Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
Alerts RSS - National Cyber Awareness System

Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

Original release date: January 11, 2022SummaryActions Critical Infrastructure Organizations Should Implement to Immediately Strengthen Their Cyber Posture. • Patch all systems. Prioritize patching known exploited vulnerabilities. • Implement multi-factor authentication....
Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
Alerts RSS - National Cyber Awareness System

Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

Original release date: December 22, 2021 | Last revised: December 23, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber...
APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus
Alerts RSS - National Cyber Awareness System

APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus

Original release date: December 2, 2021 | Last revised: December 6, 2021SummaryThis joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the...
Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
Alerts RSS - National Cyber Awareness System

Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities

Original release date: November 17, 2021 | Last revised: November 19, 2021SummaryActions to Take Today to Protect Against Iranian State-Sponsored Malicious Cyber Activity • Immediately patch software affected by the...
Ongoing Cyber Threats to U.S. Water and Wastewater Systems
Bulletins RSS - National Cyber Awareness System

Ongoing Cyber Threats to U.S. Water and Wastewater Systems

Original release date: October 14, 2021 | Last revised: October 25, 2021SummaryImmediate Actions WWS Facilities Can Take Now to Protect Against Malicious Cyber Activity • Do not click on suspicious...
Conti Ransomware
Bulletins RSS - National Cyber Awareness System

Conti Ransomware

Original release date: September 22, 2021 | Last revised: September 29, 2021SummaryImmediate Actions You Can Take Now to Protect Against Conti Ransomware • Use multi-factor authentication. • Segment and segregate...
APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus
Bulletins RSS - National Cyber Awareness System

APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus

Original release date: September 16, 2021 | Last revised: November 22, 2021SummaryThis Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 8. See the...
Ransomware Awareness for Holidays and Weekends
Bulletins RSS - National Cyber Awareness System

Ransomware Awareness for Holidays and Weekends

Original release date: August 31, 2021 | Last revised: September 2, 2021SummaryImmediate Actions You Can Take Now to Protect Against Ransomware • Make an offline backup of your data. •...
Pulse Secure Connect
Analysis Reports RSS - National Cyber Awareness System

Pulse Secure Connect

AR21-236A
Pulse Secure Connect
Analysis Reports RSS - National Cyber Awareness System

Pulse Secure Connect

AR21-236B
Pulse Secure Connect
Analysis Reports RSS - National Cyber Awareness System

Pulse Secure Connect

AR21-236C
Pulse Secure Connect
Analysis Reports RSS - National Cyber Awareness System

Pulse Secure Connect

AR21-236D
Pulse Secure Connect
Analysis Reports RSS - National Cyber Awareness System

Pulse Secure Connect

AR21-236E
BadAlloc Vulnerability Affecting BlackBerry QNX RTOS
Bulletins RSS - National Cyber Awareness System

BadAlloc Vulnerability Affecting BlackBerry QNX RTOS

Original release date: August 17, 2021 | Last revised: August 23, 2021SummaryOn August 17, 2021, BlackBerry publicly disclosed that its QNX Real Time Operating System (RTOS) is affected by a...
Pulse Connect Secure
Analysis Reports RSS - National Cyber Awareness System

Pulse Connect Secure

AR21-202F
Pulse Secure Connect
Analysis Reports RSS - National Cyber Awareness System

Pulse Secure Connect

AR21-202C
Pulse Connect Secure
Analysis Reports RSS - National Cyber Awareness System

Pulse Connect Secure

AR21-202I
Pulse Connect Secure
Analysis Reports RSS - National Cyber Awareness System

Pulse Connect Secure

AR21-202E
Pulse Connect Secure
Analysis Reports RSS - National Cyber Awareness System

Pulse Connect Secure

AR21-202J