CIS Logo
tagline: Confidence in the Connected World
Image of two men reading manual

Cybersecurity Threats

The CIS® and MS-ISAC® cybersecurity professionals analyze risks and alert members to current online security threats.

Low
Guarded
Elevated
High
Severe

Our MS-ISAC Advisories

Advisories Released (Last 12 Months)

 
 

Hot Topic

  DataBreach-q4  
In Q4 the MS-ISAC observed a 27% decrease in the number of reported breaches when compared to the previous quarter and 56% decrease year to year. The state and education sectors experienced an equal number of breaches, accounting for 76% of the breaches in Q4. The most prolific vector in Q4 was misconfigured servers resulting in the exposure of data.

Top Malware Last Month

  1. Emotet
  2. Kovter
  3. ZeuS
  4. NanoCore
  5. Cerber
  6. Gh0st
  7. CoinMiner
  8. Trickbot
  9. WannaCry
  10. Xtrat
Advisory icon

Latest advisory

Last Advisory 12 Mar 2019

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution MS-ISAC ADVISORY NUMBER: 2019-030 DATE(S) ISSUED: 03/12/2019 OVERVIEW: Multiple…

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

Read the Details Arrow

Take Control of Your Organization's Security


ms-isac-office

The information on this page is maintained by our Security Operations Center, which is part of MS-ISAC and EI-ISAC.

Are you an employee at a U.S. state, territorial, local, or tribal government? Join MS-ISAC for more detailed analysis and information sharing.

Arrow Join MS-ISAC

The EI-ISAC is open to U.S. SLTT government organizations that support the elections officials of the United States, and associations thereof.

Arrow Join EI-ISAC

Interested in a particular platform?

Arrow See our CIS Benchmarks for Secure Platforms

Explanation of the Current Alert Level of GUARDED

The alert level is the overall current threat level.

Read more about our approach. Arrow

On March 7, 2019, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to vulnerabilities in Adobe and Google products. On March 1, the MS-ISAC released an advisory for a vulnerability in Adobe ColdFusion, which could allow for arbitrary code execution. On March 4, the MS-ISAC released an advisory for a vulnerability in Google Chrome, which could allow for arbitrary code execution. On March 5, the MS-ISAC released an advisory for multiple vulnerabilities in Google Android OS, the most severe of which could allow for arbitrary code execution. Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to continue to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources.

Information Hub


CONTROL: 1 --- ADVISORY CONTROL: 0
CONTROL: 2 --- ADVISORY CONTROL: 0

Pencil White paper 14 Mar 2019
CONTROL: 3 --- ADVISORY CONTROL: 0
CONTROL: 4 --- ADVISORY CONTROL: 0