CISA confirms it was breached by attackers using Ivanti flaws

One of the organizations compromised through a recently-discovered flaw in Ivanti products was, ironically enough, the US government’s Cybersecurity and Infrastructure Security Agency (CISA). Confirmation of the breach came from CISA itself, as well as from an anonymous source “with Read More …

Known Indicators of Compromise Associated with Androxgh0st Malware

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with threat actors deploying Androxgh0st Read More …

FBI: IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities

The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Environmental Protection Agency (EPA), and the Israel National Cyber Directorate (INCD) are disseminating this joint Cybersecurity Advisory (CSA) to highlight continued malicious cyber activity Read More …

Scattered Spider

The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) in response to recent activity by Scattered Spider threat actors against the commercial facilities sectors and subsectors. This advisory provides Read More …

#StopRansomware: Rhysida Ransomware

The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the MultiState Information Sharing and Analysis Center (MS-ISAC) are releasing this joint CSA to disseminate known Rhysida ransomware IOCs and TTPs identified through investigations as recently as Read More …

DHS Cybersecurity and Infrastructure Security Agency Releases Roadmap for Artificial Intelligence 

WASHINGTON – Today the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) released its first Roadmap for Artificial Intelligence (AI), adding to the significant DHS and broader whole-of-government effort to ensure the secure development and implementation of Read More …

#StopRansomware: Royal Ransomware Update

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint CSA to disseminate known Royal ransomware IOCs and TTPs identified through FBI threat response activities as recently as June 2023. Since approximately Read More …

CISA Releases Nineteen Industrial Control Systems Advisories

CISA released nineteen Industrial Control Systems (ICS) advisories on October 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-285-01 Siemens SIMATIC CP products ICSA-23-285-02 Siemens SCALANCE W1750D ICSA-23-285-03 Siemens SICAM A8000 Devices Read More …

CISA catalog passes 1,000 known-to-be-exploited vulnerabilities. Celebration time, or is it?

On September 18, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) announced that its Known Exploited Vulnerabilities (KEV) catalog has reached the milestone of covering more than 1,000 vulnerabilities since its launch in November 2021. This may seem like a Read More …

FBI and CISA Release Update on AvosLocker Advisory

Today, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released a joint Cybersecurity Advisory (CSA), #StopRansomware: AvosLocker Ransomware (Update) to disseminate known indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and detection methods Read More …