CISA Cybersecurity Alerts

CISA Cybersecurity Alerts

Flash cybersecurity advisories from the US Government. These alerts provide timely technical and operational information, indicators of compromise, and mitigations for current major security threats, vulnerabilities, and exploits. These alerts have been edited and adapted for audio by The CyberWire as a public service.

Trailer

Recent Episodes

Ep 39 | 1.25.23

CISA Alert AA23-025A – Protecting against malicious use of remote monitoring and management software

CISA, NSA, and the MS-ISAC are releasing this alert to warn network defenders about malicious use of legitimate remote monitoring and management software.

TranscriptTranscript
Ep 38 | 12.7.22

CISA Alert AA22-335A – #StopRansomware: Cuba Ransomware

The FBI and CISA are releasing this alert to disseminate known Cuba Ransomware Group indicators of compromise and TTPs identified through FBI investigations.

TranscriptTranscript
Ep 37 | 11.17.22

CISA Alert AA22-321A – #StopRansomware: Hive Ransomware.

The FBI, CISA, and the Department of Health and Human Services are releasing this alert to disseminate known Hive Ransomware Group indicators of compromise and TTPs identified through FBI investigations.

TranscriptTranscript
Ep 36 | 11.16.22

CISA Alert AA22-320A – Iranian government-sponsored APT actors compromise federal network, deploy crypto miner, credential harvester.

From mid-June through mid-July 2022, CISA conducted an incident response engagement at a Federal Civilian Executive Branch organization where CISA observed suspected advanced persistent threat activity. In the course of incident response activities, CISA determined that cyber threat actors exploited the Log4Shell vulnerability in an unpatched VMware Horizon server, installed XMRig crypto mining software, moved laterally to the domain controller, compromised credentials, and then implanted Ngrok reverse proxies on several hosts to maintain persistence.

TranscriptTranscript
Ep 35 | 10.24.22

CISA Alert AA22-294A – #StopRansomware: Daixin Team.

FBI, CISA, and Department of Health and Human Services are releasing this joint advisory to provide information on the Daixin Team, a cybercrime group that is actively targeting U.S. businesses, predominantly in the Healthcare and Public Health Sector.

TranscriptTranscript
Load More
CISA Cybersecurity Alerts
Schedule: Ad Hoc
Credits: Alert sources include the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA). Technical Editor is Brandon Karpf, Producer is Jennifer Eiben, Audio Engineering, Editing and original music by Elliott Peltzman.
Creator: CyberWire, Inc.
CyberWire logo