AA22-279A: Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors
Original release date: October 6, 2022 Summary This joint Cybersecurity Advisory (CSA) provides the top Common Vulnerabilities and Exposures (CVEs) used since 2020 by People’s Republic of China (PRC) state-sponsored cyber actors as assessed by the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI). PRC state-sponsored cyber […]
AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization
Original release date: October 4, 2022 Summary Actions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity: • Enforce multifactor authentication (MFA) on all user accounts. • Implement network segmentation to separate network segments based on role and functionality. • Update software, including operating systems, applications, and firmware, on network assets. • Audit account usage. […]
AA22-265A: Control System Defense: Know the Opponent
Original release date: September 22, 2022 Summary Traditional approaches to securing OT/ICS do not adequately address current threats. Operational technology/industrial control system (OT/ICS) assets that operate, control, and monitor day-to-day critical infrastructure and industrial processes continue to be an attractive target for malicious cyber actors. These cyber actors, including advanced persistent threat (APT) groups, target […]
A22-264A: Iranian State Actors Conduct Cyber Operations Against the Government of Albania
Original release date: September 21, 2022 Summary The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory to provide information on recent cyber operations against the Government of Albania in July and September. This advisory provides a timeline of activity observed, from initial access to […]
AA22-257A: Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations
Original release date: September 14, 2022 Summary Actions to take today to protect against ransom operations: • Keep systems and software updated and prioritize remediating known exploited vulnerabilities. • Enforce MFA. • Make offline backups of your data. This joint Cybersecurity Advisory (CSA) is the result of an analytic effort among the Federal Bureau of […]
AA22-249A: #StopRansomware: Vice Society
Original release date: September 6, 2022 Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize and remediate known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce multifactor authentication. Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for […]