mitigation

  1. AA20-195A: Critical Vulnerability in SAP NetWeaver AS Java

    Original release date: July 13, 2020 Summary On July 13, 2020 EST, SAP released a Link Removed to address a critical vulnerability, Link Removed, affecting the SAP NetWeaver Application Server (AS) Java component LM Configuration Wizard. An unauthenticated attacker can exploit this...
    • News
    • Thread
    • access application attacker cisa configuration cve-2020-6287 cybersecurity data exploitation integrity java mitigation monitoring netweaver patch recommendations sap security system vulnerability
    • Replies: 0
    • Forum: Security Alerts

  2. AA20-182A: EINSTEIN Data Trends – 30-day Lookback

    Original release date: June 30, 2020 Summary Cybersecurity and Infrastructure Security Agency (CISA) analysts have compiled the top detection signatures that have been the most active over the month of May in our national Intrusion Detection System (IDS), known as EINSTEIN. This information is...
    • News
    • Thread
    • antivirus cisa cryptocurrency miner cybersecurity einstein ids kovter malware mitigation netsupport network security phishing rat remote access security updates situational awareness snort signatures threat detection xmrig
    • Replies: 0
    • Forum: Security Alerts

  3. AA20-133A: Top 10 Routinely Exploited Vulnerabilities

    Original release date: May 12, 2020 Summary The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the broader U.S. Government are providing this technical guidance to advise IT security professionals at public and private sector...
    • News
    • Thread
    • adobe flash best practices cisa cve cybersecurity exploitation fbi foreign actors indicator malware microsoft mitigation network security o365 patch management ransomware security threats vpn vulnerability
    • Replies: 0
    • Forum: Security Alerts

  4. AA20-126A: APT Groups Target Healthcare and Essential Services

    Original release date: May 5, 2020 Summary This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). CISA and NCSC continue to see indications that...
    • News
    • Thread
    • apt groups authentication covid 19 cyber incident cybersecurity data theft healthcare incident management intellectual property malicious software mitigation network security password spraying pharmaceuticals remote work research organizations sensitive data supply chain threat actors vpn vulnerabilities
    • Replies: 0
    • Forum: Security Alerts

  5. AA20-107A: Continued Threat Actor Exploitation Post Pulse Secure VPN Patching

    Original release date: April 16, 2020 | Last revised: June 30, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques and mitigations...
    • News
    • Thread
    • active directory cisa credential dumping cve-2019-11510 cybersecurity detection exploitation incident response indicators of compromise iocs lateral movement mitigation network security pulse secure ransomware remote access remote services threat actors vpn vulnerability
    • Replies: 0
    • Forum: Security Alerts

  6. AA20-106A: Guidance on the North Korean Cyber Threat

    Original release date: April 15, 2020 | Last revised: June 23, 2020 Summary The U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation are issuing this advisory as a comprehensive resource on the North Korean cyber threat for the international...
    • News
    • Thread
    • awareness critical infrastructure cryptojacking cyber threats cybercrime cybersecurity digital currency dprk espionage extortion financial crime government hidden cobra international cooperation malware mitigation network defense north korea ransomware sanctions
    • Replies: 0
    • Forum: Security Alerts

  7. AA20-099A: COVID-19 Exploited by Malicious Cyber Actors

    Original release date: April 8, 2020 Summary This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). This alert provides information on...
    • News
    • Thread
    • apt cisa compromise covid 19 credential theft cybersecurity email security indicator malicious actors malware mitigation ncsc phishing ransomware remote access scam social engineering teleconferencing telework vpn
    • Replies: 0
    • Forum: Security Alerts

  8. VIDEO AA20-049A: Ransomware Impacting Pipeline Operations

    Original release date: February 18, 2020 | Last revised: June 30, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework. See the MITRE ATT&CK for Enterprise and Link Removed frameworks for all referenced threat actor...
    • News
    • Thread
    • access control backup cisa cybersecurity data security emergency planning incident response industrial control systems it networks mitigation multipoint authentication network segmentation operational technology ot network pipeline productivity ransomware spear phishing threat actors user training
    • Replies: 0
    • Forum: Security Alerts

  9. AA20-182A: EINSTEIN Data Trends – 30-day Lookback

    Original release date: June 30, 2020 Summary Cybersecurity and Infrastructure Security Agency (CISA) analysts have compiled the top detection signatures that have been the most active over the month of May in our national Intrusion Detection System (IDS), known as EINSTEIN. This information is...
    • News
    • Thread
    • analysis cisa compartments cybersecurity detection einstein ids kovter malware mitigation netsupport network rat security snort tcpsecurity threats update vulnerability xmrig
    • Replies: 0
    • Forum: Security Alerts

  10. AA20-133A: Top 10 Routinely Exploited Vulnerabilities

    Original release date: May 12, 2020 Summary The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the broader U.S. Government are providing this technical guidance to advise IT security professionals at public and private sector...
    • News
    • Thread
    • apachestruts cisa cloud computing cve cybersecurity education exploitation malware microsoft mitigation network security ole patch management ransomware remote work security best practices threats vpn vulnerability
    • Replies: 0
    • Forum: Security Alerts

