AA20-280A: Emotet Malware

Original release date: October 6, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.…

Comments Off on AA20-280A: Emotet Malware

Vulnerability Summary for the Week of September 28, 2020

Original release date: October 5, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not…

Comments Off on Vulnerability Summary for the Week of September 28, 2020

October is National Cybersecurity Awareness Month

Original release date: October 1, 2020October is National Cybersecurity Awareness Month (NCSAM), which is a collaborative effort between the Cybersecurity and Infrastructure Security Agency (CISA) and its public and private…

Comments Off on October is National Cybersecurity Awareness Month

CISA and CNMF Identify a New Malware Variant

Original release date: October 1, 2020The Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Defense (DOD) Cyber National Mission Force (CNMF) have identified a malware variant—referred to as…

Comments Off on CISA and CNMF Identify a New Malware Variant

AA20-275A: Potential for China Cyber Response to Heightened U.S.–China Tensions

Original release date: October 1, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.…

Comments Off on AA20-275A: Potential for China Cyber Response to Heightened U.S.–China Tensions

CISA and MS-ISAC Release Ransomware Guide

Original release date: September 30, 2020The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have released a joint Ransomware Guide that details practices…

Comments Off on CISA and MS-ISAC Release Ransomware Guide

CISA Releases Telework Essentials Toolkit

Original release date: September 30, 2020The Cybersecurity and Infrastructure Security Agency (CISA) has released the Telework Essentials Toolkit, a comprehensive resource of telework best practices. The Toolkit provides three personalized…

Comments Off on CISA Releases Telework Essentials Toolkit

Vulnerability Summary for the Week of September 21, 2020

Original release date: September 28, 2020  High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info aveva -- edna_enterprise_data_historian An SQL injection vulnerability exists in the…

Comments Off on Vulnerability Summary for the Week of September 21, 2020