CIS Logo
tagline: Confidence in the Connected World
HomeCybersecurity Threats
Image of two men reading manual

Cybersecurity Threats

The CIS and MS-ISAC® cybersecurity professionals analyze risks and alert members to current online security threats.


Our MS-ISAC Advisories

Advisories Released (Last 12 Months)

MS-ISAC Advisories 2017

*Microsoft did not release Patch Tuesday security updates in February 2017

Hot Topic

  Q4 Data. Breaches 2017  
The MS-ISAC identified a record setting number of data breaches in 2017, surpassing the previous record year (2012) by 18%. The MS-ISAC attributes the majority of the growth in identified data breaches to the W-2 phishing variant of the Business Email Compromise (BEC) scam, which targeted tax related data from January through April 2017. In Q4 there was an 80% increase in the quantity of reported breaches when compared to the previous quarter, with Q4 accounting for 21% of 2017’s breaches. Furthermore, K-12 school compromises were approximately 45% of the total breaches in Q4. The education sector has consistently experienced the highest number of breaches when compared to other sectors and in 2017, education accounted for 56.15% of all breaches.

Top Malware Last Month

  1. Kovter
  2. CoinMiner
  3. Emotet
  4. ZeuS/Zbot
  5. NanoCore
  6. Sharik
  7. Ursnif
  8. Gh0st
  9. LatentBot
  10. Pushdo
Advisory icon

Latest advisory

Last Advisory 22 Feb 2018

A Vulnerability in Cisco Unified Communications Domain Manager Could Allow for Remote Code Execution MS-ISAC ADVISORY NUMBER: 2018-021 DATE(S) ISSUED:…

A Vulnerability in Cisco Unified Communications Domain Manager Could Allow for Remote Code Execution

Read the Details Arrow

Take Control of Your Organization's Security


The information on this page is maintained by our Security Operations Center, which is part of MS-ISAC

Are you an employee at a U.S. state, territorial, local, or tribal government? Join MS-ISAC for more detailed analysis and information sharing.

Arrow Join MS-ISAC

Interested in a particular platform?

Arrow See our CIS Benchmarks for Secure Platforms

Explanation of the Current Alert Level of LOW

The alert level is the overall current threat level.

Read more about our approach. Arrow

On February 21, 2018, the Cyber Threat Alert Level was evaluated and is being lowered to Green (Low) due to minimal threats for hacking, malware, or other malicious activity. Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to continue to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources.