Current Activity

CISA Releases New Alert on Post-Compromise Threat Activity in Microsoft Cloud Environments and Tools to Help Detect This Activity

Original release date: January 8, 2021CISA has evidence of post-compromise advanced persistent threat (APT) activity in the cloud environment. Specifically, CISA has seen an APT actor using compromised applications in…

Comments Off

January 8, 2021

Current Activity

MS-ISAC Releases Cybersecurity Advisory on Zyxel Firewalls and AP Controllers

Original release date: January 8, 2021The Multi-State Information Sharing and Analysis Center (MS-ISAC) has released an advisory on a vulnerability in Zyxel firewalls and AP controllers. A remote attacker could exploit…

Comments Off

January 8, 2021

Current Activity

Mozilla Releases Security Updates for Firefox, Firefox for Android, and Firefox ESR

Original release date: January 7, 2021Mozilla has released security updates to address a vulnerability in Firefox, Firefox for Android, and Firefox ESR. An attacker could exploit this vulnerability to take…

Comments Off

January 7, 2021

Current Activity

CISA Updates Emergency Directive 21-01 Supplemental Guidance and Activity Alert on SolarWinds Orion Compromise

Original release date: January 6, 2021CISA has released Emergency Directive (ED) 21-01 Supplemental Guidance version 3: Mitigate SolarWinds Orion Code Compromise, providing guidance that supersedes Required Action 4 of ED…

Comments Off

January 7, 2021

Current Activity

NSA Releases Guidance on Eliminating Obsolete TLS Protocol Configurations

Original release date: January 5, 2021The National Security Agency (NSA) has released a Cybersecurity Information (CSI) sheet on eliminating obsolete Transport Layer Security (TLS) configurations. The information sheet identifies strategies…

Comments Off

January 6, 2021

Current Activity

CISA Releases Free Detection Tool for Azure/M365 Environment

Original release date: December 24, 2020CISA has created a free tool for detecting unusual and potentially malicious activity that threatens users and applications in an Azure/Microsoft O365 environment. The tool…

Comments Off

December 25, 2020

Current Activity

CISA Releases CISA Insights and Creates Webpage on Ongoing APT Cyber Activity

Original release date: December 23, 2020CISA is tracking a known compromise involving SolarWinds Orion products that are currently being exploited by a malicious actor. An advanced persistent threat (APT) actor…

Comments Off

December 23, 2020

Current Activity

CISA Updates Alert and Releases Supplemental Guidance on Emergency Directive for SolarWinds Orion Compromise

Original release date: December 19, 2020CISA has updated AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations, originally released December 17. This update states that…

Comments Off

December 19, 2020

Current Activity

NSA Releases Cybersecurity Advisory on Detecting Abuse of Authentication Mechanisms

Original release date: December 17, 2020The National Security Agency (NSA) has released a cybersecurity advisory on detecting abuse of authentication mechanisms. This advisory describes tactics, techniques, and procedures used by…

Comments Off

December 18, 2020

Current Activity

Active Exploitation of SolarWinds Software

Original release date: December 13, 2020The Cybersecurity and Infrastructure Security Agency (CISA) is aware of active exploitation of SolarWinds Orion Platform software versions 2019.4 through 2020.2.1, released between March 2020…

Comments Off

December 14, 2020