CISA

Pierluigi Paganini November 04, 2021
CISA shares a catalog of 306 actively exploited vulnerabilities

The US CISA shared a list of vulnerabilities known to be exploited in the wild and orders US federal agencies to address them within deadlines. The US Cybersecurity and Infrastructure Security Agency (CISA) has published a catalog of 306 actively exploited vulnerabilities and has issued a binding operational directive ordering US federal agencies to address […]

Pierluigi Paganini October 29, 2021
NSA and CISA explained how to prevent and detect lateral movement in 5G networks via cloud systems

The US NSA and CISA published a security advisory to warn about threat actors compromising 5G networks via cloud infrastructure. The US National Security Agency and the US Cybersecurity Infrastructure and Security Agency have published a security advisory to warn of attacks on 5G networks through the hijacking of a provider’s cloud resources. The report […]

Pierluigi Paganini September 01, 2021
Watch out, ransomware attack risk increases on holidays and weekends, FBI and CISA

The FBI and CISA issued a joint cybersecurity advisory to warn organizations to remain vigilant against ransomware attacks during weekends or holidays. The FBI and CISA warn organizations to keep high their defenses against ransomware attacks during weekends or holidays. The government agencies have observed an increase in ransomware attacks occurring on holidays and weekends, […]

Pierluigi Paganini August 26, 2021
CISA publishes malware analysis reports on samples targeting Pulse Secure devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released five malware analysis reports (MARs) related to samples found on compromised Pulse Secure devices. The U.S. CISA published five malware analysis reports (MARs) related to samples found on compromised Pulse Secure devices. “As part of CISA’s ongoing response to Pulse Secure compromises, CISA has analyzed five malware samples […]

Pierluigi Paganini August 23, 2021
CISA recommends immediately patch Exchange ProxyShell flaws

US CISA issued an urgent alert to warn admins to address ProxyShell vulnerabilities on-premises Microsoft Exchange servers. The US Cybersecurity and Infrastructure Security Agency (CISA) issued an alert to warn admins to address actively exploited ProxyShell vulnerabilities on-premises Microsoft Exchange servers. ProxyShell is the name of three vulnerabilities that could be chained by an unauthenticated […]

Pierluigi Paganini August 21, 2021
US CISA releases guidance on how to prevent ransomware data breaches

The US Cybersecurity and Infrastructure Security Agency (CISA) released guidance on how to prevent data breaches resulting from ransomware attacks. Most of the recent ransomware attack resulted in data breaches for the victims, threat actors implemented a double-extortion schema threatening the victims to data stolen before encrypting them on compromised systems. Over the past several […]

Pierluigi Paganini July 02, 2021
CISA alert urges to disable Windows Print Spooler to percent PrintNightmare attacks

CISA issued a security alert to warn admins to disable the Windows Print Spooler service on servers not used for printing due to PrintNightmare zero-day. CISA issued an alert to warn admins to disable the Windows Print Spooler on servers not used for printing due to the risk of exploitation of the PrintNightmare zero-day vulnerability. ““while Microsoft […]

Pierluigi Paganini July 01, 2021
US CISA releases a Ransomware Readiness Assessment (RRA) tool

The US CISA has released the Ransomware Readiness Assessment (RRA), a new ransomware self-assessment security audit tool. The US Cybersecurity and Infrastructure Security Agency (CISA) has released the Ransomware Readiness Assessment (RRA), a new ransomware self-assessment security audit tool for the agency’s Cyber Security Evaluation Tool (CSET). RRA could be used by organizations to determine […]

Pierluigi Paganini May 09, 2021
CISA MAR report provides technical details of FiveHands Ransomware

U.S. CISA has published an analysis of the FiveHands ransomware, the same malware that was analyzed a few days ago by researchers from FireEye’s Mandiant experts. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the FiveHands ransomware that was recently detailed by FireEye’s Mandiant. At the end of April, researchers […]

Pierluigi Paganini May 07, 2021
Russia-linked APT29 group changes TTPs following April advisories

The UK and US cybersecurity agencies have published a report detailing techniques used by Russia-linked cyberespionage group known APT29 (aka Cozy Bear). Today, UK NCSC and CISA-FBI-NSA cybersecurity agencies published a joint security advisory that warns organizations to patch systems immediately to mitigate the risk of attacks conducted by Russia-linked SVR group (aka APT29, Cozy Bear, and The Dukes)). The […]