CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
Palo Alto Networks’ Unit 42, the cybercrime group tracked as Muddled Libra also known as Scattered Spider or UNC3944 has demonstrated remarkable resilience and adaptation in 2025, following international law enforcement disruptions in late 2024. Despite federal charges against five suspected members in November 2024, the group has escalated its intrusion operations across sectors including […]
The post Inside Muddled Libra’s Playbook: Call Center Attacks for Initial Breach appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Dutch intelligence agencies AIVD and MIVD, alongside Microsoft Threat Intelligence, have identified Laundry Bear also tracked as Void Blizzard as a sophisticated Russian state-sponsored advanced persistent threat (APT) group active since at least April 2024. This actor has focused on espionage operations against NATO countries, Ukraine, and various organizations including the Dutch police, a Ukrainian […]
The post Inside Laundry Bear: Unveiling Infrastructure, Tactics, and Procedures appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.