#StopRansomware: BianLian Ransomware Group | CISA
Summary Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These...
Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors | CISA
Summary This joint Cybersecurity Advisory (CSA) provides the top Common Vulnerabilities and Exposures (CVEs) used since 2020 by People’s Republic of China (PRC) state-sponsored cyber actors as assessed by the...
#StopRansomware: Daixin Team | CISA
Summary Actions to take today to mitigate cyber threats from ransomware: • Install updates for operating systems, software, and firmware as soon as they are released. • Require phishing-resistant MFA...
Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester | CISA
Summary From mid-June through mid-July 2022, CISA conducted an incident response engagement at a Federal Civilian Executive Branch (FCEB) organization where CISA observed suspected advanced persistent threat (APT) activity. In...
#StopRansomware: Hive Ransomware | CISA
Summary Actions to Take Today to Mitigate Cyber Threats from Ransomware: • Prioritize remediating known exploited vulnerabilities. • Enable and enforce multifactor authentication with strong passwords • Close unused ports...
#StopRansomware: Cuba Ransomware | CISA
Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce...
Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
Original release date: January 11, 2022SummaryActions Critical Infrastructure Organizations Should Implement to Immediately Strengthen Their Cyber Posture. • Patch all systems. Prioritize patching known exploited vulnerabilities. • Implement multi-factor authentication....
Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
Original release date: December 22, 2021 | Last revised: December 23, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber...
APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus
Original release date: December 2, 2021 | Last revised: December 6, 2021SummaryThis joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the...
Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
Original release date: November 17, 2021 | Last revised: November 19, 2021SummaryActions to Take Today to Protect Against Iranian State-Sponsored Malicious Cyber Activity • Immediately patch software affected by the...