Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.
Posted: February 24, 2021, 2:00 pm
Original release date: February 24, 2021 | Last revised: February 25, 2021
This joint advisory is the result of a collaborative effort by the cybersecurity authorities of Australia, New Zealand, Singapore, the United Kingdom, and the United States. These authorities are aware of cyber actors exploiting vulnerabilities in Accellion File Transfer Appliance (FTA). This activity has impacted organizations globally, including those in Australia, New Zealand, Singapore, ...Read More
Posted: February 17, 2021, 4:00 pm
Original release date: February 17, 2021 | Last revised: February 18, 2021
This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques.
This joint advisory is the result of analytic efforts among the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Treasury (Treasury) to highlight the c...Read More
Posted: February 11, 2021, 7:15 pm
Original release date: February 11, 2021 | Last revised: February 12, 2021
On February 5, 2021, unidentified cyber actors obtained unauthorized access to the supervisory control and data acquisition (SCADA) system at a U.S. drinking water treatment facility. The unidentified actors used the SCADA system’s software to increase the amount of sodium hydroxide, also known as lye, a caustic chemical, as part of the water treatment process. Water treatment plant personnel immediately noticed...Read More
Posted: January 8, 2021, 4:36 pm
Posted: December 17, 2020, 3:00 pm
Original release date: December 17, 2020 | Last revised: February 8, 2021
The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises of U.S. government agencies, critical infrastructure entities, and private sector organizations by an advanced persistent threat (APT) actor beginning in at least March 2020. This APT actor has demonstrated patience, operational security, and complex tradecraft in these intrusions. CISA expects that removing this threat actor from...Read More