On Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) added two Cisco product vulnerabilities — CVE-2024-20353 and CVE-2024-20359 — as well as one vulnerability affecting popular file transfer tool CrushFTP.

CERT-UA reports that in March 2024, APT44 conducted operations to disrupt information and communication systems at energy, water, and heating suppliers in 10 regions of Ukraine.

The agency is attributing the surge to a group tracked as UAC-0184, which was spotted in February targeting an unnamed Ukrainian entity in Finland. CERT-UA does not attribute UAC-0184’s activity to any specific foreign cyber threat group.

According to a joint advisory from the FBI, CISA, Europol's EC3, and the Netherlands' NCSC-NL, the Akira ransomware operation has breached the networks of over 250 organizations and raked in roughly $42 million in ransom payments.

Some smart locks controlled by Chirp Systems' software can be remotely unlocked by strangers thanks to a critical security vulnerability. This remote exploitation is possible due to passwords and private keys being hard-coded in Chirp's Android app.

According to BOD 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.

CISA has issued a new emergency directive ordering U.S. federal agencies to address risks resulting from the breach of multiple Microsoft corporate email accounts by the Russian APT29 hacking group.

While the mobile phishing campaign has yet to reach some U.S. regions, this can be explained by the fact that complaint information collected so far by IC3 indicates the scam may be moving from state to state.

CISA is taking an active role in collaborating with private industry partners to respond to this incident, especially as it relates to impacted critical infrastructure sector organizations.

The U.S. Department of Health and Human Services (HHS) warns that hackers are now using social engineering tactics to target IT help desks across the Healthcare and Public Health (HPH) sector.