  11. AA20-126A: APT Groups Target Healthcare and Essential Services

    Original release date: May 5, 2020 Summary This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). CISA and NCSC continue to see indications that...
    • News
    • Thread
    • apt groups cisa covid 19 cybersecurity data breach healthcare incident management intellectual property malware mitigation ncsc password spraying pharmaceuticals remote work research organizations security policies sensitive data supply chain threat actors vulnerability
    • Replies: 0
    • Forum: Security Alerts

  12. AA20-120A: Microsoft Office 365 Security Recommendations

    Original release date: April 29, 2020 Summary As organizations adapt or change their enterprise collaboration capabilities to meet “telework” requirements, many organizations are migrating to Microsoft Office 365 (O365) and other cloud collaboration services. Due to the speed of these...
    • News
    • Thread
    • administrator alert audit logs authentication best practices cloud solutions collaboration cybersecurity legacy protocols microsoft microsoft 365 mitigation multi-factor recommendations regulatory compliance roles security siem telework threats
    • Replies: 0
    • Forum: Security Alerts

  13. AA20-107A: Continued Threat Actor Exploitation Post Pulse Secure VPN Patching

    Original release date: April 16, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques and mitigations. This Alert provides an update...
    • News
    • Thread
    • active directory credential theft cve-2019-11510 cyber threats cybersecurity data exfiltration detection exploitation incident response indicators of compromise lateral movement malware mitigation network security patch management pulse secure remote access threat actors vpn vulnerability
    • Replies: 0
    • Forum: Security Alerts

  14. AA20-099A: COVID-19 Exploited by Malicious Cyber Actors

    Original release date: April 8, 2020 Summary This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). This alert provides information on...
    • News
    • Thread
    • apt groups cisa covid 19 credential theft cyber threats cybersecurity exploitation indicators of compromise malicious software malware mitigation ncsc phishing ransomware remote access scam social engineering teleconferencing telework vpn
    • Replies: 0
    • Forum: Security Alerts

  15. AA20-073A: Enterprise VPN Security

    Original release date: March 13, 2020 Summary As organizations prepare for possible impacts of Coronavirus Disease 2019 (COVID-19), many may consider alternate workplace options for their employees. Remote work options—or telework—require an enterprise virtual private network (VPN) solution to...
    • News
    • Thread
    • access authentication cisa connection cybersecurity incident response infrastructure malware mfa mitigation nist patch management phishing remote work security telework update vpn vulnerability
    • Replies: 0
    • Forum: Security Alerts

  16. VIDEO AA20-049A: Ransomware Impacting Pipeline Operations

    Original release date: February 18, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework. See the MITRE ATT&CK for Enterprise and Link Removed frameworks for all referenced threat actor techniques and mitigations. CISA...
    • News
    • Thread
    • backup cisa cybersecurity data integrity emergency hmi incident response industrial control systems infrastructure mitigation network network segmentation operational technology ot network phishing pipeline security productivity ransomware spear phishing threat actors
    • Replies: 0
    • Forum: Security Alerts

  17. AA20-031A: Detecting Citrix CVE-2019-19781

    Original release date: January 31, 2020 Summary Unknown cyber network exploitation (CNE) actors have successfully compromised numerous organizations that employed vulnerable Citrix devices through a critical vulnerability known as CVE-2019-19781.Link Removed Though mitigations were released...
    • News
    • Thread
    • alert apache backdoor citrix cve-2019-19781 cybersecurity detection exploitation firmware intrusion iocs log review mitigation network network traffic process remediation security technical vulnerability
    • Replies: 0
    • Forum: Security Alerts

  18. AA20-020A: Critical Vulnerability in Citrix Application Delivery Controller, Gateway, and SD-WAN WANOP

    Original release date: January 20, 2020<br/><h3>Summary</h3><p>On January 19, 2020, Citrix released firmware updates for Citrix Application Delivery Controller (ADC) and Citrix Gateway versions 11.1 and 12.0 to address CVE-2019-19781. Citrix expects to release updates for other vulnerable...
    • News
    • Thread
    • adc appliances cisa citrix critical cve-2019-19781 cybersecurity detection execution exploitation firmware gateway impact mitigation nsa remote sd-wan security update vulnerability
    • Replies: 0
    • Forum: Security Alerts

  19. AA20-014A: Critical Vulnerabilities in Microsoft Windows Operating Systems

    Original release date: January 14, 2020 Summary New vulnerabilities are continually emerging, but the best defense against attackers exploiting patched vulnerabilities is simple: keep software up to date. Timely patching is one of the most efficient and cost-effective steps an organization can...
    • News
    • Thread
    • certificate cryptography api cve-2020-0601 cve-2020-0609 cve-2020-0610 cve-2020-0611 cybersecurity exploitation information technology malware mitigation network patch management rdp remote desktop security threats vulnerability windows
    • Replies: 0
    • Forum: Security Alerts

  20. AA20-010A: Continued Exploitation of Pulse Secure VPN Vulnerability

    Original release date: January 10, 2020 Summary Unpatched Pulse Secure VPN servers continue to be an attractive target for malicious actors. Affected organizations that have not applied the software patch to fix a remote code execution (RCE) vulnerability, known as CVE-2019-11510, can become...
    • News
    • Thread
    • access denied cisa cve-2019-11510 cyber threats cybersecurity exploitation incident response malware mitigation network security patch management pulse secure rce remote access security advisory software update threat actors unpatched servers vpn vulnerability
    • Replies: 0
    • Forum: Security Alerts