CISA Cybersecurity Alerts
33 FOLLOWERS
Flash cybersecurity advisories from the US Government. These alerts provide timely technical and operational information, indicators of compromise, and mitigations for current major security threats, vulnerabilities, and exploits. These alerts have been edited and adapted for audio by The CyberWire as a public service.
CISA Cybersecurity Alerts
11M ago
CISA, FBI, the MS-ISAC, and international partners are releasing this Cybersecurity Advisory to detail LockBit ransomware incidents and provide recommended mitigations to enable network defenders to proactively improve their organization’s defenses against this ransomware operation.
AA23-165A Alert, Technical Details, and Mitigations
Stopransomware.gov is a whole-of-government approach that gives one central location for ransomware resources and alerts.
See the Center for Internet Security (CIS) Critical Security Controls (CIS Controls) https://www.cisecurity.org/insights/white-papers/cis-comm ..read more
CISA Cybersecurity Alerts
11M ago
FBI and CISA are releasing this joint CSA to disseminate known CL0P ransomware IOCs and TTPs identified through FBI investigations as recently as June 2023.
AA23-158A Alert, Technical Details, and Mitigations
Stopransomware.gov is a whole-of-government approach that gives one central location for ransomware resources and alerts.
Resource to mitigate a ransomware attack: CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide.
Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft | Mandiant
MOVEit Transfer Critical Vulnerability (May 2023) - Progre ..read more
CISA Cybersecurity Alerts
1y ago
Cybersecurity authorities are issuing this joint Cybersecurity Advisory to highlight a recent cluster of activity associated with a People’s Republic of China state-sponsored cyber actor, also known as Volt Typhoon.
AA23-144A Alert, Technical Details, and Mitigations
Active Directory and domain controller hardening: Best Practices for Securing Active Directory | Microsoft Learn
CISA regional cyber threats: China Cyber Threat Overview and Advisories
Microsoft Threat Intelligence blog: Volt Typhoon targets US critical infrastructure with living-off-the-land techniques | Microsoft Security ..read more
CISA Cybersecurity Alerts
1y ago
FBI, CISA, and the Australian Cyber Security Centre are releasing this joint Cybersecurity Advisory to disseminate known BianLian ransomware and data extortion group IOCs and TTPs identified through FBI and ACSC investigations as of March 2023.
AA23-136A Alert, Technical Details, and Mitigations
AA23-136A.STIX_.xml
Stopransomware.gov, a whole-of-government approach with one central location for U.S. ransomware resources and alerts.
cyber.gov.au for the Australian Government’s central location to report cyber incidents, including ransomware, and to see advice and alerts. The site also provides ..read more
CISA Cybersecurity Alerts
1y ago
FBI and CISA are releasing this joint Cybersecurity Advisory in response to the active exploitation of CVE-2023-27350. This vulnerability occurs in certain versions of PaperCut NG and PaperCut MF, software applications that help organizations manage printing services, and enables an unauthenticated actor to execute malicious code remotely without credentials.
AA23-131A Alert, Technical Details, and Mitigations
PaperCut: URGENT | PaperCut MF/NG vulnerability bulletin (March 2023)
Huntress: Critical Vulnerabilities in PaperCut Print Management Software
No-cost cyber hygiene services: Cyber ..read more
CISA Cybersecurity Alerts
1y ago
The Snake implant is considered the most sophisticated cyber espionage tool designed and used by Center 16 of Russia’s Federal Security Service, or FSB, for long-term intelligence collection on sensitive targets.
AA23-129A Alert, Technical Details, and Mitigations
For more information on FSB and Russian state-sponsored cyber activity, please see the joint advisory Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure and CISA’s Russia Cyber Threat Overview and Advisories webpage.
No-cost cyber hygiene services: Cyber Hygiene Services and Ransomware Readiness Assessment ..read more
CISA Cybersecurity Alerts
1y ago
CISA, FBI, and the Multi-State Information Sharing and Analysis Center are releasing this joint advisory to share known LockBit 3.0 ransomware IOCs and TTPs identified through FBI investigations as recently as March 2023.
AA23-075A Alert, Technical Details, and Mitigations
Stopransomware.gov is a whole-of-government approach that gives one central location for ransomware resources and alerts.
Resource to mitigate a ransomware attack: CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide.
No-cost cyber hygiene services: Cyber Hygiene Services and Ransomware R ..read more
CISA Cybersecurity Alerts
1y ago
CISA, FBI, and the Multi-State Information Sharing and Analysis Center are releasing this joint Cybersecurity Advisory to provide IT infrastructure defenders with TTPs, IOCs, and methods to detect and protect against recent exploitation against Microsoft Internet Information Services web servers.
AA23-074A Alert, Technical Details, and Mitigations
AA23-074A STIX XML
MAR-10413062-1.v1 Telerik Vulnerability in U.S. Government IIS Server
Telerik: Exploiting .NET JavaScriptSerializer Deserialization (CVE-2019-18935)
ACSC Advisory 2020-004
Bishop Fox CVE-2019-18935: Remote Code Execution via Insecu ..read more
CISA Cybersecurity Alerts
1y ago
The Cybersecurity and Infrastructure Security Agency is releasing this Cybersecurity Advisory detailing activity and key findings from a recent CISA red team assessment—in coordination with the assessed organization—to provide network defenders recommendations for improving their organization's cyber posture.
AA23-059A Alert, Technical Details, and Mitigations
No-cost cyber hygiene services: Cyber Hygiene Services and Ransomware Readiness Assessment.
See CISA Insights Mitigations and Hardening Guidance for MSPs and Small- and Mid-sized Businesses for guidance on hardening MSP and customer infr ..read more
CISA Cybersecurity Alerts
1y ago
The cybersecurity authorities of the UK, Australia, Canada, New Zealand, and the US have observed a recent increase in malicious cyber activity against managed service providers (MSPs). Allied cybersecurity authorities expect state-sponsored cyber actors to increase their targeting of MSPs in an attempt to exploit provider-customer trust relationships. This advisory includes security guidance tailored for both MSPs and their customers.
AA22-131A Alert, Technical Details, and Mitigations
Technical Approaches to Uncovering and Remediating Malicious Activity
Mitigations and Hardening Guidan ..read more