The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active abuse in the wild. Details about the flaw were disclosed by Ethiopian cyber security research firm Octagon Networks in March 2022. The exploitation of CVE-2015-2291 in the wild was revealed by CrowdStrike last month, detailing a Scattered Spider (aka Roasted 0ktapus or UNC3944) attack that entailed an attempt to plant a legitimately signed but malicious version of the vulnerable driver using a tactic called Bring Your Own Vulnerable Driver (BYOVD). Lastly, CISA has also added a remote code injection discovered in Fortra's GoAnywhere MFT managed file transfer application (CVE-2023-0669) to the KEV catalog. Federal Civilian Executive Branch (FCEB) agencies are required to apply the fixes by March 3, 2023, to secure the networks against active threats.

Source: Ethiopian News February 11, 2023 06:00 UTC