Cybersecurity Threats

The CIS® and MS-ISAC® cybersecurity professionals analyze risks and alert members to current online security threats.

Timely updates when you need to take action

Subscribe to Advisories
Low
Guarded
Elevated
High
Severe

Explanation of the Current Alert Level of GUARDED

The alert level is the overall current threat level.

On February 14, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to vulnerabilities in Google, Fortinet, Microsoft, and Adobe products. On February 8, the MS-ISAC released an advisory for multiple vulnerabilities in Google Android OS, the most severe of which could allow for remote code execution. On February 9, the MS-ISAC released an advisory for multiple vulnerabilities in Fortinet’s FortiOS and FortiProxy, the most severe of which could allow for remote code execution. On February 13, the MS-ISAC released two advisories. The first advisory was for multiple vulnerabilities in multiple Microsoft products, the most severe of which could allow for remote code execution. The second advisory was for multiple vulnerabilities in multiple Adobe products, the most severe of which could allow for arbitrary code execution. Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to continue to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources.

Read more about our approach

Latest Advisory

Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
13 Feb 2024
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution for the follow...
Read the details

 

Our MS-ISAC Advisories

Advisories Released (Last 12 Months)

Monthly Advisory for January 2024 

Monthly Advisory for January 2024

In Q2 2023, the malware on the Top 10 list remained consistent with the previous quarter, with most strains simply switching spots. CoinMiner took the number one spot in Q2, comprising 24% of Top 10 Malware incidents detected by the MS-ISAC during that time. NanoCore, ZeuS, and ViperSoftX activity increased, while Agent Tesla and Gh0st activity decreased. Additionally, although Laplas is in the same spot at eighth place, its activity increased by 2%.

Top Malware Q2 2023
  1. CoinMiner
  2. NanoCore
  3. ZeuS
  4. ViperSoftX
  5. Agent Tesla
  6. Ratenjay
  7. Gh0st
  8. Laplas
  9. DarkVision
  10. Amadey
Take Control of Your Organization's Security
Security Operations Center

The information on this page is maintained by our Security Operations Center, which is part of MS-ISAC and EI-ISAC.