HomeCybersecurity Threats

Cybersecurity Threats

The CIS® and MS-ISAC® cybersecurity professionals analyze risks and alert members to current online security threats.

Timely updates when you need to take action

Subscribe to Advisories
Alert Level: GUARDED
Low
Guarded
Elevated
High
Severe
Learn More

Explanation of the Current Alert Level of GUARDED

The alert level is the overall current threat level.

On April 17, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to vulnerabilities in Google, Palo Alto, Mozilla, and Google products. On April 10, the MS-ISAC released an advisory for multiple vulnerabilities in Google Chrome, the most severe of which could allow for arbitrary code execution. On April 12, the MS-ISAC released an advisory for a vulnerability in Palo Alto PAN-OS that could allow for arbitrary code execution. On April 16, the MS-ISAC released an advisory for multiple vulnerabilities in Mozilla products, the most severe of which could allow for arbitrary code execution. On April 17, the MS-ISAC released an advisory for multiple vulnerabilities in Google Chrome, the most severe of which could allow for remote code execution. Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to continue to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources.

Read more about our approach

Latest Advisory

Oracle Quarterly Critical Patches Issued April 16, 2024
17 Apr 2024
Multiple vulnerabilities have been discovered in Oracle products, the most severe of which could allow for remote code execution.
Read the details

 

Our MS-ISAC Advisories

Advisories Released (Last 12 Months)

Monthly Advisory for March 2024 

Monthly Advisory for March 2024

In Q4 2023, the Top 10 Malware observed at the Multi-State Information Sharing and Analysis Center (MS-ISAC®) changed slightly from the previous quarter. Arechclient2 climbed from eighth to the second spot, while ReverseRAT and Pegasus replaced Fake Browser and Ratenjay. This was Pegasus’s first appearance on the Top 10 Malware list. SocGholish was the most observed malware in Q4 again, comprising 60% of Top 10 Malware incidents. SocGholish maintained its top position by leveraging fake browser updates. Additionally, the second and third most prevalent malware were .Net-based Remote Access Trojans (RATs).

Top Malware Q4 2023
  1. SocGholish
  2. Arechclient2
  3. Agent Tesla
  4. CoinMiner
  5. NanoCore
  6. RogueRaticate
  7. ViperSoftX
  8. ReverseRAT
  9. Gh0st
  10. Pegasus
Take Control of Your Organization's Security
Security Operations Center

The information on this page is maintained by our Security Operations Center, which is part of MS-ISAC and EI-ISAC.

Information Hub

Press Release04.17.2024
Center for Internet Security Partners with State and Federal Cyber Experts to Offer Security Solutions for K-12 Schools
Read More
Blog Post04.15.2024
CIS Benchmarks April 2024 Update
Read More
Blog Post04.15.2024
CIS Benchmarks Volunteer Spotlight: Pierluigi Falcone
Read More
Blog Post04.15.2024
Balancing Your Healthcare Cybersecurity & Compliance Efforts
Read More