US-CERT Alerts

CISA Alerts

Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.

AA21-209A: Top Routinely Exploited Vulnerabilities

Author: CISA
Posted: July 28, 2021, 12:00 pm
Original release date: July 28, 2021

Summary

This Joint Cybersecurity Advisory was coauthored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI). 

This advisory provides details on the top 30 vulnerabilities—primarily Common Vulnerabilities and Exposures (CVEs)—routinely exploited by malicious cyber actors in 2020 and tho...


Read More

AA21-201A: Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013

Author: CISA
Posted: July 20, 2021, 1:00 pm
Original release date: July 20, 2021 | Last revised: July 21, 2021

Summary

This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques.

Note: CISA released technical information, including indicators of compromise (IOCs), provided in this advisory in 2012 to affected organizations and stakeholders.

This Joint Cybersecurity Advisory—coauthored by the Cybe...


Read More

AA21-200B: Chinese State-Sponsored Cyber Operations: Observed TTPs

Author: CISA
Posted: July 19, 2021, 11:00 am
Original release date: July 19, 2021

Summary

This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9, and MITRE D3FEND™ framework, version 0.9.2-BETA-3. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques and the D3FEND framework for referenced defensive tactics and techniques.

The National Security Agency, Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI...


Read More

AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department

Author: CISA
Posted: July 19, 2021, 11:00 am
Original release date: July 19, 2021 | Last revised: July 20, 2021

Summary

This Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to provide information on a Chinese Advanced Persistent Threat (APT) group known in open-source reporting as APT40. This advisory provides APT40’s tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help cybersecurity practitioners identi...


Read More

AA21-148A: Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs

Author: CISA
Posted: May 28, 2021, 10:29 pm
Original release date: May 28, 2021 | Last revised: May 29, 2021

Summary

This Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques.

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are engaged in addressing a spearphishing campaign targeting government organizations, intergover...


Read More