US-CERT Alerts

CISA Alerts

Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.

AA20-304A: Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data

Author: CISA
Posted: October 30, 2020, 6:11 pm
Original release date: October 30, 2020 | Last revised: November 3, 2020<br/><h3>Summary</h3><p class="tip-intro" style="font-size: 15px;"><em>This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&amp;CK®) version 8 framework. See the <a href="https://attack.mitre.org/versions/v8/techniques/enterprise/">ATT&amp;CK for Enterprise version 8</a> for all referenced threat actor techniques.</em></p> <p>This joint cybersecurity advisory was coauthored by the Cyb...
Read More

AA20-302A: Ransomware Activity Targeting the Healthcare and Public Health Sector

Author: CISA
Posted: October 28, 2020, 11:07 pm
Original release date: October 28, 2020 | Last revised: November 2, 2020<br/><h3>Summary</h3><p><strong><em>This advisory was updated to include information on Conti, TrickBot, and BazarLoader, including new IOCs and Yara Rules for detection.</em></strong></p> <p class="tip-intro" style="font-size: 15px;"><em>This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&amp;CK®) version 7 framework. See the <a href="https://attack.mitre.org/versions/v7/techniques/...
Read More

AA20-301A: North Korean Advanced Persistent Threat Focus: Kimsuky

Author: CISA
Posted: October 27, 2020, 5:00 pm
Original release date: October 27, 2020<br/><h3>Summary</h3><p class="tip-intro" style="font-size: 15px;"><em>This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&amp;CK®) version 7 framework. See the <a href="https://attack.mitre.org/versions/v7/techniques/enterprise/">ATT&amp;CK for Enterprise version 7</a> for all referenced threat actor tactics and techniques.</em></p> <p>This joint cybersecurity advisory was coauthored by the Cybersecurity and Infras...
Read More

AA20-296B: Iranian Advanced Persistent Threat Actors Threaten Election-Related Systems

Author: CISA
Posted: October 22, 2020, 4:00 pm
Original release date: October 22, 2020<br/><h3>Summary</h3><p>The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are warning that Iranian advanced persistent threat (APT) actors are likely intent on influencing and interfering with the U.S. elections to sow discord among voters and undermine public confidence in the U.S. electoral process.</p> <p>The APT actors are creating fictitious media sites and spoofing legitimate media sites to...
Read More

AA20-296A: Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets

Author: CISA
Posted: October 22, 2020, 12:44 pm
Original release date: October 22, 2020 | Last revised: November 17, 2020<br/><h3>Summary</h3><p class="tip-intro" style="font-size: 15px;"><em>This joint cybersecurity advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&amp;CK®) framework. See the <a href="https://attack.mitre.org/versions/v7/">ATT&amp;CK for Enterprise</a> framework for all referenced threat actor tactics and techniques </em></p> <p>This joint cybersecurity advisory—written by the Federal B...
Read More