Cybersecurity Trends and Solutions

Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders detailing various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see […]

Publications     Documentation     Topics Date Published: February 26, 2025Comments Due: Email Comments to: Author(s) Stephen Quinn (NIST), Nahla Ivy (NIST), Matthew Barrett (CyberESI Consulting Group), Larry Feldman (Huntington Ingalls Industries), Gregory Witte (Huntington Ingalls Industries), Robert Gardner (New World Technology Partners) Announcement The NIST Interagency Report (IR) 8286 series of publications helps practitioners better

CISA Learning, the Cybersecurity and Infrastructure Security Agency (CISA) learning management system, provides cybersecurity and infrastructure security training free of charge to our partners from federal, state, local, tribal, and territorial levels of government, the private sector, our veterans and the general public. Learn More at CISA Learning Source

This best practices guidance is the result of a collaborative effort from CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the United Kingdom National Cyber Security Centre (NCSC-UK), the Australian Cybersecurity Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), and the New Zealand National Cyber Security Centre (NCSC-NZ). It provides

The CISA Cybersecurity Awareness Program is a national public awareness effort aimed at increasing the understanding of cyber threats and empowering the American public to be safer and more secure online. Cybersecurity is a shared responsibility and we each have a part to play. When we all take simple steps to be safer online –

Credit: Yakobchuk_Vasyl/shutterstock.com One cannot pick up a newspaper, watch TV, listen to the radio, or scan the news on the internet without some direct or veiled reference to the lack of information security or intrusions into personal privacy. Many intrusions into government and private-sector systems have exposed sensitive mission, business and personal information. Every day

Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see

Overview All organizations—regardless of size—need to adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets. Sophisticated cyber actors and nation-states exploit vulnerabilities to steal information and money and are developing capabilities to disrupt, destroy, or threaten the delivery of essential services. Implementing organizational cybersecurity best practices requires coordination across

Introduction The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Signals Directorate’s (ASD’s) Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), and New Zealand’s National Cyber Security Centre (NCSC-NZ) warn that People’s Republic of China (PRC)-affiliated threat actors compromised networks of major global telecommunications

CVE-2023-3519 Citrix NetScaler ADC and NetScaler Gateway: 13.1 before 13.1-49.13  13.0 before 13.0-91.13  NetScaler ADC: 13.1-FIPS before 13.1-37.159 12.1-FIPS before 12.1-55.297 12.1-NDcPP before 12.1-55.297 Citrix ADC and Citrix Gateway Security Bulletin for CVE-2023-3519, CVE-2023-3466, CVE-2023-3467 Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells Critical Security Update for NetScaler ADC and NetScaler Gateway CVE-2023-4966 Citrix NetScaler ADC and NetScaler