Microsoft Releases May 2023 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review Microsoft’s May 2023 Security Update Guide and Deployment Information and apply the necessary updates.
Mozilla Releases Security Advisories for Multiple Products
Mozilla has released security advisories to address vulnerabilities in Firefox and Firefox ESR. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review the following advisories and apply the necessary updates:
Security Vulnerabilities fixed in Firefox 113 Mozilla Foundation Security Advisory 2023-16
Security Vulnerabilities fixed in Firefox ESR 102.11 Mozilla Foundation Security Advisory 2023-17
For updates addressing lower severity vulnerabilities, see the Mozilla Foundation Security Advisories page.
CISA and Partners Disclose Snake Malware Threat From Russian Cyber Actors
Today, CISA and partners released a joint advisory for a sophisticated cyber espionage tool used by Russian cyber actors. Hunting Russian Intelligence “Snake” Malware provides technical descriptions of the malware’s host architecture and network communications, and mitigations to help detect and defend against this threat.
CISA urges organizations to review the advisory for more information and apply the recommended mitigations and detection guidance. For more information on FSB and Russian state-sponsored cyber activity, please see the joint advisory Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure and CISA’s Russia Cyber Threat Overview and Advisories webpage.
Hunting Russian Intelligence “Snake” Malware
SUMMARY The Snake implant is considered the most sophisticated cyber espionage tool designed and used by Center 16 of Russia’s Federal Security Service (FSB) for long-term intelligence collection on sensitive targets. To conduct operations using this tool, the FSB created a covert peer-to-peer (P2P) network of numerous Snake-infected computers worldwide. Many systems in this P2P […]
Cactus: nuevo ransomware se cifra a sí mismo para evitar su detección
Nuevo grupo de ransomware denominado Cactus ganaría acceso inicial al explotar una vulnerabilidad que presentan los dispositivos VPN y así ganar acceso a la red de las víctimas, moverse lateralmente a otros sistemas y desplegar herramientas remotas legitimas de monitoreo y gestión (RMM) y lograr así, persistencia en la red. Si bien Cactus tienes las […]