No Picture
Alerts

Conti Ransomware | CISA

Summary Immediate Actions You Can Take Now to Protect Against Conti Ransomware• Use multi-factor authentication.• Segment and segregate networks and functions.• Update your operating system and software. Note: This Alert uses the MITRE Adversarial Tactics, […]

No Picture
Alerts

BadAlloc Vulnerability Affecting BlackBerry QNX RTOS

On August 17, 2021, BlackBerry publicly disclosed that its QNX Serious Time Operating Procedure (RTOS) is impacted by a BadAlloc vulnerability—CVE-2021-22156. BadAlloc is a selection of vulnerabilities impacting multiple RTOSs and supporting libraries.[1] A distant […]

No Picture
Alerts

Top Routinely Exploited Vulnerabilities | CISA

This Joint Cybersecurity Advisory was coauthored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of […]

No Picture
Alerts

Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013

This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. Note: CISA released technical information, including indicators […]

Alerts

Chinese State-Sponsored Cyber Operations: Observed TTPs

This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9, and MITRE D3FEND™ framework, version 0.9.2-BETA-3. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques and the […]

No Picture
Alerts

AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department

Original release date: July 19, 2021 Summary This Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to provide information on a Chinese Advanced […]

Alerts

Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are responding to a spearphishing campaign targeting government organizations, intergovernmental organizations (IGOs), and non-governmental organizations (NGOs). A sophisticated cyber threat actor […]

No Picture
Alerts

DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks

This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency (CISA) and […]