security - CISA-USA - Security Alerts Published on: 2022-05-18
  • AA22-137A: Weak Security Controls and Practices Routinely Exploited for Initial Access
    Original release date: May 17, 2022SummaryBest Practices to Protect Your Systems: • Control access. • Harden Credentials. • Establish centralized log management. • Use antivirus solutions. • Employ detection tools. • Operate services exposed on internet-accessible hosts with secure configurations. • Keep software updated. Cyber actors routinely exploit poor security... more
    Source: Security - CISA-USA - Security Alerts Published on: 2022-05-17
  • AA22-131A: Protecting Against Cyber Threats to Managed Service Providers and their Customers
    Original release date: May 11, 2022SummaryTactical actions for MSPs and their customers to take today: • Identify and disable accounts that are no longer in use. • Enforce MFA on MSP accounts that access the customer environment and monitor for unexplained failed authentication. • Ensure MSP-customer contracts transparently identify ownership... more
    Source: Security - CISA-USA - Security Alerts Published on: 2022-05-11
  • AA22-117A: 2021 Top Routinely Exploited Vulnerabilities
    Original release date: April 27, 2022SummaryThis joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), Canadian Centre... more
    Source: Security - CISA-USA - Security Alerts Published on: 2022-04-27
  • AA22-110A: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
    Original release date: April 20, 2022SummaryActions critical infrastructure organizations should implement to immediately protect against Russian state-sponsored and criminal cyber threats: • Patch all systems. Prioritize patching known exploited vulnerabilities. • Enforce multifactor authentication. • Secure and monitor Remote Desktop Protocol and other risky services. • Provide end-user awareness and... more
    Source: Security - CISA-USA - Security Alerts Published on: 2022-04-20

Sie sind nicht sicher bei der
Bewertung der Security-Alerts?

Tips zur Erhöhung der IT-Sicherheit

Hilfreiche Tipps zu häufigen Sicherheitsproblemen für nichttechnische Computerbenutzer vom US Department of Homeland Security (in englisch)

Gerne beraten wir Sie zur Sicherheit Ihrer Kommunikationssysteme

Nutzen Sie unser Quick Formular, rufen Sie uns an oder schreiben uns eine ausführliche Kontaktanfrage.

    * Erforderliche Angaben


    Hiermit willige ich in die Verarbeitung meiner personenbezogenen Daten ein.*