On October 16, 2024, the Cybersecurity and Infrastructure Security Agency (CISA), along with the FBI, NSA, and several international partners, released a critical advisory warning organizations about the cyber threat posed by Iranian cyber actors. Dubbed "Iranian Cyber Actors Brute Force and...
In recent reports, a security researcher made headlines by uncovering a serious vulnerability that allows attackers to downgrade Windows devices permanently. This discovery raises significant concerns for Windows users, as it highlights the potential for exploitation that could undermine the...
cve-2024-21302
cve-2024-38202
downgrade attack
endpoint security
microsoft defender
multi-factorauthentication
user precautions
vulnerability
windows security
Original release date: September 22, 2021
Summary
Immediate Actions You Can Take Now to Protect Against Conti Ransomware
• Use Link Removed.
• Segment and segregate networks and functions.
• Update your operating system and software.
Note: This Alert uses the MITRE Adversarial Tactics...
Original release date: August 31, 2021
Summary
Immediate Actions You Can Take Now to Protect Against Ransomware
• Make an offline backup of your data.
• Do not click on Link Removed.
• If you use RDP, secure and monitor it.
• Link Removed your OS and software.
• Use Link Removed.
• Use Link...
Original release date: April 26, 2021
Summary
The Federal Bureau of Investigation (FBI), Department of Homeland Security (DHS), and Cybersecurity and Infrastructure Security Agency (CISA) assess Russian Foreign Intelligence Service (SVR) cyber actors—also known as Advanced Persistent Threat 29...
Original release date: December 1, 2020<br/><h3>Summary</h3><p class="tip-intro" style="font-size: 15px;"><em>This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the <a href="Techniques - Enterprise | MITRE ATT&CK®">ATT&CK for...
Original release date: October 22, 2020
Summary
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are warning that Iranian advanced persistent threat (APT) actors are likely intent on influencing and interfering with the U.S. elections to...
Original release date: April 29, 2020
Summary
As organizations adapt or change their enterprise collaboration capabilities to meet “telework” requirements, many organizations are migrating to Microsoft Office 365 (O365) and other cloud collaboration services. Due to the speed of these...
alerts
audit logging
azure active directory
best practices
cloud collaboration
configuration
cybersecurity
data protection
least privilege
legacy protocols
microsoft teams
multi-factorauthentication
office 365
operational security
phishing prevention
recommendations
security
siem integration
user access control
work from home
Original release date: March 27, 2018
Systems Affected
Networked systems
Overview
According to information derived from FBI investigations, malicious cyber actors are increasingly using a style of brute force attack known as password spraying against organizations in the United States and...
Original release date: August 01, 2015
Systems Affected
Microsoft Windows Systems, Adobe Flash Player, and Linux
Overview
Between June and July 2015, the United States Computer Emergency Readiness Team (US-CERT) received reports of multiple, ongoing and likely evolving, email-based phishing...
Original release date: April 10, 2013 | Last revised: June 24, 2013
Systems Affected Any system using password authentication accessible from the internet may be affected. Critical infrastructure and other important embedded systems, appliances, and devices are of particular concern...