N2K Networks tarafından hazırlanan CISA Cybersecurity Alerts
N2K Networks
Flash cybersecurity advisories from the US Government. These alerts provide timely technical and operational information, indicators of compromise, and mitigations for current major security threats, vulnerabilities, and exploits. These alerts have been edited and adapted for audio by N2K Networks as a public service.
Kategoriler: Teknoloji
Son bölümü dinle:
CISA, FBI, the MS-ISAC, and international partners are releasing this Cybersecurity Advisory to detail LockBit ransomware incidents and provide recommended mitigations to enable network defenders to proactively improve their organization’s defenses against this ransomware operation. AA23-165A Alert, Technical Details, and Mitigations Stopransomware.gov is a whole-of-government approach that gives one central location for ransomware resources and alerts. See the Center for Internet Security (CIS) Critical Security Controls (CIS Controls) https://www.cisecurity.org/insights/white-papers/cis-community-defense-model-2-0 for information on strengthening an organization’s cybersecurity posture through implementing a prescriptive, prioritized, and simplified set of best. See the CIS Community Defense Model 2.0 (CDM 2.0) for the effectiveness of the CIS Controls against the most prevalent types of attacks and how CDM 2.0 can be used to design, prioritize, implement, and improve an organization’s cybersecurity program. See Blueprint for Ransomware Defense for a clear, actionable framework for ransomware mitigation, response, and recovery built around the CIS Controls. No-cost cyber hygiene services: Cyber Hygiene Services and Ransomware Readiness Assessment. U.S. DIB sector organizations may consider signing up for the NSA Cybersecurity Collaboration Center’s DIB Cybersecurity Service Offerings, including Protective Domain Name System services, vulnerability scanning, and threat intelligence collaboration for eligible organizations. For more information on how to enroll in these services, email dib_defense@cyber.nsa.gov To report incidents and anomalous activity or to request incident response resources or technical assistance related to these threats, contact CISA at report@cisa.gov, or call (888) 282-0870, or report incidents to your local FBI field office.
Önceki bölümler
-
52 - CISA Alert AA23-165A – Understanding Ransomware Threat Actors: LockBit. Thu, 15 Jun 2023
-
51 - CISA Alert AA23-158A – #StopRansomware: CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability. Fri, 09 Jun 2023
-
50 - CISA Alert AA23-144A – People's Republic of China state-sponsored cyber actor living off the land to evade detection. Thu, 25 May 2023
-
49 - CISA Alert AA23-136A – #StopRansomware: BianLian Ransomware Group. Thu, 18 May 2023
-
48 - CISA Alert AA23-131A – Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG. Fri, 12 May 2023
-
47 - CISA Alert AA23-129A – Hunting Russian intelligence “Snake” malware. Thu, 11 May 2023
-
46 - CISA Alert AA23-108A – APT28 exploits known vulnerability to carry out reconnaissance and deploy malware on Cisco routers. Thu, 20 Apr 2023
-
45 - CISA Alert AA23-075A – #StopRansomware: LockBit 3.0. Sat, 18 Mar 2023
-
44 - CISA Alert AA23-074A – Threat actors exploit progress telerik vulnerability in U.S. government IIS server. Thu, 16 Mar 2023
-
43 - CISA Alert AA23-061A – #StopRansomware: Royal ransomware. Fri, 03 Mar 2023
-
42 - CISA Alert AA23-059A – CISA red team shares key findings to improve monitoring and hardening of networks. Fri, 03 Mar 2023
-
41 - CISA Alert AA23-040A – #StopRansomware: ransomware attacks on critical infrastructure fund DPRK malicious cyber activities. Fri, 10 Feb 2023
-
40 - CISA Alert AA23-039A – ESXiArgs ransomware virtual machine recovery guidance. Thu, 09 Feb 2023
-
39 - CISA Alert AA23-025A – Protecting against malicious use of remote monitoring and management software Thu, 26 Jan 2023
-
38 - CISA Alert AA22-335A – #StopRansomware: Cuba Ransomware Wed, 07 Dec 2022
-
37 - CISA Alert AA22-321A – #StopRansomware: Hive Ransomware. Fri, 18 Nov 2022
