Active Threat Alerts

Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability

Summary

Multifactor Authentication…
March 16, 2022/by SecureTech

Destructive Malware Targeting Organizations in Ukraine

Actions to Take Today:• Set antivirus and antimalware programs…
February 26, 2022/by SecureTech

Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks

Summary

Actions to Take…
February 24, 2022/by SecureTech

New Sandworm Malware Cyclops Blink Replaces VPNFilter

Summary

The Sandworm actor,…
February 23, 2022/by SecureTech

Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology

Summary

Actions to Help…
February 17, 2022/by SecureTech

2021 Trends Show Increased Globalized Threat of Ransomware

Summary

Immediate Actions…
February 10, 2022/by SecureTech

Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

Summary

Actions Critical…
January 12, 2022/by SecureTech

Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA),…
December 22, 2021/by SecureTech

APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus

Summary

This joint Cybersecurity…
December 3, 2021/by SecureTech

Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities

Summary

Actions to Take…
November 17, 2021/by SecureTech

BlackMatter Ransomware | CISA

Summary

Actions You Can…
October 19, 2021/by SecureTech

Ongoing Cyber Threats to U.S. Water and Wastewater Systems

Summary

Immediate Actions…
October 14, 2021/by SecureTech

Conti Ransomware | CISA

Summary

Immediate Actions…
September 23, 2021/by SecureTech

APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus

Summary

This Joint Cybersecurity…
September 17, 2021/by SecureTech

Ransomware Awareness for Holidays and Weekends

Immediate Actions You Can Take Now to Protect Against Ransomware•…
August 31, 2021/by SecureTech

BadAlloc Vulnerability Affecting BlackBerry QNX RTOS

On August 17, 2021, BlackBerry publicly disclosed that its…
August 18, 2021/by SecureTech

Top Routinely Exploited Vulnerabilities | CISA

This Joint Cybersecurity Advisory was coauthored by the U.S.…
July 28, 2021/by SecureTech

Chinese State-Sponsored Cyber Operations: Observed TTPs

This advisory uses the MITRE Adversarial Tactics, Techniques,…
July 21, 2021/by SecureTech

Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013

This Advisory uses the MITRE Adversarial Tactics, Techniques,…
July 20, 2021/by SecureTech

AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department

Original release date: July 19, 2021SummaryThis Joint Cybersecurity…
July 19, 2021/by SecureTech

Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs

Summary

This Joint Cybersecurity…
May 29, 2021/by SecureTech

DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks

Summary

This Advisory uses the MITRE…
May 12, 2021/by SecureTech

Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders

The Federal Bureau of Investigation (FBI), Department of Homeland…
April 27, 2021/by SecureTech

Exploitation of Pulse Connect Secure Vulnerabilities

Summary

The Cybersecurity and Infrastructure…
April 21, 2021/by SecureTech

Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool

Summary

This Alert announces the…
March 19, 2021/by SecureTech

TrickBot Malware | CISA

This Advisory uses the MITRE Adversarial Tactics, Techniques,…
March 18, 2021/by SecureTech