Alerts

Alerts

AA21-229A: BadAlloc Vulnerability Affecting BlackBerry QNX RTOS

Original release date: August 17, 2021SummaryOn August 17, 2021, BlackBerry publicly disclosed that its QNX Real Time Operating System (RTOS) is affected by a BadAlloc vulnerability—CVE-2021-22156. BadAlloc is a collection…

Comments Off on AA21-229A: BadAlloc Vulnerability Affecting BlackBerry QNX RTOS
August 17, 2021
Alerts

AA21-209A: Top Routinely Exploited Vulnerabilities

Original release date: July 28, 2021SummaryThis Joint Cybersecurity Advisory was coauthored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National…

Comments Off on AA21-209A: Top Routinely Exploited Vulnerabilities
July 29, 2021
Alerts

AA21-201A: Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013

Original release date: July 20, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor…

Comments Off on AA21-201A: Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013
July 20, 2021
Alerts

AA21-200B: Chinese State-Sponsored Cyber Operations: Observed TTPs

Original release date: July 19, 2021SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9, and MITRE D3FEND™ framework, version 0.9.2-BETA-3. See the ATT&CK for Enterprise…

Comments Off on AA21-200B: Chinese State-Sponsored Cyber Operations: Observed TTPs
July 20, 2021
Alerts

AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department

Original release date: July 19, 2021SummaryThis Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to provide information on…

Comments Off on AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department
July 20, 2021
Alerts

AA21-116A: Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders

Original release date: April 26, 2021SummaryThe Federal Bureau of Investigation (FBI), Department of Homeland Security (DHS), and Cybersecurity and Infrastructure Security Agency (CISA) assess Russian Foreign Intelligence Service (SVR) cyber…

Comments Off on AA21-116A: Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders
April 26, 2021
Alerts

AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities

Original release date: April 20, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations by a…

Comments Off on AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities
April 20, 2021