Active Threat Alerts

IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities

SUMMARY
The Federal Bureau of Investigation (FBI),…
December 2, 2023/by SecureTech

#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability

SUMMARY
Note: This joint Cybersecurity Advisory…
November 22, 2023/by SecureTech

Scattered Spider | CISA

SUMMARY
The Federal Bureau of Investigation (FBI)…
November 17, 2023/by SecureTech

#StopRansomware: Rhysida Ransomware | CISA

SUMMARY
Note: This joint Cybersecurity Advisory…
November 16, 2023/by SecureTech

Threat Actors Exploit Atlassian Confluence CVE-2023-22515 for Initial Access to Networks

SUMMARY
The Cybersecurity and Infrastructure Security…
October 17, 2023/by SecureTech

#StopRansomware: AvosLocker Ransomware (Update) | CISA

SUMMARY
Note: This joint Cybersecurity Advisory…
October 12, 2023/by SecureTech

NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations

A plea for network defenders and software manufacturers…
October 5, 2023/by SecureTech

People’s Republic of China-Linked Cyber Actors Hide in Router Firmware

Executive Summary
The United States National Security…
September 27, 2023/by SecureTech

#StopRansomware: Snatch Ransomware | CISA

SUMMARY
Note: This joint Cybersecurity Advisory…
September 21, 2023/by SecureTech

Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475

SUMMARY
The Cybersecurity and Infrastructure Security…
September 7, 2023/by SecureTech

Identification and Disruption of QakBot Infrastructure

SUMMARY
The Cybersecurity and Infrastructure Security…
August 30, 2023/by SecureTech

2022 Top Routinely Exploited Vulnerabilities

SUMMARY
The following cybersecurity agencies coauthored…
August 3, 2023/by SecureTech

Threat Actors Exploiting Ivanti EPMM Vulnerabilities

SUMMARY
The Cybersecurity and Infrastructure Security Agency…
August 1, 2023/by SecureTech

Preventing Web Application Access Control Abuse

SUMMARY
The Australian Signals Directorate’s Australian…
July 28, 2023/by SecureTech

Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells

SUMMARY
The Cybersecurity and Infrastructure Security…
July 21, 2023/by SecureTech

Enhanced Monitoring to Detect APT Activity Targeting Outlook Online

SUMMARY
In June 2023, a Federal Civilian Executive…
July 13, 2023/by SecureTech

Increased Truebot Activity Infects U.S. and Canada Based Networks

SUMMARY
The Cybersecurity and Infrastructure Security…
July 7, 2023/by SecureTech

Understanding Ransomware Threat Actors: LockBit

SUMMARY
In 2022, LockBit was the most deployed ransomware…
June 15, 2023/by SecureTech

#StopRansomware: CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability

SUMMARY
Note: this joint Cybersecurity Advisory…
June 8, 2023/by SecureTech

People’s Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection

The United States and international cybersecurity…
May 24, 2023/by SecureTech

#StopRansomware: BianLian Ransomware Group | CISA

Summary
Note: This joint Cybersecurity Advisory…
May 17, 2023/by SecureTech

Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG

SUMMARY
The Federal Bureau of Investigation (FBI)…
May 12, 2023/by SecureTech

Hunting Russian Intelligence “Snake” Malware

SUMMARY
The Snake implant is considered the most…
May 10, 2023/by SecureTech

APT28 Exploits Known Vulnerability to Carry Out Reconnaissance and Deploy Malware on Cisco Routers

APT28 accesses poorly maintained Cisco routers and…
April 18, 2023/by SecureTech

#StopRansomware: LockBit 3.0 | CISA

SUMMARY
Note: this joint Cybersecurity Advisory…
March 16, 2023/by SecureTech

Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server

SUMMARY
From November 2022 through early January…
March 15, 2023/by SecureTech