Alerts

Alerts

AA23-025A: Protecting Against Malicious Use of Remote Monitoring and Management Software

Original release date: January 25, 2023SummaryThe Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) (hereafter referred to as the “authoring…

Comments Off on AA23-025A: Protecting Against Malicious Use of Remote Monitoring and Management Software
January 25, 2023
Alerts

AA22-335A: #StopRansomware: Cuba Ransomware

Original release date: December 1, 2022SummaryActions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts.…

Comments Off on AA22-335A: #StopRansomware: Cuba Ransomware
December 1, 2022
Alerts

AA22-321A: #StopRansomware: Hive Ransomware

Original release date: November 17, 2022SummaryActions to Take Today to Mitigate Cyber Threats from Ransomware: • Prioritize remediating known exploited vulnerabilities. • Enable and enforce multifactor authentication with strong passwords…

Comments Off on AA22-321A: #StopRansomware: Hive Ransomware
November 17, 2022
Alerts

AA22-320A: Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester

Original release date: November 16, 2022SummaryFrom mid-June through mid-July 2022, CISA conducted an incident response engagement at a Federal Civilian Executive Branch (FCEB) organization where CISA observed suspected advanced persistent…

Comments Off on AA22-320A: Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester
November 16, 2022
Alerts

AA22-294A: #StopRansomware: Daixin Team

Original release date: October 21, 2022SummaryActions to take today to mitigate cyber threats from ransomware: • Install updates for operating systems, software, and firmware as soon as they are released.…

Comments Off on AA22-294A: #StopRansomware: Daixin Team
October 21, 2022
Alerts

AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization

Original release date: October 4, 2022SummaryActions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity: • Enforce multifactor authentication (MFA) on all user accounts. • Implement network segmentation to separate…

Comments Off on AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization
October 4, 2022
Alerts

AA22-265A: Control System Defense: Know the Opponent

Original release date: September 22, 2022SummaryTraditional approaches to securing OT/ICS do not adequately address current threats. Operational technology/industrial control system (OT/ICS) assets that operate, control, and monitor day-to-day critical infrastructure…

Comments Off on AA22-265A: Control System Defense: Know the Opponent
September 22, 2022
Alerts

AA22-257A: Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations

Original release date: September 14, 2022SummaryActions to take today to protect against ransom operations: • Keep systems and software updated and prioritize remediating known exploited vulnerabilities. • Enforce MFA. •…

Comments Off on AA22-257A: Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations
September 14, 2022