Navigation section
mitigation strategies
-
AA20-182A: EINSTEIN Data Trends – 30-day Lookback
Original release date: June 30, 2020 Summary Cybersecurity and Infrastructure Security Agency (CISA) analysts have compiled the top detection signatures that have been the most active over the month of May in our national Intrusion Detection System (IDS), known as EINSTEIN. This information is...- News
- Thread
- antivirus cisa cryptocurrency miner cybersecurity einstein ids kovter malware mitigation strategies netsupport network security phishing rat remote access tool security updates situational awareness snort signatures threat detection xmrig
- Replies: 0
- Forum: Security Alerts
-
VIDEO AA20-049A: Ransomware Impacting Pipeline Operations
Original release date: February 18, 2020 | Last revised: June 30, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework. See the MITRE ATT&CK for Enterprise and Link Removed frameworks for all referenced threat actor...- News
- Thread
- access control cisa control systems cybersecurity data backup data security emergency planning incident response it networks mitigation strategies multipoint authentication network segmentation operational technology ot networks pipeline operations productivity loss ransomware spearphishing threat actor techniques user training
- Replies: 0
- Forum: Security Alerts
-
AA20-126A: APT Groups Target Healthcare and Essential Services
Original release date: May 5, 2020 Summary This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). CISA and NCSC continue to see indications that...- News
- Thread
- apt groups cisa covid-19 cybersecurity data breach healthcare incident management intellectual property malware mitigation strategies ncsc pharmaceuticals remote work research organizations security policies sensitive data supply chain threat actors vulnerabilities
- Replies: 0
- Forum: Security Alerts
-
AA20-006A: Potential for Iranian Cyber Response to U.S. Military Strike in Baghdad
Original release date: January 6, 2020 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is sharing the following information with the cybersecurity community as a primer for assisting in the protection of our Nation’s critical infrastructure in light of the current tensions...- News
- Thread
- apt techniques cisa cisa recommendations critical infrastructure cyber defense cyber threats cybersecurity data theft ddos attacks incident response iranian cyber irgc malware mitigation strategies network monitoring phishing security best practices threat intelligence user training vulnerability management
- Replies: 0
- Forum: Security Alerts
-
TA18-149A: HIDDEN COBRA – Joanap Backdoor Trojan and Brambul Server Message Block Worm
Original release date: May 29, 2018 Systems Affected Network systems Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS and FBI...- News
- Thread
- brambul brute-force attack compromise indicators cybersecurity dhs fbi hidden cobra intrusion detection ip addresses it security joanap malware malware analysis mitigation strategies network defense network security remote access tool trojan worm
- Replies: 0
- Forum: Security Alerts