18 matches found
Top CVEs Actively Exploited by People’s Republic of China State-Sponsored Cyber Actors
CISA, the Federal Bureau of Investigation FBI, and the National Security Agency NSA have released a joint Cybersecurity Advisory CSA providing the top Common Vulnerabilities and Exposures CVEs used since 2020 by People’s Republic of China PRC state-sponsored cyber actors. PRC state-sponsored cybe...
Hurricane-Related Scams
CISA warns users to remain on alert for malicious cyber activity targeting potential disaster victims and charitable donors following a hurricane. Fraudulent emails—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with...
Iranian Islamic Revolutionary Guard Corps Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations
CISA, Federal Bureau of Investigation FBI, National Security Agency NSA, U.S. Cyber Command USCC - Cyber National Mission Force CNMF, Department of the Treasury, Australian Cyber Security Centre ACSC, Canadian Centre for Cyber Security CCCS, and United Kingdom’s National Cyber Security Centre NCS...
North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector
CISA, the Federal Bureau of Investigation FBI, and the Department of the Treasury Treasury have released a joint Cybersecurity Advisory CSA, North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector, to provide information on Maui ransomware,...
CISA Joins Partners to Release Advisory on Protecting MSPs and their Customers
The cybersecurity authorities of the United Kingdom, Australia, Canada, New Zealand, and the United States have released joint Cybersecurity Advisory CSA, Protecting Against Cyber Threats to Managed Service Providers and their Customers, to provide guidance on how to protect against malicious cyb...
Russian State-Sponsored Actors Target Cleared Defense Contractor Networks
CISA, the Federal Bureau of Investigation FBI, and the National Security Agency NSA have released a joint Cybersecurity Advisory CSA highlighting regular targeting of U.S. cleared defense contractors CDCs by Russian state-sponsored cyber actors. These CDCs support contracts for the U.S. Departmen...
Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
Summary Actions to Take Today to Protect Against Iranian State-Sponsored Malicious Cyber Activity • Immediately patch software affected by the following vulnerabilities: CVE-2021-34473, 2018-13379, 2020-12812, and 2019-5591. • Implementmulti-factor authentication. • Usestrong, unique passwords.v...
Hurricane-Related Scams
CISA warns users to remain on alert for malicious cyber activity targeting potential disaster victims and charitable donors following a hurricane. Fraudulent emails—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with...
Chinese State-Sponsored Cyber Operations: Observed TTPs
Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework, Version 9, and MITRE D3FEND™ framework, version 0.9.2-BETA-3. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques and the D3FEND framework for referenced...
Malicious Cyber Activity Targeting Critical SAP Applications
SAP systems running outdated or misconfigured software are exposed to increased risks of malicious attacks. SAP applications help organizations manage critical business processes—such as enterprise resource planning, product lifecycle management, customer relationship management, and supply chain...
North Korean Malicious Cyber Activity: AppleJeus
CISA, the Federal Bureau of Investigation, and the Department of the Treasury have released a Joint Cybersecurity Advisory and seven Malware Analysis Reports MARs on the North Korean government’s dissemination of malware that facilitates the theft of cryptocurrency—referred to by the U.S...
NSA Releases Advisory on Chinese State-Sponsored Actors Exploiting Publicly Known Vulnerabilities
The National Security Agency NSA has released a cybersecurity advisory on Chinese state-sponsored malicious cyber activity. This advisory provides 25 Common Vulnerabilities and Exposures CVEs known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable...
North Korean Malicious Cyber Activity: FASTCash
The Cybersecurity Security and Infrastructure Security Agency CISA, the Department of the Treasury, the Federal Bureau of Investigation, and U.S. Cyber Command have released a joint Technical Alert and three Malware Analysis Reports MARs on the North Korean government’s ATM cash-out scheme—referr...
Chinese Malicious Cyber Activity
The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Department of Defense DoD have identified a malware variant—referred as TAIDOOR—used by the Chinese government. In addition, U.S. Cyber Command has released the malware sample to the malwar...
CISA-FBI Joint Announcement on PRC Targeting of COVID-19 Research Organizations
The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have jointly released a Public Service Announcement on the People’s Republic of China’s targeting of COVID-19 research organizations. CISA and FBI encourage COVID-19 research organizations to...
North Korean Malicious Cyber Activity
The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Department of Defense DoD have identified the following malware variants used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean...
How connected devices put health care at risk
The health care industry is one of the most attractive sectors to hackers. Not only do hospitals, doctor offices and other facilities store and have access to an array of patients' personal information, but many organizations also have financial details on file to facilitate billing processes. On...
Potential Hurricane Harvey Phishing Scams
US-CERT warns users to remain vigilant for malicious cyber activity seeking to capitalize on interest in Hurricane Harvey. Users are advised to exercise caution in handling any email with subject line, attachments, or hyperlinks related to Hurricane Harvey, even if it appears to originate from a...