Original release date: April 8, 2020
Summary
This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC).
This alert provides information on...
Original release date: February 18, 2020 | Last revised: June 30, 2020
Summary
Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework. See the MITRE ATT&CK for Enterprise and Link Removed frameworks for all referenced threat actor...
access control
cisa
control systems
cybersecurity
data backup
data security
emergency planning
incident response
it networks
mitigation strategies
multipoint authentication
network segmentation
operational technology
ot networks
pipeline operations
productivity loss
ransomware
spearphishing
threat actor techniques
user training
Original release date: July 1, 2020
Summary
This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) and Pre-ATT&CK framework. See the ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced threat actor techniques.
This advisory—written by the...
anonymity
apt
cisa
command and control
cybersecurity
data exfiltration
data manipulation
denial of service
exploitation
fbi
incident response
indicators of compromise
malicious activity
network monitoring
network security
reconnaissance
risk mitigation
security tools
threat actors
tor
Original release date: June 30, 2020
Summary
Cybersecurity and Infrastructure Security Agency (CISA) analysts have compiled the top detection signatures that have been the most active over the month of May in our national Intrusion Detection System (IDS), known as EINSTEIN. This information is...
Original release date: May 12, 2020
Summary
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the broader U.S. Government are providing this technical guidance to advise IT security professionals at public and private sector...
Original release date: May 5, 2020
Summary
This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC).
CISA and NCSC continue to see indications that...
Original release date: April 8, 2020
Summary
This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC).
This alert provides information on...
Original release date: March 13, 2020
Summary
As organizations prepare for possible impacts of Coronavirus Disease 2019 (COVID-19), many may consider alternate workplace options for their employees. Remote work options—or telework—require an enterprise virtual private network (VPN) solution to...
Original release date: February 18, 2020
Summary
Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework. See the MITRE ATT&CK for Enterprise and Link Removed frameworks for all referenced threat actor techniques and mitigations.
CISA...
cisa
control systems
cybersecurity
data backup
data integrity
emergency response
hmi
incident response
infrastructure
it network
loss of productivity
mitigation
network segmentation
operational technology
ot network
phishing
pipeline security
ransomware
spearphishing
threat actor
Original release date: January 20, 2020<br/><h3>Summary</h3><p>On January 19, 2020, Citrix released firmware updates for Citrix Application Delivery Controller (ADC) and Citrix Gateway versions 11.1 and 12.0 to address CVE-2019-19781. Citrix expects to release updates for other vulnerable...
Original release date: January 10, 2020
Summary
Unpatched Pulse Secure VPN servers continue to be an attractive target for malicious actors. Affected organizations that have not applied the software patch to fix a remote code execution (RCE) vulnerability, known as CVE-2019-11510, can become...
Original release date: January 6, 2020
Summary
The Cybersecurity and Infrastructure Security Agency (CISA) is sharing the following information with the cybersecurity community as a primer for assisting in the protection of our Nation’s critical infrastructure in light of the current tensions...
Original release date: December 5, 2019
Summary
This Alert is the result of recent collaboration between the Department of the Treasury Financial Sector Cyber Information Group (CIG) and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) to identify and share...
Original release date: June 17, 2019
Summary
The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this Activity Alert to provide information on a vulnerability, known as “BlueKeep,” that exists in the following Microsoft Windows Operating Systems (OSs), including both 32- and...
bluekeep
cisa
cve-2019-0708
cybersecurity
end-of-life
exploitation
malware
microsoft
mitigation
network authentication
operating systems
patch management
patches
rdp
remote access
security
tcp port
user rights
vulnerability
windows
Original release date: May 02, 2019
Summary
The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this activity alert in response to recently disclosed exploits that target unsecure configurations of SAP components. [1]
Technical Details
A presentation at the April 2019...
access control
acls
cisa
configuration
cybersecurity
exploits
internet exposure
message server
mitigation
network security
os commands
presentation
remote code execution
research
routing
sap
security recommendations
security tools
snc
vulnerabilities
Original release date: January 24, 2019
Summary
The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a global Domain Name System (DNS) infrastructure hijacking campaign. Using compromised...