Alerts

Alerts

Threat Actors Exploiting Ivanti EPMM Vulnerabilities

SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and the Norwegian National Cyber Security Centre (NCSC-NO) are releasing this joint Cybersecurity Advisory (CSA) in response to active exploitation of CVE-2023-35078…

Comments Off on Threat Actors Exploiting Ivanti EPMM Vulnerabilities
August 1, 2023
Alerts

Preventing Web Application Access Control Abuse

SUMMARY The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security Agency (NSA) are releasing this joint Cybersecurity Advisory to…

Comments Off on Preventing Web Application Access Control Abuse
July 28, 2023
Alerts

Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells

SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this Cybersecurity Advisory to warn network defenders about exploitation of CVE-2023-3519, an unauthenticated remote code execution (RCE) vulnerability affecting NetScaler…

Comments Off on Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells
July 20, 2023
Alerts

Enhanced Monitoring to Detect APT Activity Targeting Outlook Online

SUMMARY In June 2023, a Federal Civilian Executive Branch (FCEB) agency identified suspicious activity in their Microsoft 365 (M365) cloud environment. The agency reported the activity to Microsoft and the…

Comments Off on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online
July 13, 2023
Alerts

Increased Truebot Activity Infects U.S. and Canada Based Networks

SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Canadian Centre for Cyber Security (CCCS)…

Comments Off on Increased Truebot Activity Infects U.S. and Canada Based Networks
July 7, 2023
Alerts

Understanding Ransomware Threat Actors: LockBit

SUMMARY In 2022, LockBit was the most deployed ransomware variant across the world and continues to be prolific in 2023. Since January 2020, affiliates using LockBit have attacked organizations of…

Comments Off on Understanding Ransomware Threat Actors: LockBit
June 15, 2023
Alerts

#StopRansomware: BianLian Ransomware Group

Summary Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These…

Comments Off on #StopRansomware: BianLian Ransomware Group
May 17, 2023
Alerts

Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG

SUMMARY The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) in response to the active exploitation of CVE-2023-27350. This…

Comments Off on Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG
May 12, 2023