Announcements

The following announcements highlight recent cybersecurity news including alerts, threats, vulnerabilities, and malicious activity. They also include up-to-date information on available updates and patches for your operating systems.

Published Oct 31, 2019

On October 31, 2019, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD) identified a Trojan malware variant—referred to as HOPLIGHT—used by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information, visit https://www.us-cert.gov/HiddenCobra

Published Sep 09, 2019

On September 9, 2019, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) identified two malware variants—referred to as ELECTRICFISH and BADCALL—used by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information, visit https://www.us-cert.gov/HiddenCobra.

Published Jul 25, 2019

The Industrial Control Systems Joint Working Group (ICSJWG) is still accepting abstracts for their 2019 Fall Meeting at the Tower Square Hotel Springfield in Springfield, Massachusetts, August 27–29, 2019.

All members of the community are encouraged to submit an abstract by Friday, July 26, 2019 to ICSJWG.Communications@hq.dhs.gov.

 To submit an abstract for a Presentation, Demonstration, Panel, or Booth, complete the Abstract Submission Form available at: https://www.us-cert.gov/ics/Industrial-Control-Systems-Joint-Working-Group-ICSJWG. For those who have submitted an abstract, we thank you! We hope everyone will join us in Springfield, MA as we continue our 10th anniversary celebration.

Published Jul 09, 2019

The Industrial Control Systems Joint Working Group (ICSJWG)—a collaborative and coordinating body for Industrial Control Systems hosted by CISA and driven by the community—is currently accepting abstracts for the 2019 Fall Meeting in Springfield, Massachusetts, August 27–29, 2019. 

To register for the meeting or submit an abstract, please go to https://www.us-cert.gov/ics/Industrial-Control-Systems-Joint-Working-Group-ICSJWG. Call for abstracts closes July 26, 2019! Submit your abstracts to help the ICSJWG membership secure their systems.

Published Jun 25, 2019

The Cybersecurity and Infrastructure Security Agency (CISA) is excited to announce the relaunch of the newly integrated us-cert.gov website! On June 25, us-cert.gov and ics-cert.us-cert.gov were consolidated into a single us-cert.gov site—a comprehensive, easy-to-navigate website with an updated look and feel.

The updated site includes changes to enhance the functionality of the site for mobile device users and changes to the site’s navigation to make it easier for you to find the information you need—including industrial control systems (ICS)-related information. This is a key step for us as we prepare to unify CISA’s websites to streamline how you access our services and information.  We also see this as an important step to helping CISA reinvigorate and deepen our partnerships across the information security and ICS security landscape, while empowering our partners to mitigate ICS risk.

The us-cert.gov and ics-cert.us-cert.gov websites have provided CISA stakeholders with cybersecurity and ICS security products to help you accomplish your security mission. Our stakeholders—like you—have traditionally used these sites to share information with us, such as reporting vulnerabilities, cybersecurity incidents, and malware. With the launch of the consolidated website, none of that changes.

All products previously published on us-cert.gov and ics-cert.us-cert.gov will remain the same, and you will still be able to access the same information and report vulnerabilities, incidents, and malware.

Thank you for your support as we relaunch the consolidated us-cert.gov website! If you have any questions, email info@us-cert.gov.

 

Published May 21, 2019

On May 21, 2019, the Cybersecurity and Infrastructure Security Agency (CISA) released Best Practices for Securing Election Systems to aid election organizations in hardening enterprise networks and strengthening election infrastructure, at little or no cost. Additionally, CISA released an Election Infrastructure Questionnaire to assist with organizational documentation of election infrastructure cybersecurity posture and to identify key interdependencies.

Published May 09, 2019

On May 9, 2019, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) identified a malware variant—referred to as ELECTRICFISH—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information, visit https://www.us-cert.gov/HiddenCobra.

Published Apr 10, 2019

On April 10, 2019, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) identified a Trojan malware variant—referred to as HOPLIGHT—used by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information, visit https://www.us-cert.gov/HiddenCobra.

Published Jan 30, 2019

The Cybersecurity and Infrastructure Security Agency (CISA) will conduct virtual awareness briefings from 1–2 p.m. on February 6 and February 22 about Chinese malicious cyber activity targeting managed service providers (MSPs). To register, or for more information, visit https://www.us-cert.gov/ccubedvp/events.

Published Dec 20, 2018

On December 20, 2018, the U.S. Government announced that a group of Chinese cyber actors associated with the Chinese government have carried out a campaign of cyber-enabled theft targeting global information technology (IT) service providers and their customers. Over the past four years, these actors have gained access to multiple U.S. and global IT service providers and their customers. For more information related to this activity, go to https://www.us-cert.gov/china.