Alerts

Mitigate Microsoft Exchange Server Vulnerabilities

Microsoft has released out-of-band security updates to address four vulnerabilities in Exchange Server: It is possible for an attacker, once authenticated to the Exchange server, to gain access to the Active Directory environment and download […]

No Picture
Alerts

Exploitation of Accellion File Transfer Appliance

This joint advisory is the end result of a collaborative effort by the cybersecurity authorities of Australia,[1] New Zealand,[2] Singapore,[3] the United Kingdom,[4] and the United States.[5][6] These authorities are mindful of cyber actors exploiting […]

No Picture
Alerts

Compromise of U.S. Water Treatment Facility

Summary On February 5, 2021, unknown cyber actors attained unauthorized accessibility to the supervisory manage and data acquisition (SCADA) procedure at a U.S. drinking water therapy plant. The unidentified actors applied the SCADA system’s application […]

No Picture
Alerts

Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations

This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 8 framework. See the ATT&CK for Enterprise version 8 for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security […]