Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability
Summary
Multifactor Authentication…
Multifactor Authentication…
Destructive Malware Targeting Organizations in Ukraine
Actions to Take Today:• Set antivirus and antimalware programs…
Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks
Summary
Actions to Take…
Actions to Take…
New Sandworm Malware Cyclops Blink Replaces VPNFilter
Summary
The Sandworm actor,…
The Sandworm actor,…
Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology
Summary
Actions to Help…
Actions to Help…
2021 Trends Show Increased Globalized Threat of Ransomware
Summary
Immediate Actions…
Immediate Actions…
Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
Summary
Actions Critical…
Actions Critical…
Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA),…
APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus
Summary
This joint Cybersecurity…
This joint Cybersecurity…
Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
Summary
Actions to Take…
Actions to Take…
BlackMatter Ransomware | CISA
Summary
Actions You Can…
Actions You Can…
Ongoing Cyber Threats to U.S. Water and Wastewater Systems
Summary
Immediate Actions…
Immediate Actions…
Conti Ransomware | CISA
Summary
Immediate Actions…
Immediate Actions…
APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus
Summary
This Joint Cybersecurity…
This Joint Cybersecurity…
Ransomware Awareness for Holidays and Weekends
Immediate Actions You Can Take Now to Protect Against Ransomware•…
BadAlloc Vulnerability Affecting BlackBerry QNX RTOS
On August 17, 2021, BlackBerry publicly disclosed that its…
Top Routinely Exploited Vulnerabilities | CISA
This Joint Cybersecurity Advisory was coauthored by the U.S.…
Chinese State-Sponsored Cyber Operations: Observed TTPs
This advisory uses the MITRE Adversarial Tactics, Techniques,…
Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013
This Advisory uses the MITRE Adversarial Tactics, Techniques,…
AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department
Original release date: July 19, 2021SummaryThis Joint Cybersecurity…
Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs
Summary
This Joint Cybersecurity…
This Joint Cybersecurity…
DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks
Summary
This Advisory uses the MITRE…
This Advisory uses the MITRE…
Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders
The Federal Bureau of Investigation (FBI), Department of Homeland…
Exploitation of Pulse Connect Secure Vulnerabilities
Summary
The Cybersecurity and Infrastructure…
The Cybersecurity and Infrastructure…
Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool
Summary
This Alert announces the…
This Alert announces the…
TrickBot Malware | CISA
This Advisory uses the MITRE Adversarial Tactics, Techniques,…