Cyber Threat Advisory
Cyber Threat Updates
- New BLUFFS Bluetooth Attack Expose Devices to Adversary-in-the-Middle Attacks
New research has unearthed multiple novel attacks that break Bluetooth Classic's forward secrecy and future secrecy guarantees, resulting in adversary-in-the-middle (AitM) scenarios between two a …
- Make a Fresh Start for 2024: Clean Out Your User Inventory to Reduce SaaS Risk
As work ebbs with the typical end-of-year slowdown, now is a good time to review user roles and privileges and remove anyone who shouldn’t have access as well as trim unnecessary permissions. In addit …
- New P2PInfect Botnet MIPS Variant Targeting Routers and IoT Devices
Cybersecurity researchers have discovered a new variant of an emerging botnet called P2PInfect that's capable of targeting routers and IoT devices. The latest version, per Cado Security …
- LogoFAIL: UEFI Vulnerabilities Expose Devices to Stealth Malware Attacks
The Unified Extensible Firmware Interface (UEFI) code from various independent firmware/BIOS vendors (IBVs) has been found vulnerable to potential attacks through high-impact flaws in image parsing li …
- Microsoft Warns of Malvertising Scheme Spreading CACTUS Ransomware
Microsoft has warned of a new wave of CACTUS ransomware attacks that leverage malvertising lures to deploy DanaBot as an initial access vector. The DanaBot infections led to "hands-on-keyboard ac …
MS-ISAC Updates
- The LLM Misinformation Problem I Was Not Expecting
Kathleen Moriarty discusses an unexpected LLM misinformation problem: students incorporating non-vetted AI results into their assignments.
- CIS Hardened Images Now in Microsoft Azure Marketplace
Microsoft Azure is a major cloud provider of virtual machine images – and one of four where the Center for Internet Security offers CIS Hardened Images.
- How CIS Can Help You Enact Defense-in-Depth in the Cloud
In a previous post, we introduced the concept of defense-in-depth and explained how it strengthens an enterprise’s security program against a
- CIS Benchmarks November 2023 Update
Here is an overview of the CIS Benchmarks that the Center for Internet Security updated or released for November 2023.
- Who Is CIS?
At CIS, we are innovators in developing prioritized guidance that is proven to help organizations mitigate cyber risk. Here's how we do it.
Subscribe to receive our monthly “Be Cyber Aware” report focused on regional cyber topics related to the Coastal Cyber District which includes Bryan, Bulloch, Camden, Chatham, Effingham, Glynn, Jenkins, Liberty, Long, McIntosh and Screven counties:
Last updated: 1/21/2023