Alerts

Alerts

#StopRansomware: Ghost (Cring) Ransomware

Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware…

Comments Off on #StopRansomware: Ghost (Cring) Ransomware
February 19, 2025
Alerts

Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications

Note: The CVEs in this advisory are unrelated to vulnerabilities (CVE-2025-0282 and CVE-2025-0283) in Ivanti’s Connect Secure, Policy Secure and ZTA Gateways. For more information on mitigating CVE -2025-0282 and CVE-2025-0283,…

Comments Off on Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications
January 23, 2025
Alerts

Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization

EXECUTIVE SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) conducted a red team assessment (RTA) at the request of a critical infrastructure organization. During RTAs, CISA’s red team simulates real-world…

Comments Off on Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization
November 22, 2024
Alerts

2023 Top Routinely Exploited Vulnerabilities

Summary The following cybersecurity agencies coauthored this joint Cybersecurity Advisory (hereafter collectively referred to as the authoring agencies): United States: The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau…

Comments Off on 2023 Top Routinely Exploited Vulnerabilities
November 13, 2024
Alerts

Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations

Summary The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), the Communications Security Establishment Canada (CSE), the Australian Federal Police (AFP),…

Comments Off on Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations
October 17, 2024
Alerts

Microsoft Releases October 2024 Security Updates

Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users…

Comments Off on Microsoft Releases October 2024 Security Updates
October 8, 2024
Alerts

Russian Military Cyber Actors Target US and Global Critical Infrastructure

Summary The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence…

Comments Off on Russian Military Cyber Actors Target US and Global Critical Infrastructure
September 6, 2024
Alerts

#StopRansomware: RansomHub Ransomware

Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware…

Comments Off on #StopRansomware: RansomHub Ransomware
August 29, 2024
Alerts

Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations

Summary The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense Cyber Crime Center (DC3) are releasing this joint Cybersecurity Advisory (CSA) to…

Comments Off on Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations
August 29, 2024
Alerts

Best Practices for Event Logging and Threat Detection

Executive Summary This publication defines a baseline for event logging best practices to mitigate cyber threats. It was developed by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC)…

Comments Off on Best Practices for Event Logging and Threat Detection
August 22, 2024