Frequent verification codes may appear for non-Mainland China IP visits. If visitors are severely affected, please send [IP|ASN](18.232.127.73|AS14618) to the bottom mailbox to add to the whitelist

文章列表

2022-12-02 02:04   AA22-335A: #StopRansomware: Cuba Ransomware    #Us-Cert #安全事件 Original release date: December 1, 2022SummaryActions to take today to mitigate cyber threats from ransomware:• Prioritize remediating known exploited vulnerabilities.• Train users to recognize and report phishing attempts.• Enable and enforce phishing-resistant multifactor authentication.Note: This

2022-11-18 01:00   AA22-321A: #StopRansomware: Hive Ransomware    #Us-Cert #安全事件 Original release date: November 17, 2022 | Last revised: November 18, 2022SummaryActions to Take Today to Mitigate Cyber Threats from Ransomware:• Prioritize remediating known exploited vulnerabilities.• Enable and enforce multifactor authentication with strong passwords• Close unused ports and remo

2022-11-16 23:04   AA22-320A: Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester    #Us-Cert #安全事件 Original release date: November 16, 2022 | Last revised: November 17, 2022SummaryFrom mid-June through mid-July 2022, CISA conducted an incident response engagement at a Federal Civilian Executive Branch (FCEB) organization where CISA observed suspected advanced persistent threat (APT) activity. In

2022-10-21 22:29   AA22-294A: #StopRansomware: Daixin Team    #Us-Cert #安全事件 Original release date: October 21, 2022SummaryActions to take today to mitigate cyber threats from ransomware:• Install updates for operating systems, software, and firmware as soon as they are released.• Require phishing-resistant MFA for as many services as possible.• Train users to recognize and

2022-10-07 01:08   AA22-279A: Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors    #Us-Cert #安全事件 Original release date: October 6, 2022SummaryThis joint Cybersecurity Advisory (CSA) provides the top Common Vulnerabilities and Exposures (CVEs) used since 2020 by People’s Republic of China (PRC) state-sponsored cyber actors as assessed by the National Security Agency (NSA), Cybersecurity and Infr

2022-10-05 01:58   AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization    #Us-Cert #安全事件 Original release date: October 4, 2022 | Last revised: October 5, 2022SummaryActions to Help Protect Against APT Cyber Activity:• Enforce multifactor authentication (MFA) on all user accounts.• Implement network segmentation to separate network segments based on role and functionality.• Update softw

2022-09-22 20:55   AA22-265A: Control System Defense: Know the Opponent    #Us-Cert #安全事件 Original release date: September 22, 2022SummaryTraditional approaches to securing OT/ICS do not adequately address current threats. Operational technology/industrial control system (OT/ICS) assets that operate, control, and monitor day-to-day critical infrastructure and industrial processes continu

2022-09-22 01:00   AA22-264A: Iranian State Actors Conduct Cyber Operations Against the Government of Albania    #Us-Cert #安全事件 Original release date: September 21, 2022 | Last revised: September 23, 2022SummaryThe Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory to provide information on recent cyber operations against the G

2022-09-14 23:00   AA22-257A: Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations    #Us-Cert #安全事件 Original release date: September 14, 2022SummaryActions to take today to protect against ransom operations:• Keep systems and software updated and prioritize remediating known exploited vulnerabilities.• Enforce MFA.• Make offline backups of your data.This joint Cybersecurity Advisory (CSA) is the r

2022-09-06 21:00   AA22-249A: #StopRansomware: Vice Society    #Us-Cert #安全事件 Original release date: September 6, 2022SummaryActions to take today to mitigate cyber threats from ransomware:• Prioritize and remediate known exploited vulnerabilities.• Train users to recognize and report phishing attempts.• Enable and enforce multifactor authentication.Note: This joint Cybe

2022-08-16 23:38   AA22-228A: Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite    #Us-Cert #安全事件 Original release date: August 16, 2022SummaryActions for ZCS administrators to take today to mitigate malicious cyber activity:• Patch all systems and prioritize patching known exploited vulnerabilities.• Deploy detection signatures and hunt for indicators of compromise (IOCs).• If ZCS was compromis

2022-08-12 00:00   AA22-223A: #StopRansomware: Zeppelin Ransomware    #Us-Cert #安全事件 Original release date: August 11, 2022SummaryActions to take today to mitigate cyber threats from ransomware:• Prioritize remediating known exploited vulnerabilities.• Train users to recognize and report phishing attempts.• Enable and enforce multifactor authentication.Note: this joint Cybersecurity

2022-08-05 02:10   AA22-216A: 2021 Top Malware Strains    #Us-Cert #安全事件 Original release date: August 4, 2022SummaryImmediate Actions You Can Take Now to Protect Against Malware:• Patch all systems and prioritize patching known exploited vulnerabilities.• Enforce multifactor authentication (MFA).• Secure Remote Desktop Protocol (RDP) and other risky services.• Make offl

2022-07-06 22:00   AA22-187A: North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector    #Us-Cert #安全事件 Original release date: July 6, 2022SummaryThe Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of the Treasury (Treasury) are releasing this joint Cybersecurity Advisory (CSA) to provide information on Maui ransomware, which has been

2022-07-01 01:00   AA22-181A: #StopRansomware: MedusaLocker    #Us-Cert #安全事件 Original release date: June 30, 2022 | Last revised: July 1, 2022SummaryActions to take today to mitigate cyber threats from ransomware:• Prioritize remediating known exploited vulnerabilities.• Train users to recognize and report phishing attempts.• Enable and enforce multifactor authentication.Not

By QianX.in