Keeping PowerShell: Measures to Use and Embrace

06/22/2022 09:00 AM EDT

Original release date: June 22, 2022

Cybersecurity authorities from the United States, New Zealand, and the United Kingdom have released a joint Cybersecurity Information Sheet (CIS) on PowerShell. The CIS provides recommendations for proper configuration and monitoring of PowerShell, as opposed to removing or disabling it entirely due to its use by malicious actors after gaining access into victim networks. These recommendations will help defenders detect and prevent abuse by malicious cyber actors, while enabling legitimate use by administrators and defenders.

CISA urges organizations to review Keeping PowerShell: Measures to Use and Embrace and take actions to strengthen their defenses against malicious cyber activity.

This product is provided subject to this Notification and this Privacy & Use policy.

ICS GovDelivery Email Topics


Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today, Secure Tomorrow

At the Cybersecurity and Infrastructure Agency (CISA), we are vigilant about finding innovative ways to get you the most actionable cyber threat information when you need it most.

CISA has made improvements to email notifications. Our subscriber content lists have been updated. The previous Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) advisory topics have been consolidated to streamline information sharing.

As of Thursday, May 18, you will be subscribed to CISA’s ICS Cybersecurity Advisories and Medical Advisories email alerts. The information you will receive includes greater actionable threat and vulnerability data from CISA and our partners.

If you don’t want to receive our emails, you can just check unsubscribe to all emails under the manage subscription link.


This email was sent to wpd5gttr9c@smartcybersecurity.eu using GovDelivery Communications Cloud, on behalf of: Cybersecurity and Infrastructure Security Agency · 707 17th St, Suite 4000 · Denver, CO 80202 GovDelivery logo

U.S. Government Attributes Cyberattacks on SATCOM Networks to Russian State-Sponsored Malicious Cyber Actors

05/10/2022 09:27 AM EDT

Original release date: May 10, 2022

CISA and the Federal Bureau of Investigation (FBI) have updated the joint cybersecurity advisory, Strengthening Cybersecurity of SATCOM Network Providers and Customers, originally released March 17, 2022, with U.S. government attribution to Russian state-sponsored malicious cyber actors. The United States assesses Russia launched cyberattacks in late February against commercial satellite communications networks to disrupt Ukrainian command and control during the Russia invasion, and those actions had spillover impacts into other European countries.

CISA is working with both international and JCDC partners to strengthen our collective cybersecurity resilience—especially in the critical infrastructure that governments and citizens rely on—and to protect against and respond to malicious cyber activity.  We continue to urge public and private sector partners to review and implement the guidance contained in U.S. government cybersecurity advisories, including Strengthening Cybersecurity of SATCOM Network Providers and Customers, the January 2022 cybersecurity advisory on Protecting VSAT Communications, and the April 2022 cybersecurity advisory on Russian State-Sponsored and Criminal Threats to Critical Infrastructure. CISA also recommends partners review the CISA Shields Up, Shields Up Technical Guidance, and Russia webpages to stay current on the preventive measures that can help guard against Russian cyber threats and tactics.

This product is provided subject to this Notification and this Privacy & Use policy.

2021 Top Routinely Exploited Vulnerabilities

04/27/2022 10:00 AM EDT

Original release date: April 27, 2022

CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NZ NCSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK)  have released a joint Cybersecurity Advisory that provides details on the top 15 Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2021, as well as other CVEs frequently exploited.

CISA encourages users and administrators to review joint Cybersecurity Advisory: 2021 Top Routinely Exploited Vulnerabilities  and apply the recommended mitigations to reduce the risk of compromise by malicious cyber actors. 

This product is provided subject to this Notification and this Privacy & Use policy.

Improvements to Email Notifications


Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today, Secure Tomorrow

At the Cybersecurity and Infrastructure Agency (CISA), we are vigilant about finding innovative ways to get you the most actionable cyber threat information when you need it most.

CISA has made improvements to email notifications and want to inform you that our subscriber content lists have been updated. The previous National Cybersecurity Awareness alert topics have been consolidated to streamline information. These new updates will make it easier and faster for you to receive the latest information on cybersecurity-related topics.

As of Thursday, March 31, you will be subscribed to CISA’s Cybersecurity Advisories and Vulnerability Bulletin email alerts. The information you will receive includes greater actionable threat and vulnerability data from CISA and our partners. It will go only get better from here!

