NSA, FBI, CISA, and Japanese Partners Release Advisory on PRC-Linked Cyber Actors 09/27/2023 03:30 PM EDT Today, the U.S. National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Cybersecurity and Infrastructure Security Agency (CISA), along with the Japan National Police Agency (NPA) and the Japan National Center of Incident Readiness and Strategy for Cybersecurity… Continue reading NSA, FBI, CISA, and Japanese Partners Release Advisory on PRC-Linked Cyber Actors
Tag: actors
CISA Releases Update to Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells
CISA Releases Update to Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells 09/06/2023 05:00 PM EDT The Cybersecurity and Infrastructure Security Agency (CISA) has released an update to a previously published Cybersecurity Advisory (CSA), Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells. The CSA—originally released to warn network defenders of critical infrastructure organizations about threat… Continue reading CISA Releases Update to Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells
CISA, FBI, and CNMF Release Advisory on Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475
CISA, FBI, and CNMF Release Advisory on Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475 09/07/2023 01:00 PM EDT Today, CISA, Federal Bureau of Investigation (FBI), and U.S. Cyber Command’s Cyber National Mission Force (CNMF) published a joint Cybersecurity Advisory (CSA), Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475. This CSA provides information on an… Continue reading CISA, FBI, and CNMF Release Advisory on Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475
CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities
CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities 08/01/2023 01:00 PM EDT The Cybersecurity and Infrastructure Security Agency (CISA) and the Norwegian National Cyber Security Centre (NCSC-NO) have released a joint Cybersecurity Advisory (CSA), Threat Actors Exploiting Ivanti EPMM Vulnerabilities, in response to the active exploitation of… Continue reading CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities
Top CVEs Actively Exploited by People’s Republic of China State-Sponsored Cyber Actors
Top CVEs Actively Exploited by People’s Republic of China State-Sponsored Cyber Actors 10/06/2022 01:48 PM EDT Original release date: October 6, 2022 CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA) providing the top Common Vulnerabilities and Exposures (CVEs) used since 2020 by… Continue reading Top CVEs Actively Exploited by People’s Republic of China State-Sponsored Cyber Actors
AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization
AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization 10/04/2022 01:58 PM EDT Original release date: October 4, 2022 Summary Actions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity: • Enforce multifactor authentication (MFA) on all user accounts.• Implement network segmentation to separate network segments based on role… Continue reading AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization
Iranian State Actors Conduct Cyber Operations Against the Government of Albania
Iranian State Actors Conduct Cyber Operations Against the Government of Albania 09/21/2022 10:16 AM EDT Original release date: September 21, 2022 CISA and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA), Iranian State Actors Conduct Cyber Operations Against the Government of Albania, detailing malicious cyber operations that included ransomware and… Continue reading Iranian State Actors Conduct Cyber Operations Against the Government of Albania
Iranian Islamic Revolutionary Guard Corps Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations
Iranian Islamic Revolutionary Guard Corps Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations 09/14/2022 10:33 AM EDT Original release date: September 14, 2022 CISA, Federal Bureau of Investigation (FBI), National Security Agency (NSA), U.S. Cyber Command (USCC) – Cyber National Mission Force (CNMF), Department of the Treasury, Australian Cyber… Continue reading Iranian Islamic Revolutionary Guard Corps Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations
CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite
CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite 08/22/2022 10:59 AM EDT Original release date: August 22, 2022 CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have updated joint Cybersecurity Advisory AA22-228A: Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite, originally released August 16, 2022. The advisory… Continue reading CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite
Threat Actors Exploiting Multiple Vulnerabilities Against Zimbra Collaboration Suite
Threat Actors Exploiting Multiple Vulnerabilities Against Zimbra Collaboration Suite 08/16/2022 11:10 AM EDT Original release date: August 16, 2022 CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have released a joint Cybersecurity Advisory (CSA) in response to active exploitation of multiple vulnerabilities against Zimbra Collaboration Suite (ZCS), an enterprise cloud-hosted collaboration software and email… Continue reading Threat Actors Exploiting Multiple Vulnerabilities Against Zimbra Collaboration Suite