Attacks

CISA released three (3) Industrial Control Systems (ICS) advisories on February 23, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-23-054-01 PTC ThingWorx Edge ICSA-22-333-04 Moxa UC Series (Update A) ICSMA-23-047-01 BD Alaris Infusion Central (Update A)  Please share your thoughts. We recently updated our anonymous Product Feedback; we’d welcome your feedback.

Today, CISA retired US-CERT and ICS-CERT, integrating CISA’s operational content into a new CISA.gov website that better unifies CISA’s mission. CISA will continue to be responsible for coordinating cybersecurity programs within the U.S. government to protect against malicious cyber activity, including activity related to industrial control systems. In keeping with this responsibility, CISA will continue responding to incidents, providing technical assistance, and disseminating timely notifications of cyber threats and vulnerabilities. Visit the new CISA.gov today!…

CISA assesses that the United States and European nations may experience disruptive and defacement attacks against websites in an attempt to sow chaos and societal discord on February 24, 2023, the anniversary of Russia’s 2022 invasion of Ukraine. CISA urges organizations and individuals to increase their cyber vigilance in response to this potential threat. In response to the heightened geopolitical tensions resulting from Russia’s full-scale invasion of Ukraine, CISA maintains public cybersecurity resources, including Shields…

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2022-36537 ZK Framework AuUploader Unspecified Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses a significant risk to the federal enterprise. Note: To view other newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column—which will sort by descending dates. Binding Operational Directive (BOD)…

Today, CISA released a Cybersecurity Advisory, CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks. This advisory describes a red team assessment of a large critical infrastructure organization with a mature cyber posture. CISA is releasing this Cybersecurity Advisory (CSA) detailing the red team’s tactics, techniques, and procedures (TTPs) and key findings to provide network defenders proactive steps to reduce the threat of similar activity from malicious cyber actors.     As…

CISA released three Industrial Control Systems (ICS) advisories on February 28, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.      CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations:   ICSA-23-059-01 Hitachi Energy Gateway Station ICSA-23-059-02 Hitachi Energy Gateway Station ICSA-22-139-01 Mitsubishi Electric MELSEC iQ-F Series (Update B) Please share your thoughts. We recently updated our anonymous Product Feedback Survey and we’d…

Today, CISA released Decider, a free tool to help the cybersecurity community map threat actor behavior to the MITRE ATT&CK framework. Created in partnership with the Homeland Security Systems Engineering and Development Institute™ (HSSEDI) and MITRE, Decider helps make mapping quick and accurate through guided questions, a powerful search and filter function, and a cart functionality that lets users export results to commonly used formats. Network defenders, analysts, and researchers can see CISA’s video, fact…