Security Updates
“Many things in life can be safely ignored but ignoring Cybersecurity Safe Practices is an open invitation for disaster.”
Security Updates
Security Alerts
CISA Alerts Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.
- AA21-209A: Top Routinely Exploited Vulnerabilitiesby CISA on July 28, 2021 at 12:00 PM
Original release date: July 28, 2021SummaryThis Joint Cybersecurity Advisory was coauthored by the U.S. Cybersecurity and Infrastructure Security Agency […]
- AA21-201A: Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013by CISA on July 20, 2021 at 1:00 PM
Original release date: July 20, 2021 | Last revised: July 21, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge […]
- AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Departmentby CISA on July 19, 2021 at 11:00 AM
Original release date: July 19, 2021 | Last revised: July 20, 2021SummaryThis Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation […]
- AA21-200B: Chinese State-Sponsored Cyber Operations: Observed TTPsby CISA on July 19, 2021 at 11:00 AM
Original release date: July 19, 2021SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version […]
- AA21-148A: Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOsby CISA on May 28, 2021 at 10:29 PM
Original release date: May 28, 2021 | Last revised: May 29, 2021SummaryThis Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and […]
- AA21-131A: DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacksby CISA on May 11, 2021 at 7:00 PM
Original release date: May 11, 2021 | Last revised: July 8, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge […]
- AA21-116A: Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defendersby CISA on April 26, 2021 at 3:00 PM
Original release date: April 26, 2021SummaryThe Federal Bureau of Investigation (FBI), Department of Homeland Security (DHS), and Cybersecurity and […]
- AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilitiesby CISA on April 20, 2021 at 3:03 PM
Original release date: April 20, 2021 | Last revised: July 21, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises […]
- AA21-077A: Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Toolby CISA on March 18, 2021 at 6:00 PM
Original release date: March 18, 2021 | Last revised: April 15, 2021SummaryUpdated April 15, 2021: The U.S. Government attributes this activity to the Russian […]
- AA21-076A: TrickBot Malwareby CISA on March 17, 2021 at 3:00 PM
Original release date: March 17, 2021 | Last revised: May 20, 2021SummaryThis Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and […]
Security Tips
CISA TIPS feed US-CERT Tips describe and offer advice about common security issues for non-technical computer users. Tips are restricted to a single topic, although complex issues may span multiple tips. Each tip builds upon the knowledge, both terminology and content, of those published prior to it.
- Privacy and Mobile Device Appsby CISA on July 9, 2019 at 12:59 PM
Original release date: July 9, 2019 | Last revised: November 15, 2019What are the risks associated with mobile device apps? Applications (apps) on your […]
- Best Practices for Securing Election Systemsby CISA on May 21, 2019 at 4:00 AM
Original release date: May 21, 2019 | Last revised: November 2, 2020By adhering to cybersecurity best practices, election organizations—including state, […]
- Protecting Against Ransomwareby CISA on April 11, 2019 at 4:09 PM
Original release date: April 11, 2019What is ransomware?Ransomware is a type of malware threat actors use to infect computers and encrypt computer files until […]
- Questions Every CEO Should Ask About Cyber Risksby CISA on December 4, 2018 at 3:52 PM
Original release date: December 4, 2018 | Last revised: November 15, 2019As technology continues to evolve, cyber threats continue to grow in sophistication […]
Security Bulletins
CISA Bulletins Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.
- Vulnerability Summary for the Week of July 19, 2021by CISA on July 26, 2021 at 10:44 AM
Original release date: July 26, 2021 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & […]
- Vulnerability Summary for the Week of July 12, 2021by CISA on July 19, 2021 at 10:50 AM
Original release date: July 19, 2021 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & […]
- Vulnerability Summary for the Week of July 5, 2021by CISA on July 12, 2021 at 12:18 PM
Original release date: July 12, 2021 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & […]
- Vulnerability Summary for the Week of June 28, 2021by CISA on July 5, 2021 at 11:06 AM
Original release date: July 5, 2021 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & […]
- Vulnerability Summary for the Week of June 21, 2021by CISA on June 28, 2021 at 12:23 PM
Original release date: June 28, 2021 High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoapache -- […]