Entries by

,

40 Best New Fonts of 2022

Choosing the right typefaces for your website can elevate a design from dour to delightful. The right typeface gives personality to your brand voice and can make sure your content gets read. And so, every month, we put together a roundup of the best new fonts for web designers. In this roundup of the year, […]

26 December 2022 by
, ,

AA22-335A: #StopRansomware: Cuba Ransomware

Original release date: December 1, 2022 | Last revised: January 5, 2023 Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce phishing-resistant multifactor authentication. Note: This joint Cybersecurity Advisory (CSA) is part of an […]

1 December 2022 by
, ,

AA22-321A: #StopRansomware: Hive Ransomware

Original release date: November 17, 2022 | Last revised: November 25, 2022 Summary Actions to Take Today to Mitigate Cyber Threats from Ransomware: • Prioritize remediating known exploited vulnerabilities. • Enable and enforce multifactor authentication with strong passwords • Close unused ports and remove any application not deemed necessary for day-to-day operations. Note: This joint […]

17 November 2022 by
, ,

AA22-320A: Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester

Original release date: November 16, 2022 | Last revised: November 25, 2022 Summary From mid-June through mid-July 2022, CISA conducted an incident response engagement at a Federal Civilian Executive Branch (FCEB) organization where CISA observed suspected advanced persistent threat (APT) activity. In the course of incident response activities, CISA determined that cyber threat actors exploited […]

16 November 2022 by
, ,

AA22-294A: #StopRansomware: Daixin Team

Original release date: October 21, 2022 | Last revised: October 26, 2022 Summary Actions to take today to mitigate cyber threats from ransomware: • Install updates for operating systems, software, and firmware as soon as they are released. • Require phishing-resistant MFA for as many services as possible. • Train users to recognize and report […]

21 October 2022 by
, ,

AA22-279A: Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors

Original release date: October 6, 2022 Summary This joint Cybersecurity Advisory (CSA) provides the top Common Vulnerabilities and Exposures (CVEs) used since 2020 by People’s Republic of China (PRC) state-sponsored cyber actors as assessed by the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI). PRC state-sponsored cyber […]

6 October 2022 by
, ,

AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization

Original release date: October 4, 2022 | Last revised: October 5, 2022 Summary Actions to Help Protect Against APT Cyber Activity: • Enforce multifactor authentication (MFA) on all user accounts. • Implement network segmentation to separate network segments based on role and functionality. • Update software, including operating systems, applications, and firmware, on network assets. […]

4 October 2022 by
, ,

AA22-265A: Control System Defense: Know the Opponent

Original release date: September 22, 2022 Summary Traditional approaches to securing OT/ICS do not adequately address current threats. Operational technology/industrial control system (OT/ICS) assets that operate, control, and monitor day-to-day critical infrastructure and industrial processes continue to be an attractive target for malicious cyber actors. These cyber actors, including advanced persistent threat (APT) groups, target […]

22 September 2022 by
, ,

AA22-264A: Iranian State Actors Conduct Cyber Operations Against the Government of Albania

Original release date: September 21, 2022 | Last revised: September 23, 2022 Summary The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory to provide information on recent cyber operations against the Government of Albania in July and September. This advisory provides a timeline of […]

21 September 2022 by
, ,

AA22-257A: Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations

Original release date: September 14, 2022 Summary Actions to take today to protect against ransom operations: • Keep systems and software updated and prioritize remediating known exploited vulnerabilities. • Enforce MFA. • Make offline backups of your data. This joint Cybersecurity Advisory (CSA) is the result of an analytic effort among the Federal Bureau of […]

14 September 2022 by