Cyber Threats and Advisories
Sophisticated cyber actors and nation-states exploit vulnerabilities to steal information and money and work to develop capabilities to disrupt, destroy, or threaten the delivery of essential services. Defending against these attacks is essential to maintaining the nation’s security. Any cyber-attack, no matter how small, is a threat to our national security and must be identified, managed, and shut down. Protecting cyber space is everyone's responsibility - individuals and families, small and large businesses, SLTT and federal governments. By preventing attacks or mitigating the spread of an attack as quickly as possible, cyber threat actors lose their power.
CISA diligently tracks and shares information about the latest cybersecurity risks, attacks, and vulnerabilities, providing our nation with the tools and resources needed to defend against these threats. CISA shares up-to-date information about high-impact types of security activity affecting the community at large and in-depth analysis on new and evolving cyber threats. By staying current on threats and risk factors, CISA helps ensure our nation is protected against serious cyber dangers.
Alerts and Advisories
Alerts provide timely information about current security issues, vulnerabilities, and exploits.
Featured Content
CISA's Known Exploited Vulnerabilities Catalog
CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.
How to Use the KEV Catalog
Learn how organizations should use the KEV catalog in their vulnerability management prioritization framework.
StopRansomware
Designed to help public and private organizations defend against the rise in ransomware cases, StopRansomware is a whole-of-government approach that gives one central location for ransomware resources and alerts.
CISA and Partners Issue Fast Flux Cybersecurity Advisory
CISA Update on Treasury Breach
AI Red Teaming: Applying Software TEVV for AI Evaluations
CISA’s ScubaGear Tool Improves Security for Organizations Using M365 and Surpasses 30,000 Downloads
Helpful Resources
Utilize these resources to gain strategies and guidance to protect your cyber space.
AI Cybersecurity Collaboration Playbook
Microsoft Expanded Cloud Logs Implementation Playbook
Guidance and Strategies to Protect Network Edge Devices
Secure by Design Alert: Eliminating Buffer Overflow Vulnerabilities
Services
Explore the cybersecurity services CISA offers to help mitigate risks, respond to incidents, and prevent threats.
Protective Domain Name System (DNS) Resolver
Assessment Evaluation and Standardization Program
Secure Cloud Business Applications (SCuBA) Project
Malware Analysis
Contact CISA Central
CISA Central is the simplest way for critical infrastructure partners and stakeholders to engage with CISA. Please contact Central@cisa.gov.