Bulletins | CERT@VDE

Omron SYSMAC CS/CJ/CP Series and NJ/NX Series (Update A)

Titel

Omron SYSMAC CS/CJ/CP Series and NJ/NX Series (Update A)

Veröffentlicht

9. Februar 2023 16:05

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-179-02

Text

This advisory contains mitigations for Cleartext Transmission of Sensitive Information, Insufficient Verification of Data Authenticity, and Plaintext Storage of a Password vulnerabilities in Omron SYSMAC CS/CJ/CP Series and NJ/NX Series programmable logic controllers.

08.02.2023

AA23-039A: ESXiArgs Ransomware Virtual Machine Recovery Guidance

Titel

AA23-039A: ESXiArgs Ransomware Virtual Machine Recovery Guidance

Veröffentlicht

8. Februar 2023 17:14

URL

https://us-cert.cisa.gov/ncas/alerts/aa23-039a

Text

Original release date: February 8, 2023SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) in response to the ongoing ransomware campaign, known as “ESXiArgs.” Malicious actors may be exploiting known vulnerabilities in VMware ESXi servers that are likely ...

07.02.2023

https://us-cert.cisa.gov/ics/advisories/icsa-23-037-01

EnOcean SmartServer

Titel

EnOcean SmartServer

Veröffentlicht

7. Februar 2023 16:00

URL

Text

Delta Electronics DIAScreen

Titel

Delta Electronics DIAScreen

Veröffentlicht

2. Februar 2023 16:25

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-033-01

Text

Mitsubishi Electric GOT2000 Series and GT SoftGOT2000

Titel

Mitsubishi Electric GOT2000 Series and GT SoftGOT2000

Veröffentlicht

2. Februar 2023 16:20

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-033-02

Text

https://us-cert.cisa.gov/ics/advisories/icsa-23-033-03

Baicells Nova

Titel

Baicells Nova

Veröffentlicht

2. Februar 2023 16:15

URL

Text

Delta Electronics DVW-W02W2-E2

Titel

Delta Electronics DVW-W02W2-E2

Veröffentlicht

2. Februar 2023 16:10

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-033-04

Text

Delta Electronics DX-2100-L1-CN

Titel

Delta Electronics DX-2100-L1-CN

Veröffentlicht

2. Februar 2023 16:05

URL

https://us-cert.cisa.gov/ics/advisories/icsa-23-033-05

Text

Mitsubishi Electric Multiple Factory Automation Products (Update D)

Titel

Mitsubishi Electric Multiple Factory Automation Products (Update D)

Veröffentlicht

2. Februar 2023 16:00

URL

https://us-cert.cisa.gov/ics/advisories/icsa-22-221-01

Text

Januar 2023

Protecting Against Malicious Use of Remote Monitoring and Management Software

Titel

Protecting Against Malicious Use of Remote Monitoring and Management Software

Veröffentlicht

31. Januar 2023 22:32

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-025a

Text

Summary The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) (hereafter referred to as the “authoring organizations”) are releasing this joint Cybersecurity Advisory (CSA) to warn network defenders about malicious use of legitimate remote monitoring and management (RMM) software. In ...

#StopRansomware: Cuba Ransomware

Titel

#StopRansomware: Cuba Ransomware

Veröffentlicht

31. Januar 2023 22:32

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-335a

Text

Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce phishing-resistant multifactor authentication. Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for ...

#StopRansomware: Hive Ransomware

Titel

#StopRansomware: Hive Ransomware

Veröffentlicht

31. Januar 2023 22:32

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-321a

Text

Summary Actions to Take Today to Mitigate Cyber Threats from Ransomware: • Prioritize remediating known exploited vulnerabilities. • Enable and enforce multifactor authentication with strong passwords • Close unused ports and remove any application not deemed necessary for day-to-day operations. Note: This joint Cybersecurity Advisory (CSA) is part of an ...

Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester

Titel

Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester

Veröffentlicht

31. Januar 2023 22:32

URL

https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-320a

Text

Summary From mid-June through mid-July 2022, CISA conducted an incident response engagement at a Federal Civilian Executive Branch (FCEB) organization where CISA observed suspected advanced persistent threat (APT) activity. In the course of incident response activities, CISA determined that cyber threat actors exploited the Log4Shell vulnerability in an unpatched VMware ...

https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-277a

Impacket and Exfiltration Tool Used to Steal Sensitive ...

Titel

<a href="/news-events/cybersecurity-advisories/aa22-277a" hreflang="en">Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization</a>

Veröffentlicht

31. Januar 2023 22:32

URL

Text

https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-335a

#StopRansomware: Cuba Ransomware

Titel

<a href="/news-events/cybersecurity-advisories/aa22-335a" hreflang="en">#StopRansomware: Cuba Ransomware</a>

Veröffentlicht

31. Januar 2023 22:32

URL

Text

https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-279a

Top CVEs Actively Exploited By People’s Republic of Chi...

Titel

<a href="/news-events/cybersecurity-advisories/aa22-279a" hreflang="en">Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors</a>

Veröffentlicht

31. Januar 2023 22:32

URL

Text

https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-294a

#StopRansomware: Daixin Team

Titel

<a href="/news-events/cybersecurity-advisories/aa22-294a" hreflang="en">#StopRansomware: Daixin Team</a>

Veröffentlicht

31. Januar 2023 22:32

URL

Text

https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-320a

Iranian Government-Sponsored APT Actors Compromise Fede...

Titel

<a href="/news-events/cybersecurity-advisories/aa22-320a" hreflang="en">Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester</a>

Veröffentlicht

31. Januar 2023 22:32

URL

Text

https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-321a

#StopRansomware: Hive Ransomware

Titel

<a href="/news-events/cybersecurity-advisories/aa22-321a" hreflang="en">#StopRansomware: Hive Ransomware</a>

Veröffentlicht

31. Januar 2023 22:32

URL

Text

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-025a

Protecting Against Malicious Use of Remote Monitoring a...

Titel

<a href="/news-events/cybersecurity-advisories/aa23-025a" hreflang="en">Protecting Against Malicious Use of Remote Monitoring and Management Software</a>

Veröffentlicht

31. Januar 2023 22:32

URL

Text

26.01.2023