CIS Logo
tagline: Confidence in the Connected World
HomeCybersecurity Threats
Image of two men reading manual

Cybersecurity Threats

The CIS and MS-ISAC® cybersecurity professionals analyze risks and alert members to current online security threats.

Low
Guarded
Elevated
High
Severe

Our MS-ISAC Advisories

Advisories Released (Last 12 Months)

March17-March18Advisories

 
 

Hot Topic

  Q4 Data. Breaches 2017  
The MS-ISAC identified a record setting number of data breaches in 2017, surpassing the previous record year (2012) by 18%. The MS-ISAC attributes the majority of the growth in identified data breaches to the W-2 phishing variant of the Business Email Compromise (BEC) scam, which targeted tax related data from January through April 2017. In Q4 there was an 80% increase in the quantity of reported breaches when compared to the previous quarter, with Q4 accounting for 21% of 2017’s breaches. Furthermore, K-12 school compromises were approximately 45% of the total breaches in Q4. The education sector has consistently experienced the highest number of breaches when compared to other sectors and in 2017, education accounted for 56.15% of all breaches.
 

Top Malware Last Month

  1. Kovter
  2. Emotet
  3. ZeuS/Zbot
  4. Redyms
  5. TinyLoader
  6. CoinMiner
  7. Gh0st
  8. NanoCore
  9. WannaCry
  10. Cerber
Advisory icon

Latest advisory

Last Advisory 18 Apr 2018

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution MS-ISAC ADVISORY NUMBER: 2018-043 DATE(S) ISSUED: 04/18/2018 OVERVIEW: Multiple…

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

Read the Details Arrow

Take Control of Your Organization's Security


ms-isac-office

The information on this page is maintained by our Security Operations Center, which is part of MS-ISAC

Are you an employee at a U.S. state, territorial, local, or tribal government? Join MS-ISAC for more detailed analysis and information sharing.

Arrow Join MS-ISAC

Interested in a particular platform?

Arrow See our CIS Benchmarks for Secure Platforms

Explanation of the Current Alert Level of GUARDED

The alert level is the overall current threat level.

Read more about our approach. Arrow

On April 18, 2018, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to multiple vulnerabilities in Juniper and Oracle products, and an update to the Drupal core module Cybersecurity Advisory. On April 13, the MS-ISAC updated the Drupal core module advisory, due to reports of CVE-2018-7600 being actively exploited by cyber threat actors. On April 13, the MS-ISAC released an advisory for multiple vulnerabilities in Juniper products, the most severe of which could allow for remote code execution. On April 17, the MS-ISAC released an advisory for multiple vulnerabilities in Oracle products, the most severe of which could allow for remote code execution. Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to continue to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources.