Preventing Web Application Access Control Abuse
SUMMARY
The Australian Signals Directorate’s Australian…
The Australian Signals Directorate’s Australian…
Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells
SUMMARY
The Cybersecurity and Infrastructure Security…
The Cybersecurity and Infrastructure Security…
Enhanced Monitoring to Detect APT Activity Targeting Outlook Online
SUMMARY
In June 2023, a Federal Civilian Executive…
In June 2023, a Federal Civilian Executive…
Increased Truebot Activity Infects U.S. and Canada Based Networks
SUMMARY
The Cybersecurity and Infrastructure Security…
The Cybersecurity and Infrastructure Security…
Understanding Ransomware Threat Actors: LockBit
SUMMARY
In 2022, LockBit was the most deployed ransomware…
In 2022, LockBit was the most deployed ransomware…
#StopRansomware: CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability
SUMMARY
Note: this joint Cybersecurity Advisory…
Note: this joint Cybersecurity Advisory…
People’s Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection
The United States and international cybersecurity…
#StopRansomware: BianLian Ransomware Group | CISA
Summary
Note: This joint Cybersecurity Advisory…
Note: This joint Cybersecurity Advisory…
Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG
SUMMARY
The Federal Bureau of Investigation (FBI)…
The Federal Bureau of Investigation (FBI)…
Hunting Russian Intelligence “Snake” Malware
SUMMARY
The Snake implant is considered the most…
The Snake implant is considered the most…
APT28 Exploits Known Vulnerability to Carry Out Reconnaissance and Deploy Malware on Cisco Routers
APT28 accesses poorly maintained Cisco routers and…
#StopRansomware: LockBit 3.0 | CISA
SUMMARY
Note: this joint Cybersecurity Advisory…
Note: this joint Cybersecurity Advisory…
Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server
SUMMARY
From November 2022 through early January…
From November 2022 through early January…
#StopRansomware: Royal Ransomware | CISA
SUMMARY
Note: This joint Cybersecurity Advisory…
Note: This joint Cybersecurity Advisory…
CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks
SUMMARY
The Cybersecurity and Infrastructure Security…
The Cybersecurity and Infrastructure Security…
#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Note: This Cybersecurity Advisory (CSA) is part of an ongoing…
ESXiArgs Ransomware Virtual Machine Recovery Guidance
The Cybersecurity and Infrastructure Security Agency (CISA)…
Protecting Against Malicious Use of Remote Monitoring and Management Software
The Cybersecurity and Infrastructure Security Agency (CISA),…
#StopRansomware: Cuba Ransomware | CISA
Summary
Actions to take…
Actions to take…
#StopRansomware: Hive Ransomware | CISA
Summary
Actions to Take…
Actions to Take…
Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester
From mid-June through mid-July 2022, CISA conducted an incident…
#StopRansomware: Daixin Team | CISA
Summary
Actions to take…
Actions to take…
Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors
Summary
This joint Cybersecurity…
This joint Cybersecurity…
Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization
Actions to Help Protect Against APT Cyber Activity:• Enforce…
Control System Defense: Know the Opponent
Traditional approaches to securing OT/ICS do not adequately…
Iranian State Actors Conduct Cyber Operations Against the Government of Albania
The Federal Bureau of Investigation (FBI) and the Cybersecurity…