The Cybersecurity and Infrastructure Security Agency (CISA) has added five vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include two Apple, two Microsoft and one OpenSSL vulnerability.
The Cybersecurity Advisory (CSA) published details on the top 15 vulnerabilities most routinely exploited by malicious cyber actors in 2021. Common CVEs include Log4Shell, ProxyLogon, ProxyShell, ZeroLogon and others.
The Federal Bureau of Investigation (FBI) has released new information on BlackCat (also known as ALPHV) ransomware as a service (RaaS), that has compromised at least 60 entities worldwide as of March 2022.
US Government cybersecurity experts are warning of advanced persistent threat (APT) actors using custom tools to target and compromise multiple industrial control system (ICS) and supervisory control and data acquisition (SCADA) devices.