Original release date: October 31, 2022

CISA has released two fact sheets to highlight threats against accounts and systems using certain forms of multifactor authentication (MFA). CISA strongly urges all organizations to implement phishing-resistant MFA to protect against phishing and other known cyber threats. If an organization using mobile push-notification-based MFA is unable to implement phishing-resistant MFA, CISA recommends using number matching to mitigate MFA fatigue. Although number matching is not as strong as phishing-resistant MFA, it is one of best interim mitigation for organizations who may not immediately be able to implement phishing-resistant MFA.  

CISA recommends users and organizations see CISA fact sheets Implementing Phishing-Resistant MFA and Implementing Number Matching in MFA Applications. Visit CISA.gov/MFA for more information on MFA, including an infographic of the hierarchy of MFA options.

Original release date: October 28, 2022

CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have released Understanding and Responding to Distributed Denial-of-Service Attacks provide organizations proactive steps to reduce the likelihood and impact of distributed denial-of-service (DDoS) attacks. The guidance is for both network defenders and leaders to help them understand and respond to DDoS attacks, which can cost an organization time, money, and reputational damage.

Concurrently, CISA has released Capacity Enhancement Guide (CEG): Additional DDoS Guidance for Federal Agencies, which provides federal civilian executive branch (FCEB) agencies additional DDoS guidance, including recommended FCEB contract vehicles and services that provide DDoS protection and mitigations. 

CISA encourages all network defenders and leaders to review Understanding and Responding to Distributed Denial-of-Service Attacks. CISA recommends FCEB network defenders and leaders also review Additional DDoS Guidance for Federal Agencies. See CISA’s tip, Understanding Denial-of-Service Attacks for additional guidance.
 

Original release date: October 27, 2022

CISA has released four (4) Industrial Control Systems (ICS) advisories on October 27, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations:

•    ICSA-22-300-01 Rockwell Automation FactoryTalk Alarm and Events Server
•    ICSA-22-300-02 SAUTER Controls moduWeb
•    ICSA-22-300-03 Rockwell Automation Stratix Devices Containing Cisco IOS
•    ICSA-22-300-04 Trihedral VTScada

Original release date: October 26, 2022

The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. 

CISA encourages users and administrators to review the following Samba Security Announcements and apply the necessary updates and workarounds. 

•    CVE-2022-3437  
•    CVE-2022-3592

Original release date: October 25, 2022

On Nov. 1, 2022, CISA will upgrade from Traffic Light Protocol (TLP) 1.0 to TLP 2.0 in accordance with the recommendation by the Forum of Incident Response Security Teams (FIRST) that organizations move to 2.0 by the end of 2022. TLP Version 2.0 brings the following key updates:

• TLP:CLEAR replaces TLP:WHITE for publicly releasable information.
• TLP:AMBER+STRICT supplements TLP:AMBER, clarifying when information  may be shared with the recipient’s organization only.

CISA encourages all network defenders and partners to upgrade to TLP Version 2.0 to facilitate greater information sharing and collaboration. For more information see:

• On Nov. 1, CISA Upgrades to Traffic Light Protocol 2.0 — Join Us! by Tom Millar, Cybersecurity Senior Advisor, CISA, and Co-chair of the FIRST TLP Special Interest Group (SIG)
• CISA.gov/TLP, which contains links to CISA’s TLP 2.0 User Guide and Fact Sheet
• FIRST.org/TLP