2024
- Principles of Operational Technology Cyber Security (Quick Reference Guide)
- Iranian Cyber Actors Targeting Personal Accounts to Support Operations
- People's Republic of China-Linked Actors Compromise Routers and IoT Devices for Botnet Operations
- Secure by Design Alert: Eliminating Cross-Site Scripting Vulnerabilities
- Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure
- #StopRansomware: RansomHub Ransomware
- Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations
- Best Practices For Event Logging and Threat Detection
- #StopRansomware: BlackSuit (Royal) Ransomware
- Secure by Demand Guide: How Software Customers Can Drive a Secure Technology Ecosystem
- North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime's Military and Nuclear Programs
- Secure by Design Alert: Eliminating OS Command Injection Vulnerabilities
- State-Sponsored Russian Media Leverages Meliorator Software for Foreign Malign Influence Activity
- APT40 Advisory: PRC MSS tradecraft in action
- 2024 U.S. Federal Elections: The Insider Threat
- Exploring Memory Safety in Critical Open Source Projects
- Social Engineering Tactics Targeting Healthcare & Public Health Entities and Providers
- Modern Approaches to Network Access Security
- Swatting Prevention and Response Guidance For Election Workers and Law Enforcement
- Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society
- #StopRansomware: Black Basta
- Cyber Criminals Phishing and Smishing US Retail Corporations for Gift Card Fraud
- Cyber Criminals Phishing and Smishing US Retail Corporations for Gift Card Fraud
- Secure by Design Alert: Eliminating Directory Traversal Vulnerabilities in Software
- North Korean Actors Exploit Weak DMARC Security Policies to Mask Spearphishing Efforts
- Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity
- #StopRansomware: Akira Ransomware
- Deploying AI Systems Securely: Best Practices for Deploying Secure and Resilient AI Systems
- Secure by Design Alert: Eliminating SQL Injection Vulnerabilities in Software
- PRC State-Sponsored Cyber Activity: Actions For Critical Infrastructure Leaders
- Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways
- #StopRansomware: Phobos Ransomware
- Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations
- SVR Cyber Actors Adapt Tactics for Initial Cloud Access
- Top Cyber Actions for Securing Water Systems
- Identification and Disruption of the Warzone Remote Access Trojan (RAT)
-
Risk Management for Electronic Ballot Delivery, Marking, and Return
Alert note
In 2020, the Cybersecurity and Infrastructure Security Agency (CISA), U.S. Election Assistance Commission (EAC), Federal Bureau of Investigation (FBI), and National Institute of Standards and Technology (NIST) provided "official use only" guidance to state election officials on the risks associated with electronic ballot delivery, marking, and return. For the 2024 election cycle, CISA, EAC, FBI, and NIST are reclassifying and redistributing this guidance (attached), which remains operative, so that it can be made publicly available and to ensure state officials and policymakers are fully informed of risks associated with electronic ballot return. - Joint Guidance: Identifying and Mitigating Living Off the Land Techniques
- PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure
- Secure by Design Alert: Malicious Cyber Actors Exploiting Insecure SOHO Routers
- Incident Response Guide: Water and Wastewater Sector
- Cybersecurity Guidance: Chinese-Manufactured UAS
- Known Indicators of Compromise Associated with Androxgh0st Malware