Alerts

Alerts

AA22-054A: New Sandworm Malware Cyclops Blink Replaces VPNFilter

Original release date: February 23, 2022SummaryThe Sandworm actor, which the United Kingdom and the United States have previously attributed to the Russian GRU, has replaced the exposed VPNFilter malware with…

Comments Off on AA22-054A: New Sandworm Malware Cyclops Blink Replaces VPNFilter
February 23, 2022
Alerts

AA22-047A: Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology

Original release date: February 16, 2022SummaryActions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity: • Enforce multifactor authentication. • Enforce strong, unique passwords. • Enable M365 Unified Audit Logs.…

Comments Off on AA22-047A: Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology
February 16, 2022
Alerts

AA22-040A: 2021 Trends Show Increased Globalized Threat of Ransomware

Original release date: February 9, 2022SummaryImmediate Actions You Can Take Now to Protect Against Ransomware: • Update your operating system and software. • Implement user training and phishing exercises to raise awareness…

Comments Off on AA22-040A: 2021 Trends Show Increased Globalized Threat of Ransomware
February 9, 2022
Alerts

AA22-011A: Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

Original release date: January 11, 2022SummaryActions Critical Infrastructure Organizations Should Implement to Immediately Strengthen Their Cyber Posture. • Patch all systems. Prioritize patching known exploited vulnerabilities. • Implement multi-factor authentication.…

Comments Off on AA22-011A: Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
January 11, 2022
Alerts

AA21-356A: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

Original release date: December 22, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian Centre for…

Comments Off on AA21-356A: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
December 22, 2021
Alerts

AA21-321A: Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities

Original release date: November 17, 2021SummaryActions to Take Today to Protect Against Iranian State-Sponsored Malicious Cyber Activity • Immediately patch software affected by the following vulnerabilities: CVE-2021-34473, 2018-13379, 2020-12812, and…

Comments Off on AA21-321A: Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
November 17, 2021
Alerts

AA21-291A: BlackMatter Ransomware

Original release date: October 18, 2021SummaryActions You Can Take Now to Protect Against BlackMatter Ransomware • Implement and enforce backup and restoration policies and procedures. • Use strong, unique passwords.…

Comments Off on AA21-291A: BlackMatter Ransomware
October 18, 2021
Alerts

AA21-287A: Ongoing Cyber Threats to U.S. Water and Wastewater Systems

Original release date: October 14, 2021SummaryImmediate Actions WWS Facilities Can Take Now to Protect Against Malicious Cyber Activity • Do not click on suspicious links.• If you use RDP, secure…

Comments Off on AA21-287A: Ongoing Cyber Threats to U.S. Water and Wastewater Systems
October 14, 2021
Alerts

AA21-265A: Conti Ransomware

Original release date: September 22, 2021SummaryImmediate Actions You Can Take Now to Protect Against Conti Ransomware • Use multi-factor authentication. • Segment and segregate networks and functions. • Update your…

Comments Off on AA21-265A: Conti Ransomware
September 22, 2021