-
36 - CISA Alert AA22-320A – Iranian government-sponsored APT actors compromise federal network, deploy crypto miner, credential harvester. Wed, 16 Nov 2022
-
35 - CISA Alert AA22-294A – #StopRansomware: Daixin Team. Mon, 24 Oct 2022
-
34 - CISA Alert AA22-279A – Top CVEs actively exploited by People’s Republic of China state-sponsored cyber actors. Fri, 07 Oct 2022
-
33 - CISA Alert AA22-277A – Impacket and exfiltration tool used to steal sensitive information from defense industrial base organization. Tue, 04 Oct 2022
-
32 - CISA Alert AA22-265A – Control system defense: know the opponent. Thu, 22 Sep 2022
-
31 - CISA Alert AA22-264A – Iranian state actors conduct cyber operations against the government of Albania. Thu, 22 Sep 2022
-
30 - CISA Alert AA22-257A – Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations. Thu, 15 Sep 2022
-
29 - CISA Alert AA22-249A – #StopRansomware: Vice Society.” Tue, 06 Sep 2022
-
28 - CISA Alert AA22-228A – Threat actors exploiting multiple CVEs against Zimbra Collaboration suite. Wed, 17 Aug 2022
-
27 - CISA Alert AA22-223A – #StopRansomware: Zeppelin Ransomware. Thu, 11 Aug 2022
-
26 - CISA Alert AA22-216A – 2021 top malware strains. Thu, 04 Aug 2022
-
25 - Update 1 to CISA Alert AA22-174A – Malicious cyber actors continue to exploit Log4Shell in VMware Horizon systems. Mon, 18 Jul 2022
-
24 - CISA Alert AA22-187A – North Korean state-sponsored cyber actors use Maui ransomware to target the healthcare and public health sector. Wed, 06 Jul 2022
-
23 - CISA Alert AA22-181A – #StopRansomware: MedusaLocker. Thu, 30 Jun 2022
-
22 - CISA Alert AA22-174A – Malicious cyber actors continue to exploit Log4Shell in VMware Horizon systems. Fri, 24 Jun 2022
-
21 - CISA Alert AA22-158A – People’s Republic of China state-sponsored cyber actors exploit network providers and devices. Wed, 08 Jun 2022
-
20 - Update 1 to CISA Alert AA22-138B – Threat actors chaining unpatched VMware vulnerabilities for full system control. Wed, 08 Jun 2022
-
19 - CISA Alert AA22-152A – Karakurt data extortion group. Wed, 01 Jun 2022
-
18 - CISA Alert AA22-138B – Threat actors chaining unpatched VMware vulnerabilities for full system control. Fri, 20 May 2022
-
17 - CISA Alert AA22-138A – Threat Actors Exploiting F5 BIG-IP CVE-2022-1388. Thu, 19 May 2022
-
16 - CISA Alert AA22-137A – Weak security controls and practices routinely exploited for initial access. Tue, 17 May 2022
-
15 - CISA Alert AA22-131A – Protecting against cyber threats to managed service providers and their customers. Thu, 12 May 2022
-
14 - Update 1 to CISA Alert AA22-076A – Strengthening cybersecurity of SATCOM network providers and customers. Tue, 10 May 2022
-
13 - CISA Alert AA22-117A – 2021 top routinely exploited vulnerabilities. Wed, 27 Apr 2022
-
12 - CISA Alert AA22-110A – Russian state-sponsored and criminal cyber threats to critical infrastructure. Wed, 20 Apr 2022
-
11 - CISA Alert AA22-108A – TraderTraitor: North Korean state-sponsored APT targets blockchain companies. Mon, 18 Apr 2022
-
10 - CISA Alert AA22-103A – APT Cyber Tools Targeting ICS/SCADA Devices. Wed, 13 Apr 2022
-
9 - CISA Alert AA22-083A – TTPs of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector. Thu, 31 Mar 2022
-
8 - CISA Alert AA22-057A – Destructive malware targeting organizations in Ukraine. Thu, 31 Mar 2022
-
7 - CISA Alert AA22-074A – Russian state-sponsored cyber actors gain network access by exploiting default MFA protocols and “PrintNightmare” vulnerability. Thu, 31 Mar 2022
-
6 - CISA Alert AA22-076A – Strengthening Cybersecurity of SATCOM Network Providers and Customers. Thu, 31 Mar 2022
-
5 - CISA Alert AA22-055A – Iranian government-sponsored actors conduct cyber operations against global government and commercial networks. Thu, 24 Feb 2022
-
4 - CISA Alert AA22-054A – New Sandworm malware “Cyclops Blink” replaces VPNFilter. Wed, 23 Feb 2022
-
3 - CISA Alert AA22-047A – Russian state-sponsored cyber actors target cleared defense contractor networks to obtain sensitive US defense information and technology. Wed, 16 Feb 2022