tagline: Confidence in the Connected World
CIS Logo
HomeCybersecurity Threats
Image of two men reading manual

Cybersecurity Threats

The CIS and MS-ISAC cybersecurity professionals analyze risks and alert members to current online security threats.


Our MS-ISAC Advisories

Advisories Released (Last 12 Months)

*Microsoft did not release Patch Tuesday security updates in February 2017

Hot Topic

Source of Reported Data Breaches

Data breaches 2015-2017    

The MS-ISAC observed a nearly 400% increase in reported data breaches in Q1 2017. This growth is largely due to an increase in breaches from Business Email Compromise (BEC) phishing. Phishing accounted for 90% of reported data breaches in Q1 2017.


Top Malware Last Month

  1. Kovter (Trojan)
  2. Timba (Banking Trojan)
  3. Zues (Banking Trojan)
  4. DNSChanger (DNS Highjacker)
  5. Ponmocup (Downloader)
  6. Hancitor (Downloader)
  7. Cerber (Ransomware)
  8. Fleercivet (Click Fraud)
  9. RIG Exploit Kit (EK)
  10. Urnsif (Banking Trojan)
Advisory icon

Latest advisory

Last Advisory 25 May 2017

A Vulnerability in Samba Could Allow for Remote Code Execution MS-ISAC ADVISORY NUMBER: 2017-050 DATE(S) ISSUED: 05/25/2017 OVERVIEW: A vulnerability…

A Vulnerability in Samba Could Allow for Remote Code Execution

Read the Details Arrow

Take Control of Your Organization's Security


The information on this page is maintained by our Security Operations Center, which is part of MS-ISAC

Are you an employee at a U.S. state, territorial, local, or tribal government? Join MS-ISAC for more detailed analysis and information sharing.

Arrow Join MS-ISAC

Interested in a particular platform?

Arrow See our CIS Benchmarks for Secure Platforms

Explanation of the Current Alert Level of GUARDED

The alert level is the overall current threat level.

Read more about our approach. Arrow

On May 24, 2017, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded), due a vulnerability affecting JBoss Application Server. On May 24, 2017, the MS-ISAC released an advisory for a vulnerability in the JBoss Application Server, which could allow for remote code execution. Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to continue to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources.