The Cybersecurity & Infrastructure Security Agency (CISA), in tandem with the FBI and National Security Agency, issued a Cybersecurity Advisory on January 22, 2022, to warn organizations, and especially critical infrastructure operators, to be on heightened alert that Russian state-sponsored cyber operations may again use the tensions with the U.S. to attack U.S. companies.

The

On December 6, 2021, the Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) updated a previously issued Alert entitled APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus. According to the Alert, the newly-identified vulnerability is being actively exploited by advanced persistent threat actors and is considered critical.

The vulnerability

The Cybersecurity & Infrastructure Security Agency (CISA) and the FBI issued a joint Alert this week, entitled “Reminder for Critical Infrastructure to Stay Vigilant Against Threats During Holidays and Weekends” outlining “actions that executives, leaders and workers in any organization can take proactively to protect themselves against cyberattacks, including possible ransomware attacks, during the upcoming

The FBI issued a Private Industry Notification on November 2, 2021, warning companies that “ransomware actors are very likely using significant financial events, such as mergers and acquisitions, to target and leverage victim companies for ransomware infections.”

According to the Notification, ransomware actors are researching publicly available information to pick targets they believe may be

On September 22, 2021, the Federal Bureau of Investigations (FBI), the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) issued a cybersecurity advisory alerting companies to the threat of Conti ransomware.

According to the advisory, CISA and the FBI are aware of more than 400 attacks of Conti ransomware against both

On August 25, 2021, the FBI issued a Flash Alert to warn companies, especially in the health care industry, about the proliferation of attacks by threat actors using Hive ransomware.

According to the Flash Alert, Hive was first observed in June 2021: “Hive ransomware uses multiple mechanisms to compromise business networks, including phishing emails with

On July 28, 2021, the Cybersecurity & Infrastructure Security Agency (CISA) issued a cybersecurity alert entitled “Top Routinely Exploited Vulnerabilities” in collaboration with the Australian Cyber Security Centre, the United Kingdom’s National Cyber Security Centre, and the FBI.

The Alert concludes that cyber criminals are exploiting vulnerabilities in unpatched systems, but that many of the

On July 19, 2021, the Federal Bureau of Investigations issued a Private Industry Notification to service providers and “entities associated with the Tokyo 2020 Summer Olympics that cyber actors who wish to disrupt the event could use distributed denial of service (DDoS) attacks, ransomware, social engineering, phishing campaigns, or insider threats to block or disrupt

I love seeing another win for law enforcement in the cyber context.

Servers and web domains owned by DoubleVPN, a virtual private network, were seized recently following a collaborative law enforcement effort involving the Dutch National Police, the FBI, Europol, and the U.K.’s National Crime Agency.

DoubleVPN is a security tool that has been used