Security Updates
“Many things in life can be safely ignored but ignoring Cybersecurity Safe Practices is an open invitation for disaster.”
Security Updates
Security Alerts
CISA Alerts Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.
-
AA20-259A: Iran-Based Threat Actor Exploits VPN Vulnerabilities
by CISA on September 15, 2020 at 4:00 PM
Original release date: September 15, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See […]
-
AA20-258A: Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity
by CISA on September 14, 2020 at 1:00 PM
Original release date: September 14, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) has consistently observed Chinese Ministry of State […]
-
AA20-245A: Technical Approaches to Uncovering and Remediating Malicious Activity
by CISA on September 1, 2020 at 12:30 PM
Original release date: September 1, 2020 | Last revised: September 10, 2020SummaryThis joint advisory is the result of a collaborative research effort by the […]
-
AA20-239A: FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks
by CISA on August 26, 2020 at 2:17 PM
Original release date: August 26, 2020 | Last revised: September 3, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge […]
-
AA20-227A: Phishing Emails Used to Deploy KONNI Malware
by CISA on August 14, 2020 at 12:59 PM
Original release date: August 14, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the […]
-
AA20-225A: Malicious Cyber Actor Spoofing COVID-19 Loan Relief Webpage via Phishing Emails
by CISA on August 12, 2020 at 1:49 PM
Original release date: August 12, 2020 | Last revised: August 14, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is currently tracking […]
-
AA20-209A: Potential Legacy Risk from Malware Targeting QNAP NAS Devices
by CISA on July 27, 2020 at 12:20 PM
Original release date: July 27, 2020 | Last revised: August 6, 2020SummaryThis is a joint alert from the United States Cybersecurity and Infrastructure […]
-
AA20-206A: Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902
by CISA on July 24, 2020 at 10:59 AM
Original release date: July 24, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is issuing this alert in response to recently disclosed […]
-
AA20-205A: NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems
by CISA on July 23, 2020 at 2:29 PM
Original release date: July 23, 2020SummaryNote: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) […]
-
AA20-198A: Malicious Cyber Actor Use of Network Tunneling and Spoofing to Obfuscate Geolocation
by CISA on July 16, 2020 at 12:09 PM
Original release date: July 16, 2020SummaryThis Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) and […]
Security Tips
CISA TIPS feed US-CERT Tips describe and offer advice about common security issues for non-technical computer users. Tips are restricted to a single topic, although complex issues may span multiple tips. Each tip builds upon the knowledge, both terminology and content, of those published prior to it.
-
Privacy and Mobile Device Apps
by CISA on July 9, 2019 at 12:59 PM
Original release date: July 9, 2019 | Last revised: November 15, 2019What are the risks associated with mobile device apps? Applications (apps) on your […]
-
Best Practices for Securing Election Systems
by CISA on May 21, 2019 at 4:00 AM
Original release date: May 21, 2019 | Last revised: November 15, 2019By adhering to cybersecurity best practices, election organizations—including state, […]
-
Protecting Against Ransomware
by CISA on April 11, 2019 at 4:09 PM
Original release date: April 11, 2019What is ransomware?Ransomware is a type of malware threat actors use to infect computers and encrypt computer files until […]
-
Questions Every CEO Should Ask About Cyber Risks
by CISA on December 4, 2018 at 3:52 PM
Original release date: December 4, 2018 | Last revised: November 15, 2019As technology continues to evolve, cyber threats continue to grow in sophistication […]
Security Bulletins
CISA Bulletins Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.
-
Vulnerability Summary for the Week of September 7, 2020
by CISA on September 14, 2020 at 7:20 AM
Original release date: September 14, 2020 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source […]
-
Vulnerability Summary for the Week of August 31, 2020
by CISA on September 7, 2020 at 7:05 AM
Original release date: September 7, 2020 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source […]
-
Vulnerability Summary for the Week of August 24, 2020
by CISA on August 31, 2020 at 7:22 AM
Original release date: August 31, 2020 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source […]
-
Vulnerability Summary for the Week of August 17, 2020
by CISA on August 24, 2020 at 6:48 AM
Original release date: August 24, 2020 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source […]
-
Vulnerability Summary for the Week of August 10, 2020
by CISA on August 17, 2020 at 10:36 AM
Original release date: August 17, 2020 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source […]