CISA Issues Emergency Directive 22-03, Enco …
The Cybersecurity and Infrastructure Security Agency (CISA) issued a rare emergency directive instructing organizations to react swiftly to mitigate the actions of threat actors exploiting vulnerabilities in VMware products.
In Emergency Directive 22-03, the agency has encouraged users to ensure they’re using the most updated form of the VMware software by installing the updates released last week from VMware.
“These vulnerabilities pose an unacceptable risk to federal network security,” said CISA Director Jen Easterly. “CISA has issued this Emergency Directive to ensure that federal civilian agencies take urgent action to protect their networks. We also strongly urge every organization – large and small – to follow the federal government’s lead and take similar steps to safeguard their networks.”
The affected VMware products include:
- VMware Workspace ONE Access (Access)
- VMware Identity Manager (vIDM)
- VMware vRealize Automation (vRA)
- VMware Cloud Foundation
- vRealize Suite Lifecycle Manager
Per the CISA guidance on the organization’s website, federal civilian executive branch agencies have been asked to evaluate and enumerate their tech stacks for any affected VMware products and either deploy the updates or remove the software from the network until the updates can be applied.
CISA suggests that affected agencies assume compromise and disconnect the products off the network, and then report any anomalies to [email protected]
Recent news posts
U.S. Marshals Hit with Ransomware Attack; LastPass Continues Damage Control
Laid-Off Tech Workers Could Consider Any of the Nearly 800,000 Open Cybersecurity Jobs
The Rise of ChatGPT: How AI Plays a Vital Role In Cybersecurity
Round Up: Partner Blogs Look Toward 2023
Hackers Don’t Take This Week Off: Weekly News Roundup
Attend an Event!
Connect and collaborate with fellow security innovators at our Virtual Cybersecurity Summits.
- Hot Topics in Cybersecurity (79)
- Industry News (70)
- Infographics (1)
- Infographics (3)
- Interviews (12)
- Press Releases (25)
- Uncategorized (3)
- Virtual Events (9)