Month: January 2023
AA23-025A: Protecting Against Malicious Use of Remote Monitoring and Management Software
Original release date: January 25, 2023 | Last revised: January 26, 2023 Summary The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and [more…]
How to Set Up ModSecurity with Apache on Debian/Ubuntu
ModSecurity was originally designed for Apache web server. It could work with Nginx before version 3.0 but suffered from poor performance. ModSecurity 3.0 (aka libmodsecurity) was [more…]
AA22-249A: #StopRansomware: Vice Society
Original release date: September 6, 2022 | Last revised: September 8, 2022 Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize [more…]
AA22-257A: Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations
Original release date: September 14, 2022 Summary Actions to take today to protect against ransom operations: • Keep systems and software updated and prioritize remediating [more…]
AA22-264A: Iranian State Actors Conduct Cyber Operations Against the Government of Albania
Original release date: September 21, 2022 | Last revised: September 23, 2022 Summary The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security [more…]
AA22-265A: Control System Defense: Know the Opponent
Original release date: September 22, 2022 Summary Traditional approaches to securing OT/ICS do not adequately address current threats. Operational technology/industrial control system (OT/ICS) assets that [more…]
AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization
Original release date: October 4, 2022 | Last revised: October 5, 2022 Summary Actions to Help Protect Against APT Cyber Activity: • Enforce multifactor authentication [more…]
AA22-279A: Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors
Original release date: October 6, 2022 Summary This joint Cybersecurity Advisory (CSA) provides the top Common Vulnerabilities and Exposures (CVEs) used since 2020 by People’s [more…]