Security Updates
“Many things in life can be safely ignored but ignoring Cybersecurity Safe Practices is an open invitation for disaster.”
Security Updates
Security Alerts
CISA Alerts Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.
- AA21-077A: Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Toolby CISA on March 18, 2021 at 6:00 PM
Original release date: March 18, 2021 | Last revised: April 9, 2021SummaryThis Alert announces the CISA Hunt and Incident Response Program (CHIRP) tool. CHIRP […]
- AA21-076A: TrickBot Malwareby CISA on March 17, 2021 at 3:00 PM
Original release date: March 17, 2021 | Last revised: March 24, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge […]
- AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilitiesby CISA on March 3, 2021 at 6:12 PM
Original release date: March 3, 2021 | Last revised: April 14, 2021SummaryNote: This Alert was updated April 13, 2021, to provide further guidance. […]
- AA21-055A: Exploitation of Accellion File Transfer Applianceby CISA on February 24, 2021 at 2:00 PM
Original release date: February 24, 2021 | Last revised: February 25, 2021SummaryThis joint advisory is the result of a collaborative effort by the […]
- AA21-048A: AppleJeus: Analysis of North Korea’s Cryptocurrency Malwareby CISA on February 17, 2021 at 4:00 PM
Original release date: February 17, 2021 | Last revised: April 14, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common […]
- AA21-042A: Compromise of U.S. Water Treatment Facilityby CISA on February 11, 2021 at 7:15 PM
Original release date: February 11, 2021 | Last revised: February 12, 2021SummaryOn February 5, 2021, unidentified cyber actors obtained unauthorized access to […]
- AA21-008A: Detecting Post-Compromise Threat Activity in Microsoft Cloud Environmentsby CISA on January 8, 2021 at 4:36 PM
Original release date: January 8, 2021 | Last revised: April 8, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge […]
- AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizationsby CISA on December 17, 2020 at 3:00 PM
Original release date: December 17, 2020 | Last revised: April 13, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is aware of […]
- AA20-345A: Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Databy CISA on December 10, 2020 at 5:00 PM
Original release date: December 10, 2020SummaryThis Joint Cybersecurity Advisory was coauthored by the Federal Bureau of Investigation (FBI), the Cybersecurity […]
- AA20-336A: Advanced Persistent Threat Actors Targeting U.S. Think Tanksby CISA on December 1, 2020 at 6:00 PM
Original release date: December 1, 2020SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See […]
Security Tips
CISA TIPS feed US-CERT Tips describe and offer advice about common security issues for non-technical computer users. Tips are restricted to a single topic, although complex issues may span multiple tips. Each tip builds upon the knowledge, both terminology and content, of those published prior to it.
- Privacy and Mobile Device Appsby CISA on July 9, 2019 at 12:59 PM
Original release date: July 9, 2019 | Last revised: November 15, 2019What are the risks associated with mobile device apps? Applications (apps) on your […]
- Best Practices for Securing Election Systemsby CISA on May 21, 2019 at 4:00 AM
Original release date: May 21, 2019 | Last revised: November 2, 2020By adhering to cybersecurity best practices, election organizations—including state, […]
- Protecting Against Ransomwareby CISA on April 11, 2019 at 4:09 PM
Original release date: April 11, 2019What is ransomware?Ransomware is a type of malware threat actors use to infect computers and encrypt computer files until […]
- Questions Every CEO Should Ask About Cyber Risksby CISA on December 4, 2018 at 3:52 PM
Original release date: December 4, 2018 | Last revised: November 15, 2019As technology continues to evolve, cyber threats continue to grow in sophistication […]
Security Bulletins
CISA Bulletins Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.
- Vulnerability Summary for the Week of April 5, 2021by CISA on April 12, 2021 at 10:51 AM
Original release date: April 12, 2021 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & […]
- Vulnerability Summary for the Week of March 29, 2021by CISA on April 5, 2021 at 11:01 AM
Original release date: April 5, 2021 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & […]
- Vulnerability Summary for the Week of March 22, 2021by CISA on March 29, 2021 at 11:22 AM
Original release date: March 29, 2021 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & […]
- Vulnerability Summary for the Week of March 15, 2021by CISA on March 22, 2021 at 11:26 AM
Original release date: March 22, 2021 | Last revised: March 24, 2021  High Vulnerabilities Primary Vendor -- Product Description […]
- Vulnerability Summary for the Week of March 8, 2021by CISA on March 15, 2021 at 11:25 AM
Original release date: March 15, 2021 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & […]