CIS Logo
tagline: Confidence in the Connected World
HomeCybersecurity Threats
Image of two men reading manual

Cybersecurity Threats

The CIS and MS-ISAC® cybersecurity professionals analyze risks and alert members to current online security threats.

Low
Guarded
Elevated
High
Severe

Our MS-ISAC Advisories

Advisories Released (Last 12 Months)

Monthly MS-ISAC Advisories

 
 

Hot Topic

  data breaches Q2  
The MS-ISAC identified 28 data breaches in Q2 2018, yielding a decrease of 36% when compared to the previous quarter, while increasing 4% year-to-year. The local sector experienced the most data breaches this quarter, capturing 50% of the total. A series of Click2Gov online bill payment platform data breaches contributed to the rate of affected local sector entities. Furthermore, the education sector continues to experience a high rate of data breaches, absorbing 44% of the total, making it the second most affected entity type this quarter. Phishing and third-party breaches were the most prolific identified attack vectors this quarter, together accounting for 60% of total breaches. The MS-ISAC recommends SLTT governments work with their legal teams in order to ensure appropriate cybersecurity precautions are in place with third-party contractors to mitigate the risk of breaches. Additionally, end user training plays a vital role in reducing the risks associated with phishing emails. Helpful information detailing how to identify phishing emails is available in the June 2018 newsletter.
 

Top Malware Last Month

  1. Emotet
  2. Kovter
  3. ZeuS
  4. NanoCore
  5. Cerber
  6. Gh0st
  7. CoinMiner
  8. Trickbot
  9. WannaCry
  10. Xtrat
Advisory icon

Latest advisory

Last Advisory 14 Aug 2018

Critical Patches Issued for Microsoft Products, August 14, 2018 MS-ISAC ADVISORY NUMBER: 2018-091 DATE(S) ISSUED: 08/14/2018 OVERVIEW: Multiple vulnerabilities have…

Critical Patches Issued for Microsoft Products, August 14, 2018

Read the Details Arrow

Take Control of Your Organization's Security


ms-isac-office

The information on this page is maintained by our Security Operations Center, which is part of MS-ISAC and EI-ISAC.

Are you an employee at a U.S. state, territorial, local, or tribal government? Join MS-ISAC for more detailed analysis and information sharing.

Arrow Join MS-ISAC

The EI-ISAC is open to U.S. SLTT government organizations that support the elections officials of the United States, and associations thereof.

Arrow Join EI-ISAC

Interested in a particular platform?

Arrow See our CIS Benchmarks for Secure Platforms

Explanation of the Current Alert Level of GUARDED

The alert level is the overall current threat level.

Read more about our approach. Arrow

On August 16, 2018, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to multiple vulnerabilities in the Linux Kernel, Oracle Database, Adobe, Microsoft and HP Printer products. On August 9, the MS-ISAC released an advisory for a vulnerability in Linux Kernel which could result in denial of service conditions. On August 13, the MS-ISAC released an advisory for a vulnerability in Oracle Database which could allow for complete compromise. On August 14, the MS-ISAC released an update to an advisory for multiple vulnerabilities in HP Printer products due to a DEFCON presentation on a remote code execution vulnerability in the fax protocol. On August 14, the MS-ISAC also released advisories for multiple vulnerabilities in Adobe Acrobat and Reader, and Microsoft Products, the most severe of which could allow for arbitrary code execution. Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to continue to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources.