Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity Alerts & Advisories

Sep 22, 2022

Alert | AA22-265A

Control System Defense: Know the Opponent

May 17, 2022

Alert | AA22-137A

Weak Security Controls and Practices Routinely Exploited for Initial Access

May 11, 2022

Alert | AA22-131A

Protecting Against Cyber Threats to Managed Service Providers and their Customers

Apr 27, 2022

Alert | AA22-117A

2021 Top Routinely Exploited Vulnerabilities

Apr 20, 2022

Alert | AA22-110A

Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure

Mar 24, 2022

Alert | AA22-083A

Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector

Mar 15, 2022

Alert | AA22-074A

Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and ‘PrintNightmare’ Vulnerability

Feb 26, 2022

Alert | AA22-057A

Update: Destructive Malware Targeting Organizations in Ukraine

Jan 11, 2022

Alert | AA22-011A

Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

Advisory Definitions

Cybersecurity Advisory: In-depth reports covering a specific cybersecurity issue, often including threat actor tactics, techniques, and procedures; indicators of compromise; and mitigations.
Alert: Concise summaries covering cybersecurity topics, such as mitigations that vendors have published for vulnerabilities in their products.
ICS Advisory: Concise summaries covering industrial control system (ICS) cybersecurity topics, primarily focused on mitigations that ICS vendors have published for vulnerabilities in their products.
ICS Medical Advisory: Concise summaries covering ICS medical cybersecurity topics, primarily focused on mitigations that ICS medical vendors have published for vulnerabilities in their products.
Analysis Report: In-depth analysis of a new or evolving cyber threat, including technical details and remediations.