Alerts

Alerts

AA23-039A: ESXiArgs Ransomware Virtual Machine Recovery Guidance

Original release date: February 8, 2023SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) in response to the…

Comments Off on AA23-039A: ESXiArgs Ransomware Virtual Machine Recovery Guidance
February 8, 2023
Alerts

AA23-025A: Protecting Against Malicious Use of Remote Monitoring and Management Software

Original release date: January 25, 2023SummaryThe Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) (hereafter referred to as the “authoring…

Comments Off on AA23-025A: Protecting Against Malicious Use of Remote Monitoring and Management Software
January 25, 2023
Alerts

AA22-335A: #StopRansomware: Cuba Ransomware

Original release date: December 1, 2022SummaryActions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts.…

Comments Off on AA22-335A: #StopRansomware: Cuba Ransomware
December 1, 2022
Alerts

AA22-321A: #StopRansomware: Hive Ransomware

Original release date: November 17, 2022SummaryActions to Take Today to Mitigate Cyber Threats from Ransomware: • Prioritize remediating known exploited vulnerabilities. • Enable and enforce multifactor authentication with strong passwords…

Comments Off on AA22-321A: #StopRansomware: Hive Ransomware
November 17, 2022
Alerts

AA22-320A: Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester

Original release date: November 16, 2022SummaryFrom mid-June through mid-July 2022, CISA conducted an incident response engagement at a Federal Civilian Executive Branch (FCEB) organization where CISA observed suspected advanced persistent…

Comments Off on AA22-320A: Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester
November 16, 2022
Alerts

AA22-294A: #StopRansomware: Daixin Team

Original release date: October 21, 2022SummaryActions to take today to mitigate cyber threats from ransomware: • Install updates for operating systems, software, and firmware as soon as they are released.…

Comments Off on AA22-294A: #StopRansomware: Daixin Team
October 21, 2022
Alerts

AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization

Original release date: October 4, 2022SummaryActions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity: • Enforce multifactor authentication (MFA) on all user accounts. • Implement network segmentation to separate…

Comments Off on AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization
October 4, 2022
Alerts

AA22-265A: Control System Defense: Know the Opponent

Original release date: September 22, 2022SummaryTraditional approaches to securing OT/ICS do not adequately address current threats. Operational technology/industrial control system (OT/ICS) assets that operate, control, and monitor day-to-day critical infrastructure…

Comments Off on AA22-265A: Control System Defense: Know the Opponent
September 22, 2022