Active Threat Alerts

Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester

From mid-June through mid-July 2022, CISA conducted an incident…
November 16, 2022/by SecureTech

#StopRansomware: Daixin Team | CISA

Summary

Actions to take…
October 21, 2022/by SecureTech

Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors

Summary

This joint Cybersecurity…
October 7, 2022/by SecureTech

Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization

Actions to Help Protect Against APT Cyber Activity:• Enforce…
October 5, 2022/by SecureTech

Control System Defense: Know the Opponent

Traditional approaches to securing OT/ICS do not adequately…
September 23, 2022/by SecureTech

Iranian State Actors Conduct Cyber Operations Against the Government of Albania

The Federal Bureau of Investigation (FBI) and the Cybersecurity…
September 22, 2022/by SecureTech

Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations

Summary

Actions to take…
September 14, 2022/by SecureTech

#StopRansomware: Vice Society | CISA

Summary

Actions to take…
September 6, 2022/by SecureTech

Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite

Actions for ZCS administrators to take today to mitigate malicious…
August 17, 2022/by SecureTech

AA22-223A: #StopRansomware: Zeppelin Ransomware

Original release date: August 11, 2022SummaryActions to take…
August 12, 2022/by SecureTech

2021 Top Malware Strains | CISA

Agent Tesla


alert any any -> any any (msg:”HTTP…
August 4, 2022/by SecureTech

North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector

Summary

The Federal Bureau…
July 7, 2022/by SecureTech

#StopRansomware: MedusaLocker | CISA

Summary

Actions to take…
June 30, 2022/by SecureTech

Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems

Actions to take today:• Install fixed builds, updating all…
June 23, 2022/by SecureTech

People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices

Best Practices• Apply patches as soon as possible• Disable…
June 8, 2022/by SecureTech

Karakurt Data Extortion Group | CISA

Actions to take today to mitigate cyber threats from ransomware:•…
June 2, 2022/by SecureTech

Threat Actors Exploiting F5 BIG-IP CVE-2022-1388

Actions for administrators to take today:• Do not expose…
May 19, 2022/by SecureTech

Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control

The Cybersecurity and Infrastructure Security Agency (CISA)…
May 18, 2022/by SecureTech

Weak Security Controls and Practices Routinely Exploited for Initial Access

Best Practices to Protect Your Systems:• Control access.•…
May 17, 2022/by SecureTech

Protecting Against Cyber Threats to Managed Service Providers and their Customers

Tactical actions for MSPs and their customers to take today:•…
May 11, 2022/by SecureTech

2021 Top Routinely Exploited Vulnerabilities

This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity…
April 28, 2022/by SecureTech

Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure

Russian State-Sponsored Cyber Operations

Russian state-sponsored…
April 21, 2022/by SecureTech

TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies

Actions to take today to mitigate cyber threats to cryptocurrency:•…
April 19, 2022/by SecureTech

APT Cyber Tools Targeting ICS/SCADA Devices

Summary

Actions to Take…
April 13, 2022/by SecureTech

Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector

Tactic
Technique
Use 
Detection/Mitigations
Reconnaissance…
March 25, 2022/by SecureTech

Strengthening Cybersecurity of SATCOM Network Providers and Customers

Actions to Take Today:• Use secure methods for authentication.•…
March 18, 2022/by SecureTech