People’s Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection | CISA
Bulletins RSS - National Cyber Awareness System

People’s Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection | CISA

Summary The United States and international cybersecurity authorities are issuing this joint Cybersecurity Advisory (CSA) to highlight a recently discovered cluster of activity of interest associated with a People’s Republic...
#StopRansomware: BianLian Ransomware Group | CISA
Alerts RSS - National Cyber Awareness System

#StopRansomware: BianLian Ransomware Group | CISA

Summary Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These...
Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG | CISA
Bulletins RSS - National Cyber Awareness System

Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG | CISA

SUMMARY The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) in response to the active exploitation of CVE-2023-27350. This...
MAR-10435108-1.v1 ICONICSTEALER | CISA
Bulletins RSS - National Cyber Awareness System

MAR-10435108-1.v1 ICONICSTEALER | CISA

Notification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein....
APT28 Exploits Known Vulnerability to Carry Out Reconnaissance and Deploy Malware on Cisco Routers | CISA
Bulletins RSS - National Cyber Awareness System

APT28 Exploits Known Vulnerability to Carry Out Reconnaissance and Deploy Malware on Cisco Routers | CISA

APT28 accesses poorly maintained Cisco routers and deploys malware on unpatched devices using CVE-2017-6742. Overview and Context The UK National Cyber Security Centre (NCSC), the US National Security Agency (NSA),...
#StopRansomware: LockBit 3.0 | CISA
Bulletins RSS - National Cyber Awareness System

#StopRansomware: LockBit 3.0 | CISA

SUMMARY Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail ransomware variants and ransomware threat actors. These #StopRansomware...
Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server | CISA
Bulletins RSS - National Cyber Awareness System

Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server | CISA

SUMMARY From November 2022 through early January 2023, the Cybersecurity and Infrastructure Security Agency (CISA) and authoring organizations identified the presence of indicators of compromise (IOCs) at a federal civilian...
#StopRansomware: Royal Ransomware | CISA
Bulletins RSS - National Cyber Awareness System

#StopRansomware: Royal Ransomware | CISA

SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These...
#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities | CISA
Bulletins RSS - National Cyber Awareness System

#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities | CISA

SUMMARY Note: This Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and various ransomware threat actors. These...
ESXiArgs Ransomware Virtual Machine Recovery Guidance | CISA
Bulletins RSS - National Cyber Awareness System

ESXiArgs Ransomware Virtual Machine Recovery Guidance | CISA

Summary The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) in response to the ongoing ransomware campaign, known...
Protecting Against Malicious Use of Remote Monitoring and Management Software | CISA
Bulletins RSS - National Cyber Awareness System

Protecting Against Malicious Use of Remote Monitoring and Management Software | CISA

Summary The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) (hereafter referred to as the “authoring organizations”) are releasing this...
Alerts RSS - National Cyber Awareness System

#StopRansomware: Cuba Ransomware | CISA

Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce...
#StopRansomware: Hive Ransomware | CISA
Alerts RSS - National Cyber Awareness System

#StopRansomware: Hive Ransomware | CISA

Summary Actions to Take Today to Mitigate Cyber Threats from Ransomware: • Prioritize remediating known exploited vulnerabilities. • Enable and enforce multifactor authentication with strong passwords • Close unused ports...
Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester | CISA
Alerts RSS - National Cyber Awareness System

Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester | CISA

Summary From mid-June through mid-July 2022, CISA conducted an incident response engagement at a Federal Civilian Executive Branch (FCEB) organization where CISA observed suspected advanced persistent threat (APT) activity. In...
#StopRansomware: Daixin Team | CISA
Alerts RSS - National Cyber Awareness System

#StopRansomware: Daixin Team | CISA

Summary Actions to take today to mitigate cyber threats from ransomware: • Install updates for operating systems, software, and firmware as soon as they are released. • Require phishing-resistant MFA...
Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors | CISA
Alerts RSS - National Cyber Awareness System

Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors | CISA

Summary This joint Cybersecurity Advisory (CSA) provides the top Common Vulnerabilities and Exposures (CVEs) used since 2020 by People’s Republic of China (PRC) state-sponsored cyber actors as assessed by the...
MAR-10365227-2.v1 | CISA
Analysis Reports RSS - National Cyber Awareness System

MAR-10365227-2.v1 | CISA

Notification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein....
10387061-1.v1 XMRig Cryptocurrency Mining Software
Analysis Reports RSS - National Cyber Awareness System

10387061-1.v1 XMRig Cryptocurrency Mining Software

AR22-320A
10410305-1.v1 JSP Webshell | CISA
Analysis Reports RSS - National Cyber Awareness System

10410305-1.v1 JSP Webshell | CISA

AR22-314A
10398871-1.v2 Zimbra October Update | CISA
Analysis Reports RSS - National Cyber Awareness System

10398871-1.v2 Zimbra October Update | CISA

AR22-292A
Analysis Reports RSS - National Cyber Awareness System

MAR-10365227-3.v1 China Chopper Webshells | CISA

AR22-277C
1 2 3