Alerts

Alerts

#StopRansomware: AvosLocker Ransomware (Update)

SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These…

Comments Off on #StopRansomware: AvosLocker Ransomware (Update)
October 12, 2023
Alerts

NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations

A plea for network defenders and software manufacturers to fix common problems. EXECUTIVE SUMMARY The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint…

Comments Off on NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations
October 6, 2023
Alerts

People’s Republic of China-Linked Cyber Actors Hide in Router Firmware

Executive Summary The United States National Security Agency (NSA), the U.S. Federal Bureau of Investigation (FBI), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Japan National Police Agency (NPA),…

Comments Off on People’s Republic of China-Linked Cyber Actors Hide in Router Firmware
September 28, 2023
Alerts

#StopRansomware: Snatch Ransomware

SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These…

Comments Off on #StopRansomware: Snatch Ransomware
September 21, 2023
Alerts

Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475

SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Cyber National Mission Force (CNMF) identified the presence of indicators of compromise (IOCs) at an Aeronautical…

Comments Off on Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475
September 8, 2023
Alerts

Identification and Disruption of QakBot Infrastructure

SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) to disseminate QakBot infrastructure indicators of compromise (IOCs) identified…

Comments Off on Identification and Disruption of QakBot Infrastructure
August 31, 2023
Alerts

2022 Top Routinely Exploited Vulnerabilities

SUMMARY The following cybersecurity agencies coauthored this joint Cybersecurity Advisory (CSA): United States: The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI)…

Comments Off on 2022 Top Routinely Exploited Vulnerabilities
August 4, 2023
Alerts

Threat Actors Exploiting Ivanti EPMM Vulnerabilities

SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and the Norwegian National Cyber Security Centre (NCSC-NO) are releasing this joint Cybersecurity Advisory (CSA) in response to active exploitation of CVE-2023-35078…

Comments Off on Threat Actors Exploiting Ivanti EPMM Vulnerabilities
August 1, 2023
Alerts

Preventing Web Application Access Control Abuse

SUMMARY The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security Agency (NSA) are releasing this joint Cybersecurity Advisory to…

Comments Off on Preventing Web Application Access Control Abuse
July 28, 2023
Alerts

Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells

SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this Cybersecurity Advisory to warn network defenders about exploitation of CVE-2023-3519, an unauthenticated remote code execution (RCE) vulnerability affecting NetScaler…

Comments Off on Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells
July 20, 2023