Active Exploitation of Microsoft Vulnerability Microsoft released an out-of-band security updates to address vulnerabilities affecting Microsoft Exchange Server 2013, 2016, and 2019. A remote attacker can exploit three remote code execution vulnerabilities—CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065—to take control of an affected system and can exploit one vulnerability—CVE-2021-26855—to obtain access to sensitive information. These vulnerabilities are being…

Read More

CISA Partner Call Friday, Mar 5 on Active Exploitation of Microsoft Vulnerability   Critical Infrastructure Colleagues and Partners, ***For widest distribution amongst CISA partners— Not for media representatives*** The Cybersecurity and Infrastructure Security Agency (CISA) invites you to participate on a call Friday, March 5, 2021, at 12 pm Eastern addressing active exploitation of a…

Read More

MoDOT is hosting a series of Industry Forums as part of the development of the State Freight & Rail Plan.  We are looking to spread the word to additional private sector folks that might want to participate. Attached are the invitations, one for each forum. Participants can register for any forum via all the RSVP links.…

Read More

Maritime Transportation System – Information Sharing & Analysis Center MTS-ISAC 2020 Annual Report   A small group of U.S. Critical infrastructure stakeholders across the country from both the public and private sectors met in February 2020 to discuss a fundamental challenge to their cybersecurity efforts. They understood the importance of working together, sharing cyber threat…

Read More

Joint CISA and CYBER.org Cyber Safety Video Series   The Cybersecurity and Infrastructure Security Agency (CISA) and CYBER.ORG jointly announced a cyber safety video series to help those learning or working online take proactive steps to protect themselves and their business. CYBER.ORG is a cybersecurity workforce development organization that targets K-12 students with cyber career…

Read More

  CISA Webinar: Security and Protection of Dams and Levees   The Dams Sector Risk Management Agency will be hosting an Introduction to Security and Protection of Dams and Levees Webinar on Tuesday, March 16, 2021 from 1:00-3:00 p.m. (EST). Attached is more information on the webinar. This webinar is a 101-level webinar that highlights…

Read More

COVID-19 Safety Requirements in the Maritime Transportation System   The President issued Executive Order (13998), Promoting COVID-19 Safety in Domestic and International Travel that requires masks be worn on all “public maritime vessels, including ferries” to mitigate the risk of spreading COVID-19. The Centers for Disease Control and Prevention (CDC) issued order, Requirement for Persons…

Read More

STAKEHOLDER NOTIFICATION Personal Security Considerations Fact Sheet   Critical Infrastructure Colleagues and Partners, The Cybersecurity and Infrastructure Security Agency (CISA) has released a Personal Security Considerations fact sheet. This document encourages critical infrastructure owners and their personnel to remain vigilant and report suspicious behavior that individuals may exhibit in order to thwart an attack. It…

Read More

  Critical Infrastructure Colleagues,   The Cybersecurity and Infrastructure Security Agency (CISA) is pleased to announce the publication of the Cybersecurity and Physical Security Convergence Action Guide, which provides guidance on converging cybersecurity and physical security functions to better position organizations to mitigate cyber-physical threats.   Convergence is defined as formal collaboration between previously disjointed…

Read More