No Picture
Alerts

#StopRansomware: MedusaLocker | CISA

Summary Actions to take today to mitigate cyber threats from ransomware:• Prioritize remediating known exploited vulnerabilities.• Train users to recognize and report phishing attempts.• Enable and enforce multifactor authentication. Note: this joint Cybersecurity Advisory (CSA) […]

No Picture
Alerts

People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices

Best Practices• Apply patches as soon as possible• Disable unnecessary ports and protocols• Replace end-of-life infrastructure• Implement a centralized patch management system This joint Cybersecurity Advisory describes the ways in which People’s Republic of China […]

No Picture
Alerts

Karakurt Data Extortion Group | CISA

Actions to take today to mitigate cyber threats from ransomware:• Prioritize patching known exploited vulnerabilities.• Train users to recognize and report phishing attempts.• Enforce multifactor authentication. The Federal Bureau of Investigation (FBI), the Cybersecurity and […]

No Picture
Alerts

Threat Actors Exploiting F5 BIG-IP CVE-2022-1388

Actions for administrators to take today:• Do not expose management interfaces to the internet.• Enforce multi-factor authentication.• Consider using CISA’s Cyber Hygiene Services. The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing […]

No Picture
Alerts

Weak Security Controls and Practices Routinely Exploited for Initial Access

Best Practices to Protect Your Systems:• Control access.• Harden Credentials.• Establish centralized log management.• Use antivirus solutions.• Employ detection tools.• Operate services exposed on internet-accessible hosts with secure configurations.• Keep software updated. Cyber actors routinely […]

No Picture
Alerts

2021 Top Routinely Exploited Vulnerabilities

This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau […]