US-CERT Alerts

CISA Alerts

Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.

AA20-073A: Enterprise VPN Security

Author: CISA
Posted: March 13, 2020, 12:08 pm
Original release date: March 13, 2020

Summary

As organizations prepare for possible impacts of Coronavirus Disease 2019 (COVID-19), many may consider alternate workplace options for their employees. Remote work options—or telework—require an enterprise virtual private network (VPN) solution to connect employees to an organization’s information technology (IT) network. As organizations elect to implement telework, the Cybersecurity and Infrastructure Security Agency (CISA) encourages organizatio...


Read More

AA20-049A: Ransomware Impacting Pipeline Operations

Author: CISA
Posted: February 18, 2020, 1:06 pm
Original release date: February 18, 2020

Summary

Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework. See the MITRE ATT&CK for Enterprise and ATT&CK for Industrial Control Systems (ICS) frameworks for all referenced threat actor techniques and mitigations.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages asset owner operators across all critical infrastructure sectors to review the below threat actor technique...


Read More

AA20-031A: Detecting Citrix CVE-2019-19781

Author: CISA
Posted: January 31, 2020, 6:07 pm
Original release date: January 31, 2020 | Last revised: February 18, 2020

Summary

Unknown cyber network exploitation (CNE) actors have successfully compromised numerous organizations that employed vulnerable Citrix devices through a critical vulnerability known as CVE-2019-19781.[1]

Though mitigations were released on the same day Citrix announced CVE-2019-19781, organizations that did not appropriately apply the mitigations were likely to be targeted once exploit code began circulating on the...


Read More

AA20-020A: Critical Vulnerability in Citrix Application Delivery Controller, Gateway, and SD-WAN WANOP

Author: CISA
Posted: January 20, 2020, 2:54 pm
Original release date: January 20, 2020 | Last revised: January 27, 2020

Summary

Note: As of January 24, 2020, Citrix has released all expected updates in response to CVE-2019-19781.[1] 

On January 19, 2020, Citrix released firmware updates for Citrix Application Delivery Controller (ADC) and Citrix Gateway versions 11.1 and 12.0.
On January 22, 2020, Citrix released security updates for vulnerable SD-WAN WANOP appliances.
On January 23, 2020, Citrix released firmware updates for Citrix ADC an...


Read More

AA20-014A: Critical Vulnerabilities in Microsoft Windows Operating Systems

Author: CISA
Posted: January 14, 2020, 5:46 pm
Original release date: January 14, 2020

Summary

New vulnerabilities are continually emerging, but the best defense against attackers exploiting patched vulnerabilities is simple: keep software up to date. Timely patching is one of the most efficient and cost-effective steps an organization can take to minimize its exposure to cybersecurity threats.

On January 14, 2020, Microsoft released software fixes to address 49 vulnerabilities as part of their monthly Patch Tuesday announcement. Among the...


Read More