CISA Advisory Archives

actors, critical, infrastructure, threats, cybersecurity energy infrastructure CISA NSA

CISA’s ‘CI Fortify’ Aims to Secure Critical Infrastructure During Conflicts

Jeffrey Burt | May 6, 2026 | China-nexus cyber espionage, CISA Advisory, Critical Infrastructure Cybersecurity, CyberAv3ngers, energy and utilities, Iran cyber capabilities, network segmentation, public water systems, Salt Typhoon, Telecommunications Security, Volt Typhoon, zero trust

CISA in its "Fortify CI" effort is warning critical infrastructure organizations like those in such sectors as energy, water, telecommunication, and healthcare about cyber threats that come with geopolitical conflicts and urging ...

Security Boulevard

Chinese, A PRC flag flies atop a metal flagpole

China-Backed Groups are Using Massive Botnets in Espionage, Intrusion Campaigns

Jeffrey Burt | April 27, 2026 | BeyondTrust, Botnet Attack, China-linked Hackers, China-nexus cyber espionage, CISA Advisory, Flax Typhoon, IoT botnets, SOHO and IoT device vulnerabilities, Viakoo Labs, Volt Typhoon

China-sponsored threat groups like Salt Typhoon and Flax Typhoon are increasingly relying on multiple massive botnets comprising edge and IoT devices to run their cyber espionage and network intrusion campaigns, CISA and ...

Security Boulevard

Iranian Attackers Are Targeting U.S. Energy, Water Systems, Federal Agencies Say

Jeffrey Burt | April 8, 2026 | CISA Advisory, cyber warfare, CyberAv3ngers, energy and utilities, FBI, Handala, Iran Hacker Groups, Iran-Israel Conflict, operational technologies, plc security, U.S. critical infrastructure, water distribution systems

CISA, the FBI, and other U.S. security agencies are warning that Iran-linked threat groups like CyberAv3ngers are compromising industrial controllers like PLCs to attack critical infrastructure operations in such sectors as water ...

Security Boulevard

PwC review board CISCO Board Onboard with Security

Attackers Have Been Exploiting Cisco SD-WAN Zero-Day Flaw Since 2023

Jeffrey Burt | February 26, 2026 | CISA Advisory, Cisco Systems, Cisco Talos, Five Eyes Intelligence Alliance, Network Security, Privilege Escalation, root access, SD-WAN, zero day exploit attack

Cisco and Five Eyes agencies are alerting organizations to a highly sophisticated attack, where threat actors compromise a Cisco SD-WAN controller via a zero-day flaw, downgrade the device to an earlier software ...

Security Boulevard

Response to CISA Advisory (AA25-343A): Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure

Francis Guibernau | December 10, 2025 | CISA Advisory, Critical Infrastructure, Energy, hacktivism, manufacturing, Resources & Utilities, Russia

AttackIQ has issued recommendations in response to the Cybersecurity Advisory (CSA) released by the Cybersecurity and Infrastructure Security Agency (CISA) on December 9, 2025, which details the ongoing targeting of critical infrastructure ...

AttackIQ

Updated Response to CISA Advisory (AA24-109A): #StopRansomware: Akira Ransomware

Francis Guibernau | November 18, 2025 | #StopRansomware, Akira, Broad-Based Attacks, cisa, CISA Advisory, Ransomware

AttackIQ has released an updated attack graph in response to the recently revised CISA Advisory (AA24-109A) which disseminates Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) associated with the Akira ...

AttackIQ

Response to CISA Advisory (AA25-266A): CISA Shares Lessons Learned from an Incident Response Engagement

Ayelen Torello | September 24, 2025 | Broad-Based Attacks, cisa, CISA Advisory

AttackIQ has released two new assessment templates in response to the CISA Advisory (AA25-266A) published on September 23, 2025. The CSA highlights the lessons learned from an incident response engagement CISA conducted ...

AttackIQ

Response to CISA Advisory (AA25-239A): Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System

Ayelen Torello | September 4, 2025 | china, cisa, CISA Advisory, Earth Estries, FamousSparrow, GhostEmperor, government, Salt Typhoon, technology, telecommunications

In response to the CISA Advisory (AA25-239A), AttackIQ has updated the assessment template that emulates the various post-compromise Tactics, Techniques, and Procedures (TTPs) associated with the Chinese adversary Salt Typhoon and released ...

AttackIQ

Response to CISA Advisory (AA25-212A): CISA and USCG Identify Areas for Cyber Hygiene Improvement After Conducting Proactive Threat Hunt at US Critical Infrastructure Organization

Andrew Costis | August 1, 2025 | CISA Advisory, Critical Infrastructure, cyber hygiene, USCG

In response to the recently published CISA Advisory (AA25-212A), AttackIQ has provided actionable recommendations to help organizations emulate such attacks. These recommendations enable organizations to emulate tactics and techniques, helping to assess ...

AttackIQ

‘FRED’ Security FAIL — Ignored by US Rail for 20 YEARS

BCH vs. SDR, AAR vs. CISA: Railroad industry first warned about this nasty vulnerability in 2005 ...

Security Boulevard

CISA Advisory

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On