The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) in response to the ongoing ransomware campaign, known as “ESXiArgs.” Malicious actors may be exploiting known vulnerabilities in VMware ESXi servers that are likely running unpatched and out-of-service or…
Category: Cyber Security
cyber security news and knowledge and tips to protect yourself
Malicious Use of Remote Monitoring and Management Software
The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) (hereafter referred to as the “authoring organizations”) are releasing this joint Cybersecurity Advisory (CSA) to warn network defenders about malicious use of legitimate remote monitoring and management (RMM) software. In October…
2021 Trends Show Increased Globalized Threat of Ransomware … – US-CERT
Threat of Ransomware An official website of the United States government Here’s how you know Immediate Actions You Can Take Now to Protect Against Ransomware: • Update your operating system and software.• Implement user training and phishing exercises to raise awareness about the risk of suspicious links and attachments.• If you use Remote…
Russian State Sponsored Cyber operations
Mitigating Russian State-Sponsored Cyber operations An official website of the United States government Here’s how you know Actions Critical Infrastructure Organizations Should Implement to Immediately Strengthen Their Cyber Posture.• Patch all systems. Prioritize patching known exploited vulnerabilities.• Implement multi-factor authentication.• Use antivirus software.• Develop internal contact lists and surge support.Note: this…
NSA Cybersecurity Advisories & Guidance – National Security Agency
Cybersecurity Advisories Official websites use .gov Secure .gov websites use HTTPS NSA leverages its elite technical capability to develop advisories and mitigations on evolving cybersecurity threats. Browse or search our repository of advisories, info sheets, tech reports, and operational risk notices listed below. Some resources have access requirements. For a subset…
AA22-335A: #StopRansomware: Cuba Ransomware
Cuba Ransomware Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities.• Train users to recognize and report phishing attempts.• Enable and enforce phishing-resistant multifactor authentication. Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for…
Impacket and Exfiltration Tool
Actions to Help Protect Against APT Cyber Activity: • Enforce multifactor authentication (MFA) on all user accounts.• Implement network segmentation to separate network segments based on role and functionality.• Update software, including operating systems, applications, and firmware, on network assets.• Audit account usage. From November 2021 through January 2022, the…
Top CVEs Actively Exploited By China
CVEs Actively Exploited Summary This joint Cybersecurity Advisory (CSA) provides the top Common Vulnerabilities and Exposures (CVEs) used since 2020 by People’s Republic of China (PRC) state-sponsored cyber actors as assessed by the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI). PRC…
Iranian Revolutionary Guard Exploiting Vulnerabilities
Exploiting Vulnerabilities Summary Actions to take today to protect against ransom operations: • Keep systems and software updated and prioritize remediating known exploited vulnerabilities.• Enforce MFA.• Make offline backups of your data. This joint Cybersecurity Advisory (CSA) is the result of an analytic effort among the Federal Bureau of Investigation…