Alerts

Alerts

AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities

Original release date: April 20, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations by a…

Comments Off on AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities
April 20, 2021
Alerts

AA21-076A: TrickBot Malware

Original release date: March 17, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and…

Comments Off on AA21-076A: TrickBot Malware
March 17, 2021
Alerts

AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities

Original release date: March 3, 2021SummaryCybersecurity and Infrastructure Security (CISA) partners have observed active exploitation of vulnerabilities in Microsoft Exchange Server products. Successful exploitation of these vulnerabilities allows an unauthenticated…

Comments Off on AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities
March 3, 2021
Alerts

AA21-055A: Exploitation of Accellion File Transfer Appliance

Original release date: February 24, 2021SummaryThis joint advisory is the result of a collaborative effort by the cybersecurity authorities of Australia,[1] New Zealand,[2] Singapore,[3] the United Kingdom,[4] and the United…

Comments Off on AA21-055A: Exploitation of Accellion File Transfer Appliance
February 24, 2021
Alerts

AA21-048A: AppleJeus: Analysis of North Korea’s Cryptocurrency Malware

Original release date: February 17, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and…

Comments Off on AA21-048A: AppleJeus: Analysis of North Korea’s Cryptocurrency Malware
February 17, 2021
Alerts

AA21-042A: Compromise of U.S. Water Treatment Facility

Original release date: February 11, 2021SummaryOn February 5, 2021, unidentified cyber actors obtained unauthorized access to the supervisory control and data acquisition (SCADA) system at a U.S. drinking water treatment…

Comments Off on AA21-042A: Compromise of U.S. Water Treatment Facility
February 12, 2021
Alerts

AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations

Original release date: December 17, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 8 framework. See the ATT&CK for Enterprise version 8 for all referenced…

Comments Off on AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations
December 17, 2020
Alerts

AA20-345A: Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data

Original release date: December 10, 2020<br/><h3>Summary</h3><p>This Joint Cybersecurity Advisory was coauthored by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing…

Comments Off on AA20-345A: Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data
December 10, 2020