HomeCybersecurity Threats

Cybersecurity Threats

The CIS® and MS-ISAC® cybersecurity professionals analyze risks and alert members to current online security threats.

Timely updates when you need to take action

Subscribe to Advisories
Alert Level: GUARDED
Low
Guarded
Elevated
High
Severe
Learn More

Explanation of the Current Alert Level of GUARDED

The alert level is the overall current threat level.

On May 25, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to vulnerabilities in VMware, Firefox, and Google products. On May 18, the MS-ISAC released an advisory for a vulnerability in VMware products that could allow for authentication bypass. On May 20, the MS-ISAC released an advisory for multiple vulnerabilities in Mozilla products, the most severe of which could allow for arbitrary code execution. On May 25, the MS-ISAC released an advisory for multiple vulnerabilities in Google Chrome, the most severe of which could allow for arbitrary code execution. Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to continue to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources.

Read more about our approach

Latest Advisory

Multiple Vulnerabilities in Firefox Products Could Allow for Arbitrary Code Execution
25 May 2022
Multiple vulnerabilities have been discovered in Mozilla Firefox Products, the most severe of which could allow for arbitrary code execution. M...
Read the details
Our MS-ISAC Advisories

Advisories Released (Last 12 Months)

Monthly Advisory Count April 2022 

Hot Topic
Hot Topic

In Q2 2019 the MS-ISACobserved a 55% increase in the quantity of reported breaches when compared to the previous quarter and 53% decrease year to year. The significant decrease year to year is attributed to the absence of third-party breaches affecting multiple educational entities. The education sector experienced the most breaches, accounting for 71% of the breaches in Q2. The most prolific identified vector in Q2 was phishing, accounting for a combined 30% of reported breaches. The MS-ISAC did not identify any reports of W2 phishing scams affecting SLTT governments in Q2 2019, scams of this nature typically phase out in the second half the year.

Top Malware Last Month
  1. Shlayer
  2. CoinMiner
  3. NanoCore
  4. Agent Tesla
  5. Jupyter
  6. Hupigon
  7. ZeuS
  8. Blaknight
  9. CryptoWall
  10. ZLoader
Take Control of Your Organization's Security
Security Operations Center

The information on this page is maintained by our Security Operations Center, which is part of MS-ISAC and EI-ISAC.

Information Hub

Blog Post05.25.2022
What SLTTs Should Know About the FREE CIS SecureSuite Membership
Read More
Blog Post05.20.2022
Defining Reasonable Security with a Risk Assessment Method
Read More
Blog Post05.19.2022
CIS Will Be Back at RSA Conference in 2022
Read More
Webinar05.18.2022
CIS RAM v2 1 for Implementation Group 3 IG3 Workshop
Read More