×
Why CIS Solutions Join CIS Resources
CIS WorkBench Sign-in CIS WorkBench Sign In CIS Hardened Images CIS Hardened Images Support CIS Support


Why CIS

Who We Are

CIS is an independent, nonprofit organization with a mission to create confidence in the connected world


About Us Leadership Principles Testimonials

Solutions

secure your organization
Secure Your Organization

CIS Controls®

Prioritized & simplified best practices

CIS Controls Community

Help develop and maintain the Controls

CIS RAM

Information security risk assessment method

CIS CSAT

Assess & measure Controls implementation
secure specific platforms
Secure Specific Platforms

CIS Benchmarks

100+ vendor-neutral configuration guides

CIS Benchmarks Community

Develop & update secure configuration guides

CIS-CAT®

Assess system conformance to CIS Benchmarks

CIS Hardened Images®

Virtual images hardened to CIS Benchmarks
cis securesuite CIS SecureSuite®

Start secure and stay secure with integrated cybersecurity tools and resources designed to help you implement CIS Benchmarks and CIS Controls

Learn More      Apply Now  
u s state local tribal and territorial governments
U.S. State, Local, Tribal & Territorial Governments

Memberships
MS-ISAC®

Cybersecurity resource for SLTT Governments

EI-ISAC®

Election-focused cyber defense suite

Services for Members
Albert Network Monitoring®

Cost-effective Intrusion Detection System

Managed Security Services

Security monitoring of enterprises devices

CIS Endpoint Security Services

Device-level protection and response

CIS CyberMarket®

Savings on training and software

Malicious Domain Blocking & Reporting

Prevent Connection to harmful web domains

View All CIS Services  
View All Products & Services  

Join CIS

Get Involved

Join CIS as a member, partner, or volunteer - or explore our career opportunities


CIS SecureSuite® Membership Multi-State ISAC (MS-ISAC®) Elections Infrastructure ISAC (EI-ISAC®) CIS CyberMarket® Vendors CIS Communities Careers

Resources

resources
Resources

Blog Advisories Newsletters Press Releases In The News Elections Resources
learn
Learn

White Papers Webinars Case Studies Spotlights
filter by topic
Filter by Topic

CIS Benchmarks CIS Controls® CIS Hardened Images® CIS Services® MS-ISAC® EI-ISAC®
View All Resources  
CIS Logo Show Search Expand Menu
Image of two men reading manual

Cybersecurity Threats

The CIS® and MS-ISAC® cybersecurity professionals analyze risks and alert members to current online security threats.

Alert Level: GUARDED
Low
Guarded
Elevated
High
Severe
Learn More Arrow

Our MS-ISAC Advisories

Advisories Released (Last 12 Months)

Monthly Advisory Count November 2021

 
 

Hot Topic

   
In Q2 2019 the MS-ISACobserved a 55% increase in the quantity of reported breaches when compared to the previous quarter and 53% decrease year to year. The significant decrease year to year is attributed to the absence of third-party breaches affecting multiple educational entities. The education sector experienced the most breaches, accounting for 71% of the breaches in Q2. The most prolific identified vector in Q2 was phishing, accounting for a combined 30% of reported breaches. The MS-ISAC did not identify any reports of W2 phishing scams affecting SLTT governments in Q2 2019, scams of this nature typically phase out in the second half the year.

Top Malware Last Month

  1. Shlayer
  2. CoinMiner
  3. NanoCore
  4. Agent Tesla
  5. Jupyter
  6. Hupigon
  7. ZeuS
  8. Blaknight
  9. CryptoWall
  10. ZLoader
Advisory icon

Latest advisory

Last Advisory 01 Dec 2021

A Vulnerability in HP Printer Products Could Allow for Arbitrary Code Execution. MS-ISAC ADVISORY NUMBER: 2021-151 DATE(S) ISSUED: 12/01/2021 OVERVIEW:…

A Vulnerability in HP Printer Products Could Allow for Arbitrary Code Execution.

Read the Details Arrow

Take Control of Your Organization's Security

ms-isac-office

The information on this page is maintained by our Security Operations Center, which is part of MS-ISAC and EI-ISAC.

Are you an employee at a U.S. state, territorial, local, or tribal government? Join MS-ISAC for more detailed analysis and information sharing.

Arrow Join MS-ISAC

The EI-ISAC is open to U.S. SLTT government organizations that support the elections officials of the United States, and associations thereof.

Arrow Join EI-ISAC

Interested in a particular platform?

Arrow See our CIS Benchmarks for Secure Platforms

Explanation of the Current Alert Level of GUARDED

The alert level is the overall current threat level.

Read more about our approach. Arrow

On December 1, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded). Although the MS-ISAC did not release an advisory this past week, exploitation of known vulnerabilities remains a common attack vector in cyber incidents. Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to continue to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources.

Information Hub

CONTROL: 1 --- ADVISORY CONTROL: 0
Pencil Blog post 02 Dec 2021
CONTROL: 2 --- ADVISORY CONTROL: 0
Pencil Blog post 30 Nov 2021
CONTROL: 3 --- ADVISORY CONTROL: 0
Pencil Blog post 24 Nov 2021
CONTROL: 4 --- ADVISORY CONTROL: 0
Pencil Blog post 23 Nov 2021