CRI-O Security Update for Kubernetes

CRI-O has released a security update addressing a critical vulnerability—CVE-2022-0811—in CRI-O 1.19. A local attacker could exploit this vulnerability to take control of an affected Kubernetes environment as well as other software or platforms that use CRI-O runtime containers. CISA Read More …

Britain, U.S. warn of satellite communications risks after Ukraine hack

Britain and the United States have warned organisations of the risks associated with using satellite communications following a cyberattack on satellite internet modems as Russia invaded Ukraine. Western intelligence agencies have been investigating the attack which disrupted broadband satellite internet Read More …

CISA: Strengthening Cybersecurity of SATCOM Network Providers and Customers

CISA and the Federal Bureau of Investigation (FBI) are aware of possible threats to U.S. and international satellite communications (SATCOM) networks. Successful intrusions into SATCOM networks could create additional risk for SATCOM network customer environments. In response, CISA and FBI Read More …

Utility Cybersecurity: Situational Awareness Cuts Risk

The electric utility industry is one of the most critical infrastructure industries that highly affect people’s lives and economic activities. The power grids connect the systems of power generation, substation, transmission, and distribution over a wide area. They are going Read More …

National Security Agency Cybersecurity Technical Report: Network Infrastructure Security Guidance

Guidance for securing networks continues to evolve as new vulnerabilities are exploited by adversaries, new security features are implemented, and new methods of securing devices are identified. Improper configuration, incorrect handling of configurations, and weak encryption keys can expose vulnerabilities Read More …

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages Read More …

Building cyber secure Railway Infrastructure

The European Union Agency for Cybersecurity (ENISA) delivers a joint report with the European Rail Information Sharing and Analysis Center (ISAC) to support the sectorial implementation of the NIS Directive. The report released today is designed to give guidance on Read More …

Ukraine: EU deploys cyber rapid-response team

A cyber rapid-response team (CRRT) is being deployed across Europe, after a call for help from Ukraine. The newly formed team of eight to 12 experts, from Lithuania, Croatia, Poland, Estonia, Romania, and the Netherlands, has committed to help defend Read More …

CISA Insights: Foreign Influence Operations Targeting Critical Infrastructure

CISA has released CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure, which provides proactive steps organizations can take to assess and mitigate risks from information manipulation. Malicious actors may use tactics—such as misinformation, disinformation, and malinformation—to Read More …