Alerts

Alerts

AA20-182A: EINSTEIN Data Trends – 30-day Lookback

Original release date: June 30, 2020SummaryCybersecurity and Infrastructure Security Agency (CISA) analysts have compiled the top detection signatures that have been the most active over the month of May in…

Comments Off on AA20-182A: EINSTEIN Data Trends – 30-day Lookback
June 30, 2020
Alerts

AA20-133A: Top 10 Routinely Exploited Vulnerabilities

Original release date: May 12, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the broader U.S. Government are providing this technical guidance to advise…

Comments Off on AA20-133A: Top 10 Routinely Exploited Vulnerabilities
May 12, 2020
Alerts

AA20-126A: APT Groups Target Healthcare and Essential Services

This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). CISA…

Comments Off on AA20-126A: APT Groups Target Healthcare and Essential Services
May 5, 2020
Alerts

AA20-120A: Microsoft Office 365 Security Recommendations

As organizations adapt or change their enterprise collaboration capabilities to meet “telework” requirements, many organizations are migrating to Microsoft Office 365 (O365) and other cloud collaboration services. Due to the…

Comments Off on AA20-120A: Microsoft Office 365 Security Recommendations
April 29, 2020
Alerts

AA20-107A: Continued Threat Actor Exploitation Post Pulse Secure VPN Patching

Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques and mitigations. This…

Comments Off on AA20-107A: Continued Threat Actor Exploitation Post Pulse Secure VPN Patching
April 16, 2020
Alerts

AA20-106A: Guidance on the North Korean Cyber Threat

The U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation are issuing this advisory as a comprehensive resource on the North Korean cyber threat…

Comments Off on AA20-106A: Guidance on the North Korean Cyber Threat
April 15, 2020
Alerts

AA20-099A: COVID-19 Exploited by Malicious Cyber Actors

This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). This…

Comments Off on AA20-099A: COVID-19 Exploited by Malicious Cyber Actors
April 8, 2020
Alerts

AA20-073A: Enterprise VPN Security

As organizations prepare for possible impacts of Coronavirus Disease 2019 (COVID-19), many may consider alternate workplace options for their employees. Remote work options—or telework—require an enterprise virtual private network (VPN)…

Comments Off on AA20-073A: Enterprise VPN Security
March 13, 2020
Alerts

AA20-049A: Ransomware Impacting Pipeline Operations

Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework. See the MITRE ATT&CK for Enterprise and ATT&CK for Industrial Control Systems (ICS) frameworks for…

Comments Off on AA20-049A: Ransomware Impacting Pipeline Operations
February 18, 2020
Alerts

AA20-031A: Detecting Citrix CVE-2019-19781

Unknown cyber network exploitation (CNE) actors have successfully compromised numerous organizations that employed vulnerable Citrix devices through a critical vulnerability known as CVE-2019-19781.[1] Though mitigations were released on the same…

Comments Off on AA20-031A: Detecting Citrix CVE-2019-19781
January 31, 2020