Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester
From mid-June through mid-July 2022, CISA conducted an incident…
#StopRansomware: Daixin Team | CISA
Summary
Actions to take…
Actions to take…
Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors
Summary
This joint Cybersecurity…
This joint Cybersecurity…
Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization
Actions to Help Protect Against APT Cyber Activity:• Enforce…
Control System Defense: Know the Opponent
Traditional approaches to securing OT/ICS do not adequately…
Iranian State Actors Conduct Cyber Operations Against the Government of Albania
The Federal Bureau of Investigation (FBI) and the Cybersecurity…
Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations
Summary
Actions to take…
Actions to take…
#StopRansomware: Vice Society | CISA
Summary
Actions to take…
Actions to take…
Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite
Actions for ZCS administrators to take today to mitigate malicious…
AA22-223A: #StopRansomware: Zeppelin Ransomware
Original release date: August 11, 2022SummaryActions to take…
2021 Top Malware Strains | CISA
Agent Tesla
alert any any -> any any (msg:”HTTP…
alert any any -> any any (msg:”HTTP…
North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector
Summary
The Federal Bureau…
The Federal Bureau…
#StopRansomware: MedusaLocker | CISA
Summary
Actions to take…
Actions to take…
Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems
Actions to take today:• Install fixed builds, updating all…
People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices
Best Practices• Apply patches as soon as possible• Disable…
Karakurt Data Extortion Group | CISA
Actions to take today to mitigate cyber threats from ransomware:•…
Threat Actors Exploiting F5 BIG-IP CVE-2022-1388
Actions for administrators to take today:• Do not expose…
Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control
The Cybersecurity and Infrastructure Security Agency (CISA)…
Weak Security Controls and Practices Routinely Exploited for Initial Access
Best Practices to Protect Your Systems:• Control access.•…
Protecting Against Cyber Threats to Managed Service Providers and their Customers
Tactical actions for MSPs and their customers to take today:•…
2021 Top Routinely Exploited Vulnerabilities
This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity…
Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
Russian State-Sponsored Cyber Operations
Russian state-sponsored…
Russian state-sponsored…
TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies
Actions to take today to mitigate cyber threats to cryptocurrency:•…
APT Cyber Tools Targeting ICS/SCADA Devices
Summary
Actions to Take…
Actions to Take…
Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector
Tactic
Technique
Use
Detection/Mitigations
Reconnaissance…
Technique
Use
Detection/Mitigations
Reconnaissance…
Strengthening Cybersecurity of SATCOM Network Providers and Customers
Actions to Take Today:• Use secure methods for authentication.•…