US-CERT Alerts

CISA Alerts

Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.

AA20-133A: Top 10 Routinely Exploited Vulnerabilities

Author: CISA
Posted: May 12, 2020, 1:00 pm
Original release date: May 12, 2020

Summary

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the broader U.S. Government are providing this technical guidance to advise IT security professionals at public and private sector organizations to place an increased priority on patching the most commonly known vulnerabilities exploited by sophisticated foreign cyber actors.

This alert provides details on vulnerabilities routinely exploited by...


Read More

AA20-126A: APT Groups Target Healthcare and Essential Services

Author: CISA
Posted: May 5, 2020, 12:58 pm
Original release date: May 5, 2020

Summary

This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC).

CISA and NCSC continue to see indications that advanced persistent threat (APT) groups are exploiting the Coronavirus Disease 2019 (COVID-19) pandemic as part of their cyber operations. This joint alert highlights ongoing activity by APT groups against...


Read More

AA20-120A: Microsoft Office 365 Security Recommendations

Author: CISA
Posted: April 29, 2020, 2:41 pm
Original release date: April 29, 2020

Summary

As organizations adapt or change their enterprise collaboration capabilities to meet “telework” requirements, many organizations are migrating to Microsoft Office 365 (O365) and other cloud collaboration services. Due to the speed of these deployments, organizations may not be fully considering the security configurations of these platforms.

This Alert is an update to the Cybersecurity and Infrastructure Security Agency's May 2019 Analysis Report, ...


Read More

AA20-107A: Continued Threat Actor Exploitation Post Pulse Secure VPN Patching

Author: CISA
Posted: April 16, 2020, 1:21 pm
Original release date: April 16, 2020

Summary

Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques and mitigations.

This Alert provides an update to Cybersecurity and Infrastructure Security Agency (CISA) Alert AA20-010A: Continued Exploitation of Pulse Secure VPN Vulnerability, which advised organizations to immediately patch CVE-2019-11510—an arbi...


Read More

AA20-106A: Guidance on the North Korean Cyber Threat

Author: CISA
Posted: April 15, 2020, 12:31 pm
Original release date: April 15, 2020 | Last revised: April 30, 2020

Summary

The U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation are issuing this advisory as a comprehensive resource on the North Korean cyber threat for the international community, network defenders, and the public. The advisory highlights the cyber threat posed by North Korea – formally known as the Democratic People’s Republic of Korea (DPRK) – and provides recommended s...


Read More