Cybersecurity Government Intelligence Reports

Dec 13, 2022
APT5 has demonstrated capabilities against Citrix® Application Delivery Controller™ (ADC™) deployments (“Citrix ADCs”).
Sep 20, 2023
In August 2023, vulnerabilities to the health sector have been released that require attention. This includes the monthly Patch Tuesday vulnerabilities released by several vendors on the second Tuesday of each month, along with mitigation steps and patches.
Sep 18, 2023
Cisco Talos has published an open-source report regarding the North Korean state-sponsored actor, the Lazarus Group, reported to be targeting internet backbone infrastructure and healthcare entities in Europe and the United States.
Sep 18, 2023
This document refines and clarifies the CDM Program’s Identity and Access Management (IDAM) scope by providing a reference for how CDM IDAM capabilities may integrate into an agency’s ICAM architecture. A description of the federal ICAM practice area, including how ICAM services and components…
Sep 13, 2023
Threats from synthetic media, such as deepfakes, present a growing challenge for all users of modern technology and communications, including National Security Systems (NSS), the Department of Defense (DoD), the Defense Industrial Base (DIB), and national critical infrastructure owners and…
Aug 16, 2023
This white paper outlines Chinese cyber threat actors who are known to target the U.S. public health and private health sector entities in cyberspace.
Aug 4, 2023
Rhysida is a new ransomware-as-a-service (RaaS) group that has emerged since May 2023. The group drops an eponymous ransomware via phishing attacks and Cobalt Strike to breach targets’ networks and deploy their payloads.
Aug 3, 2023
This advisory provides details on the Common Vulnerabilities and Exposures (CVEs) routinely and frequently exploited by malicious cyber actors in 2022 and the associated Common Weakness Enumeration(s) (CWE).
Jul 27, 2023
SUMMARY The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security Agency (NSA) are releasing this joint Cybersecurity Advisory to warn vendors, designers, and developers of web…