Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations
Summary
Actions to take…
Actions to take…
#StopRansomware: Vice Society | CISA
Summary
Actions to take…
Actions to take…
Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite
Actions for ZCS administrators to take today to mitigate malicious…
AA22-223A: #StopRansomware: Zeppelin Ransomware
Original release date: August 11, 2022SummaryActions to take…
2021 Top Malware Strains | CISA
Agent Tesla
alert any any -> any any (msg:”HTTP…
alert any any -> any any (msg:”HTTP…
North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector
Summary
The Federal Bureau…
The Federal Bureau…
#StopRansomware: MedusaLocker | CISA
Summary
Actions to take…
Actions to take…
Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems
Actions to take today:• Install fixed builds, updating all…
People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices
Best Practices• Apply patches as soon as possible• Disable…
Karakurt Data Extortion Group | CISA
Actions to take today to mitigate cyber threats from ransomware:•…
Threat Actors Exploiting F5 BIG-IP CVE-2022-1388
Actions for administrators to take today:• Do not expose…
Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control
The Cybersecurity and Infrastructure Security Agency (CISA)…
Weak Security Controls and Practices Routinely Exploited for Initial Access
Best Practices to Protect Your Systems:• Control access.•…
Protecting Against Cyber Threats to Managed Service Providers and their Customers
Tactical actions for MSPs and their customers to take today:•…
2021 Top Routinely Exploited Vulnerabilities
This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity…
Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
Russian State-Sponsored Cyber Operations
Russian state-sponsored…
Russian state-sponsored…
TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies
Actions to take today to mitigate cyber threats to cryptocurrency:•…
APT Cyber Tools Targeting ICS/SCADA Devices
Summary
Actions to Take…
Actions to Take…
Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector
Tactic
Technique
Use
Detection/Mitigations
Reconnaissance…
Technique
Use
Detection/Mitigations
Reconnaissance…
Strengthening Cybersecurity of SATCOM Network Providers and Customers
Actions to Take Today:• Use secure methods for authentication.•…
Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability
Summary
Multifactor Authentication…
Multifactor Authentication…
Destructive Malware Targeting Organizations in Ukraine
Actions to Take Today:• Set antivirus and antimalware programs…
Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks
Summary
Actions to Take…
Actions to Take…
New Sandworm Malware Cyclops Blink Replaces VPNFilter
Summary
The Sandworm actor,…
The Sandworm actor,…
Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology
Summary
Actions to Help…
Actions to Help…
2021 Trends Show Increased Globalized Threat of Ransomware
Summary
Immediate Actions…
Immediate Actions…