Cybersecurity Government Intelligence Reports
The ºÚÁÏÕýÄÜÁ¿ Association (AHA) Cybersecurity and Risk Advisory Service share cybersecurity government intelligence reports that are vital to the security of hospitals and health systems.
The "Miracle Exploit" refers to a set of critical vulnerabilities in Oracle products, primarily affecting Oracle Fusion Middleware and its ADF Faces framework, which is used to build web interfaces for Java EE applications.
OverviewAs outlined in CISA’s Secure by Design initiative, software manufacturers should ensure that security is a core consideration from the onset of software development. This voluntary guidance provides an overview of product security bad practices that are deemed exceptionally risky,…
(U//FOUO) Scope(U//FOUO) This Joint Intelligence Bulletin (JIB) highlights the potential for violent extremists and hate crime perpetrators to take action in the United States in response to the one-year anniversary of the HAMAS attacks on Israel on 7 October 2023.a,b We advise federal, state,…
The continuity of vital services relies on critical infrastructure organizations ensuring the cyber security and safety of their OT.
Malvertising is a cyberattack method where legitimate advertising networks are infiltrated with malicious advertisements.
The Federal Bureau of Investigation, Cybersecurity and Infrastructure Security Agency, and National Security Agency assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate 161st Specialist Training Center (Unit 29155) are responsible for computer network…
Executive Summary Tomcat is one of the most popular and widely-deployed web servers and Java-based application servers in the world, heavily leveraged by the U.S. health sector. Like any other software platform, vulnerabilities in Tomcat are constantly being discovered that can make it open to…
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense Cyber Crime Center (DC3) are releasing this joint Cybersecurity Advisory (CSA) to warn network defenders that, as of August 2024, a group of Iran-based cyber actors…
The Everest ransomware group has been active since 2020, and has engaged in data extortion and ransomware operations, along with initial access broker (IAB) activity.
Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors.