Skip to main content
U.S. flag

An official website of the United States government

Here’s how you know

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

HTTPS

Secure .gov websites use HTTPS
A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity & Infrastructure Security Agency
America's Cyber Defense Agency

Search

 
 
  • Topics
    Cybersecurity Best Practices
    Cyber Threats and Advisories
    Critical Infrastructure Security and Resilience
    Election Security
    Emergency Communications
    Industrial Control Systems
    Information and Communications Technology Supply Chain Security
    Partnerships and Collaboration
    Physical Security
    Risk Management
    How can we help?
    GovernmentEducational InstitutionsIndustryState, Local, Tribal, and TerritorialIndividuals and FamiliesSmall and Medium BusinessesFind Help Locally
  • Spotlight
  • Resources & Tools
    All Resources & Tools
    Services
    Programs
    Resources
    Training
    Groups
  • News & Events
    News
    Events
    Cybersecurity Alerts & Advisories
    Directives
    Request a CISA Speaker
    Congressional Testimony
  • Careers
    Benefits & Perks
    HireVue Applicant Reasonable Accommodations Process
    Hiring
    Resume & Application Tips
    Students & Recent Graduates
    Veteran and Military Spouses
    Work @ CISA
  • About
    Culture
    Divisions & Offices
    Regions
    Leadership
    Doing Business with CISA
    Contact Us
    Site Links
    Reporting Employee and Contractor Misconduct
    CISA GitHub
Report a Cyber Issue
America's Cyber Defense Agency
Breadcrumb
  1. Home
  2. Topics
Share:
Red and blue cyber node design

Cyber Threats and Advisories

Defending our nation against ever-evolving cyber threats and attacks is at the core of CISA’s mission. CISA offers the latest cybersecurity news, advisories, alerts, tools, and resources.

Cyber Threats and Advisories

  • Malware, Phishing, and Ransomware
  • Incident Detection, Response, and Prevention
  • Information Sharing
  • Securing Networks
  • Advanced Persistent Threats

Overview

Sophisticated cyber actors and nation-states exploit vulnerabilities to steal information and money and are developing capabilities to disrupt, destroy, or threaten the delivery of essential services. Defending against these attacks is essential to maintaining the nation’s security. Protecting cyber space is the responsibility of individuals, families, small and large businesses, SLTT and federal governments. By preventing attacks or mitigating the spread of an attack as quickly as possible, cyber threat actors lose their power. Any cyber-attack, no matter how small, is a threat to our national security and must be identified, managed, and shut down.    

CISA’s Role

CISA diligently tracks and shares information about the latest cybersecurity risks, attacks, and vulnerabilities, providing our nation with the tools and resources needed to defend against these threats. CISA provides cybersecurity resources and best practices for businesses, government agencies, and other organizations. CISA shares up-to-date information about high-impact types of security activity affecting the community at large and in-depth analysis on new and evolving cyber threats. By staying current on threats and risk factors, CISA helps ensure our nation is protected against serious cyber dangers.

Advanced Persistent Threats

Learn more about how CISA can help individuals and organizations enhance network, device, and online safety to defend against advanced persistent threats.

Incident Detection, Response, and Prevention

Incident detection, response, and prevention strategies are a critical consideration for the Nation's homes and business organizations.

Information Sharing

Information sharing is a critical step in incident response procedures and is key in strengthening our collective cyber defense.

Malware, Phishing, and Ransomware

Discover the impacts that malware, phishing, and ransomware can have on individuals and large organizations, and the resources that can help protect from and respond to these attacks.

Securing Networks

Protecting networks is a vital step in keeping your information and the business processes that live and depend on these systems safe.

Featured

Automated Indicator Sharing (AIS)

Automated Indicator Sharing (AIS) protects service participants and reduces the prevalence of cyberattacks via the exchange of real-time, machine-readable cyber threat indicators and defensive measures.

Cyber Marketplace

Whether you need help developing initial cybersecurity strategies or strengthening specific weaknesses in your processes, CISA offers the right high-quality, cost-efficient cybersecurity services for you.

Continuous Diagnostics and Mitigation (CDM) Program

Cybersecurity tools, integration services, and dashboards that offer a dynamic approach to fortifying the cybersecurity of federal networks and systems.

CISA's Known Exploited Vulnerabilities Catalog

View the catalog

Cyber Threat and Advisories News

Discover the latest CISA news on Cyber Threat and Advisories.

Cyber Threats and Advisories News
Jan 17, 2023
Blog

Best Practices for MITRE ATT&CK® Mapping

Dec 14, 2022
Press Release

Readout of Second Joint Ransomware Task Force Meeting

Jul 27, 2022
Press Release

United States and Ukraine Expand Cooperation on Cybersecurity

Jun 23, 2022
Press Release

CISA Releases Second Version of Guidance for Secure Migration to the Cloud

Cyber Threats and Advisories News

Cyber Services

Explore the cybersecurity services CISA offers to help mitigate risks, respond to incidents, and prevent threats.

View All Cyber Threat and Advisories Services

Cyber Resilience Review (CRR)

Contact: iodregionaloperations@cisa.dhs.gov
An assessment that evaluates an organization's operational resilience and cybersecurity practices.

Assessment Evaluation and Standardization Program

The Assessment Evaluation and Standardization (AES) program is designed to enable organizations to have a trained individual that can perform several cybersecurity assessments and reviews in accordance with industry and/or federal information security standards.

CISA Vulnerability Scanning

ASSESS YOUR RISK LEVEL
Contact: vulnerability@cisa.dhs.gov
This service evaluates external network presence by executing continuous scans of public, static IPs for accessible services and vulnerabilities. It provides weekly vulnerability reports and ad-hoc alerts.
Intermediate

External Dependencies Management Assessment

Contact: cyberadvisor@cisa.dhs.gov
An assessment for organizations to learn how to manage risks arising from external dependencies within the supply chain
Intermediate
View All Cyber Threat and Advisories Services

Cybersecurity Training

CISA offers a broad range of cyber threat trainings, from introductory courses to expert advice and techniques. 

View All Cyber Threats and Advisories Training

Strengthen Your Resolve - Understanding DNS Attacks

SEMINAR/WORKSHOP | VIRTUAL/ONLINE
We depend on DNS infrastructure to securely route us to our intended destinations. While this shared infrastructure is incredibly powerful and useful, it also presents a rich attack surface for threat actors. This webinar provides an organizational perspective and topic overview that may be useful to technical specialists.

Professors in Practice - Session 3: Zero Trust Architecture: How to Choose the Right Model(s) for Your Organization

AUG 19, 2022 | SEMINAR/WORKSHOP | VIRTUAL/ONLINE
Dr. Richardson will review key concepts and strategies from Jameison Twist's paper on Zero Trust Implementation and will discuss options to implement these strategies in Federal Departments and Agencies.

Innovation and Evolution of the CDM Dashboard

COURSE | VIRTUAL/ONLINE
This half-hour video provides an interview with Mr. Kevin Cox on the current state of the CDM program as well as an overview of the new CDM Agency Dashboard Ecosystem.

Incident Response and Awareness Training

COURSE | VIRTUAL/ONLINE
Awareness webinars are cybersecurity topic overviews for a general audience including managers and business leaders, providing core guidance and best practices to prevent incidents and prepare an effective response if an incident occurs.
Visit FEDTVE
View All Cyber Threats and Advisories Training

Cyber Threats and Advisories Resources

Utilize these resources to gain strategies and guidance to protect your cyber space.

View All Cyber Threats and Advisories Resources

Continuous Diagnostics and Mitigation (CDM) Program: AWARE

AWARE helps federal civilian agencies assess the size and scope of their cyber vulnerabilities so they can prioritize the highest risk issues.
Watch Video

Vulnerability Exploitability eXchange (VEX) Use Case Document (April 2022)

APR 01, 2022 | OTHER
This use case provides the recommended minimum data elements of a VEX document and offers a set of scenarios with proposed implementations.
Download File (PDF, 164.56 KB)

Zero Trust Maturity Model

OCT 07, 2021 | PUBLICATION
The Zero Trust Maturity Model is one of many roadmaps for agencies to reference as they transition towards a zero trust architecture.
Download File (PDF, 978.98 KB)
View All Cyber Threats and Advisories Resources

Contact CISA Central

CISA Central is the simplest way for critical infrastructure partners and stakeholders to engage with CISA. Please contact Central@cisa.gov.

CISA Central
Return to top
  • Topics
  • Spotlight
  • Resources & Tools
  • News & Events
  • Careers
  • About
Cybersecurity & Infrastructure Security Agency
  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS
CISA Central 888-282-0870 Central@cisa.dhs.gov
DHS Seal
CISA.gov
An official website of the U.S. Department of Homeland Security
  • About CISA
  • Accessibility
  • Budget and Performance
  • DHS.gov
  • FOIA Requests
  • No FEAR Act
  • Office of Inspector General
  • Privacy Policy
  • The White House
  • USA.gov
  • Website Feedback