Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
Alerts RSS - National Cyber Awareness System

Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

Original release date: January 11, 2022SummaryActions Critical Infrastructure Organizations Should Implement to Immediately Strengthen Their Cyber Posture. • Patch all systems. Prioritize patching known exploited vulnerabilities. • Implement multi-factor authentication....
Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
Alerts RSS - National Cyber Awareness System

Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

Original release date: December 22, 2021 | Last revised: December 23, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber...
APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus
Alerts RSS - National Cyber Awareness System

APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus

Original release date: December 2, 2021 | Last revised: December 6, 2021SummaryThis joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the...
Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
Alerts RSS - National Cyber Awareness System

Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities

Original release date: November 17, 2021 | Last revised: November 19, 2021SummaryActions to Take Today to Protect Against Iranian State-Sponsored Malicious Cyber Activity • Immediately patch software affected by the...