Tag Archives: organizations

CISA, FBI, and MS-ISAC Release Advisory on Rhysida Ransomware

CISA, FBI, and MS-ISAC Release Advisory on Rhysida Ransomware 11/15/2023 11:00 AM EST Today, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), #StopRansomware: Rhysida Ransomware, to disseminate known Rhysida ransomware indicators of compromise (IOCs), detection …

Continue reading “CISA, FBI, and MS-ISAC Release Advisory on Rhysida Ransomware”

CISA, NSA, FBI, and MS-ISAC Release Update to #StopRansomware Guide

CISA, NSA, FBI, and MS-ISAC Release Update to #StopRansomware Guide 10/19/2023 03:00 PM EDT Today, the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released an updated version of the joint #StopRansomware Guide. The update includes new …

Continue reading “CISA, NSA, FBI, and MS-ISAC Release Update to #StopRansomware Guide”

HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487

HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487 10/10/2023 08:00 AM EDT Researchers and vendors have disclosed a denial-of-service (DoS) vulnerability in HTTP/2 protocol. The vulnerability (CVE-2023-44487), known as Rapid Reset, has been exploited in the wild in August 2023 through October 2023. CISA recommends organizations that provide HTTP/2 services apply patches when available and consider configuration changes …

Continue reading “HTTP/2 Rapid Reset Vulnerability, CVE-2023-44487”

CISA, FBI, NSA, and Treasury Release Guidance on OSS in IT/ICS Environments

CISA, FBI, NSA, and Treasury Release Guidance on OSS in IT/ICS Environments 10/10/2023 12:00 PM EDT Today, CISA, the Federal Bureau of Investigation, the National Security Agency, and the U.S. Department of the Treasury released guidance on improving the security of open source software (OSS) in operational technology (OT) and industrial control systems (ICS). In …

Continue reading “CISA, FBI, NSA, and Treasury Release Guidance on OSS in IT/ICS Environments”

NSA and CISA Release Advisory on Top Ten Cybersecurity Misconfigurations

NSA and CISA Release Advisory on Top Ten Cybersecurity Misconfigurations 10/05/2023 02:25 PM EDT Today, the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) released a joint cybersecurity advisory (CSA), NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations, which provides the most common cybersecurity misconfigurations in large organizations, …

Continue reading “NSA and CISA Release Advisory on Top Ten Cybersecurity Misconfigurations”

CISA and NSA Release New Guidance on Identity and Access Management

CISA and NSA Release New Guidance on Identity and Access Management 10/04/2023 08:00 AM EDT Today, CISA and the National Security Agency (NSA) published Identity and Access Management: Developer and Vendor Challenges, authored by the Enduring Security Framework (ESF), a CISA- and NSA-led working panel that includes a public-private cross-sector partnership. ESF aims to address …

Continue reading “CISA and NSA Release New Guidance on Identity and Access Management”

CISA and FBI Publish Joint Advisory on QakBot Infrastructure

CISA and FBI Publish Joint Advisory on QakBot Infrastructure 08/30/2023 03:00 PM EDT Today, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), Identification and Disruption of QakBot Infrastructure, to help organizations detect and protect against newly identified QakBot-related activity and malware. QakBot—also known as …

Continue reading “CISA and FBI Publish Joint Advisory on QakBot Infrastructure”

CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022 

CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022  08/03/2023 12:00 PM EDT The U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and international partners are releasing a joint Cybersecurity Advisory (CSA), 2022 Top Routinely Exploited Vulnerabilities. This advisory provides …

Continue reading “CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022 “

#StopRansomware: Zeppelin Ransomware

#StopRansomware: Zeppelin Ransomware 08/11/2022 10:03 AM EDT Original release date: August 11, 2022 CISA and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA), #StopRansomware: Zeppelin Ransomware, to provide information on Zeppelin Ransomware. Actors use Zeppelin Ransomware, a ransomware-as-a-service (RaaS), against a wide range of businesses and critical infrastructure organizations to …

Continue reading “#StopRansomware: Zeppelin Ransomware”

Weak Security Controls and Practices Routinely Exploited for Initial Access

Weak Security Controls and Practices Routinely Exploited for Initial Access 05/17/2022 09:00 AM EDT Original release date: May 17, 2022 The cybersecurity authorities of the United States, Canada, New Zealand, the Netherlands, and the United Kingdom have issued a joint Cybersecurity Advisory (CSA) on 10 routinely exploited weak security controls, poor configurations, and bad practices that …

Continue reading “Weak Security Controls and Practices Routinely Exploited for Initial Access”