If you don’t want to receive our emails, you can just check unsubscribe to all emails under the manage subscription link.


This email was sent to wpd5gttr9c@smartcybersecurity.eu using GovDelivery Communications Cloud, on behalf of: Cybersecurity and Infrastructure Security Agency · 707 17th St, Suite 4000 · Denver, CO 80202 GovDelivery logo

FBI and FinCEN Release Advisory on AvosLocker Ransomware

03/22/2022 07:21 AM EDT

Original release date: March 22, 2022

The Federal Bureau of Investigation (FBI) and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) have released a joint Cybersecurity Advisory identifying indicators of compromise associated with AvosLocker ransomware. AvosLocker is a ransomware-as-a-service affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. 

CISA encourages organizations to review the joint Cybersecurity Advisory and apply the recommended mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.

Strengthening Cybersecurity of SATCOM Network Providers and Customers

03/17/2022 01:28 PM EDT

Original release date: March 17, 2022

CISA and the Federal Bureau of Investigation (FBI) are aware of possible threats to U.S. and international satellite communications (SATCOM) networks. Successful intrusions into SATCOM networks could create additional risk for SATCOM network customer environments.

In response, CISA and FBI have published joint Cybersecurity Advisory (CSA) Strengthening Cybersecurity of SATCOM Network Providers and Customers, which provides mitigations and resources to strengthen SATCOM provider and customer cybersecurity.

CISA and FBI strongly encourage critical infrastructure organizations and, specifically, organizations that are SATCOM network providers or customers to review the joint CSA and implement the mitigations. CISA and FBI will update the joint CSA as new information becomes available.

This product is provided subject to this Notification and this Privacy & Use policy.

Updated: Kubernetes Hardening Guide

03/15/2022 11:00 AM EDT

Original release date: March 15, 2022

The National Security Agency (NSA) and CISA have updated their joint Cybersecurity Technical Report (CTR): Kubernetes Hardening Guide, originally released in August 2021, based on valuable feedback and inputs from the cybersecurity community. 

Kubernetes is an open-source system that automates deployment, scaling, and management of applications run in containers. A container is a runtime environment that contains a software package and its dependencies. Kubernetes is often hosted in a cloud environment. The CTR provides recommended configuration and hardening guidance for setting up and securing a Kubernetes cluster.

CISA encourages users and administrators to review the updated Kubernetes Hardening Guide—which includes additional detail and explanations—and apply the hardening measures and mitigations to manage associated risks.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA’s Zero Trust Guidance for Enterprise Mobility Available for Public Comment

03/07/2022 03:53 PM EST

Original release date: March 7, 2022

CISA has released a draft version of Applying Zero Trust Principles to Enterprise Mobility for public comment. The paper guides federal agencies as they evolve and operationalize cybersecurity programs and capabilities, including cybersecurity for mobility. The public comment period will close April 18, 2022.

Executive Order 14028:  Improving the Nation’s Cybersecurity, issued May 12, 2021, requires Federal Civilian Executive Branch departments and agencies to adopt Zero Trust (ZT) architectures to protect the government’s information resources, of which federal mobility is an integral part. The guidance highlights the need for special consideration for mobile devices and associated enterprise security management capabilities due to their technological evolution and ubiquitous use.

CISA encourages interested parties to review Applying Zero Trust Principles to Enterprise Mobility and provide comment. See CISA Blog: Maturing Enterprise Mobility Towards Zero Trust Architectures for more information.  

This product is provided subject to this Notification and this Privacy & Use policy.

CISA Compiles Free Cybersecurity Services and Tools for Network Defenders

02/18/2022 10:00 AM EST

Original release date: February 18, 2022

CISA has compiled and published a list of free cybersecurity services and tools to help organizations reduce cybersecurity risk and strengthen resiliency. This non-exhaustive living repository includes services provided by CISA, widely used open source tools, and free tools and services offered by private and public sector organizations across the cybersecurity community. Before turning to the free offerings, CISA strongly recommends organizations take certain foundational measures to implement a strong cybersecurity program:

CISA encourages network defenders to take the measures above and consult the list of free cybersecurity services and tools to reduce the likelihood of a damaging cyber incident, detect malicious activity, respond to confirmed incidents, and strengthen resilience.

This product is provided subject to this Notification and this Privacy & Use policy.