HomeCybersecurity Threats

Cybersecurity Threats

The CIS® and MS-ISAC® cybersecurity professionals analyze risks and alert members to current online security threats.

Timely updates when you need to take action

Subscribe to Advisories
Alert Level: GUARDED
Low
Guarded
Elevated
High
Severe
Learn More

Explanation of the Current Alert Level of GUARDED

The alert level is the overall current threat level.

On January 15, the Cyber Threat Alert Level was evaluated and is being raised to Blue (Guarded) due to vulnerabilities in Ivanti, SonicWall, Adobe, Microsoft, and Fortinet products. On January 9, the MS-ISAC released two advisories. The first advisory was for multiple vulnerabilities in Ivanti products, the most severe of which could allow for remote code execution. The second advisory was for multiple vulnerabilities in SonicOS SSLVPN, the most severe of which could allow for authentication bypass. On January 14, the MS-ISAC released four advisories. The first advisory was for multiple vulnerabilities in Adobe products, the most severe of which could allow for arbitrary code execution. The second advisory was for multiple vulnerabilities in Microsoft products, the most severe of which could allow for remote code execution. The third advisory was for multiple vulnerabilities in Ivanti Avalanche that could allow for authentication bypass. The last advisory was for multiple vulnerabilities in Fortinet products, the most severe of which could allow for remote code execution. On January 15, the MS-ISAC released an advisory for multiple vulnerabilities in Rsync, the most severe of which could allow for remote code execution. Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to continue to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources.

Read more about our approach

Latest Advisory

Multiple Vulnerabilities in Rsync Could Allow for Remote Code Execution
15 Jan 2025
Multiple vulnerabilities have been discovered in Rsync, the most severe of which could allow for remote code execution. Rsync is an open-sou...
Read the details

 

Our MS-ISAC Advisories

Advisories Released (Last 12 Months)

MS-ISAC Advisories - Advisories Released
Monthly Advisories for September 2024

In Q3 2024, the Top 10 Malware observed via the MS-ISAC’s monitoring services changed moderately from the previous quarter. The downloader, SocGholish, continued to lead as the top malware, making up 42% of the list. Following SocGholish were the downloaders LandUpdate808 and ClearFake. This quarter marked the first time the MS-ISAC observed either of these downloaders in its quarterly Top 10 Malware list.

Top Malware Q3 2024
  1. SocGholish
  2. LandUpdate808
  3. ClearFake
  4. ZPHP
  5. Agent Tesla
  6. CoinMiner
  7. Arechclient2
  8. Mirai
  9. NanoCore
  10. Lumma Stealer
Take Control of Your Organization's Security
Security Operations Center

The information on this page is maintained by our Security Operations Center, which is part of MS-ISAC and EI-ISAC.

Information Hub

Blog Post01.14.2025
CIS Benchmarks January 2025 Update
Read More
Webinar01.13.2025
CIS SecureSuite Product Vendor Membership: Enhance Your Product and Service Offerings
Read More
White Paper01.07.2025
CIS Hardware and Software Asset Tracking Spreadsheet — Arabic
Read More
Press Release01.06.2025
CIS Statement on the Passing of Tenable CEO Amit Yoran
Read More