Alerts

Alerts

AA21-356A: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

Original release date: December 22, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian Centre for…

Comments Off on AA21-356A: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
December 22, 2021
Alerts

AA21-321A: Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities

Original release date: November 17, 2021SummaryActions to Take Today to Protect Against Iranian State-Sponsored Malicious Cyber Activity • Immediately patch software affected by the following vulnerabilities: CVE-2021-34473, 2018-13379, 2020-12812, and…

Comments Off on AA21-321A: Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
November 17, 2021
Alerts

AA21-291A: BlackMatter Ransomware

Original release date: October 18, 2021SummaryActions You Can Take Now to Protect Against BlackMatter Ransomware • Implement and enforce backup and restoration policies and procedures. • Use strong, unique passwords.…

Comments Off on AA21-291A: BlackMatter Ransomware
October 18, 2021
Alerts

AA21-287A: Ongoing Cyber Threats to U.S. Water and Wastewater Systems

Original release date: October 14, 2021SummaryImmediate Actions WWS Facilities Can Take Now to Protect Against Malicious Cyber Activity • Do not click on suspicious links.• If you use RDP, secure…

Comments Off on AA21-287A: Ongoing Cyber Threats to U.S. Water and Wastewater Systems
October 14, 2021
Alerts

AA21-265A: Conti Ransomware

Original release date: September 22, 2021SummaryImmediate Actions You Can Take Now to Protect Against Conti Ransomware • Use multi-factor authentication. • Segment and segregate networks and functions. • Update your…

Comments Off on AA21-265A: Conti Ransomware
September 22, 2021
Alerts

AA21-243A: Ransomware Awareness for Holidays and Weekends

Original release date: August 31, 2021SummaryImmediate Actions You Can Take Now to Protect Against Ransomware • Make an offline backup of your data. • Do not click on suspicious links.…

Comments Off on AA21-243A: Ransomware Awareness for Holidays and Weekends
August 31, 2021
Alerts

AA21-229A: BadAlloc Vulnerability Affecting BlackBerry QNX RTOS

Original release date: August 17, 2021SummaryOn August 17, 2021, BlackBerry publicly disclosed that its QNX Real Time Operating System (RTOS) is affected by a BadAlloc vulnerability—CVE-2021-22156. BadAlloc is a collection…

Comments Off on AA21-229A: BadAlloc Vulnerability Affecting BlackBerry QNX RTOS
August 17, 2021
Alerts

AA21-209A: Top Routinely Exploited Vulnerabilities

Original release date: July 28, 2021SummaryThis Joint Cybersecurity Advisory was coauthored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National…

Comments Off on AA21-209A: Top Routinely Exploited Vulnerabilities
July 29, 2021