Published by U.S. Department of Homeland Security 31 January 2023

"WASHINGTON – The U.S. Department of Homeland Security (DHS) today released the second Center for Countering Human Trafficking (CCHT) Annual Report, outlining the Department’s achievements in combatting human trafficking during the previous fiscal year (FY). As a global leader in the fight against human trafficking, DHS works to end sex trafficking and forced labor through a wide range of efforts including victim identification and assistance, criminal investigations, civil enforcement actions, intelligence and analysis, training and public education, and external outreach."

To read this press release, click here.

Published by United States Attorney's Office for the  Eastern District of North Carolina 26 January 2023

"WILMINGTON, N.C. – A Raleigh man, Adonis Fabian Zorrilla, was sentenced today to 37 months in prison, 3 years supervised release, and $4,103.35 in restitution for assaulting a Transportation Security Administration (TSA) officer at Raleigh-Durham International (RDU) Airport."

To read this press release, click here.

Published by Transportation Security Administration 17 January 2023

"WASHINGTON — The Transportation Security Administration (TSA) recognized a year of accomplishments and progress in 2022, setting a new record in firearm interceptions by Transportation Security Officers (TSOs) at checkpoints, making significant strides to improve transportation security and screening an average of more than two million passengers daily at airports across the country."

To read this press release, click here.

Published by The White House 30 December 2022

"Around the world, human trafficking has stripped nearly 25 million people of their safety, dignity, and liberty — disproportionately affecting historically underserved and marginalized communities.  During National Human Trafficking Prevention Month, we reaffirm our commitment to ending this inhumane and immoral practice in all its forms.  And as we bring perpetrators to justice, we renew our pledge to help survivors recover and rebuild their lives."

To read this proclamation, click here.

Published by Centers for Disease Control and Prevention 28 December 2022

"CDC is announcing today that it will implement a requirement for a negative COVID-19 test or documentation of recovery for air passengers boarding flights to the United States originating from the People’s Republic of China (PRC) and the Special Administrative Regions of Hong Kong and Macau. CDC is announcing this step to slow the spread of COVID-19 in the United States during the surge in COVID-19 cases in the PRC given the lack of adequate and transparent epidemiological and viral genomic sequence data being reported from the PRC. These data are critical to monitor the case surge effectively and decrease the chance for entry of a novel variant of concern.  CDC will continue to monitor the situation and adjust our approach as necessary."

To read this press release, click here.

Published by Transportation Security Administration 19 December 2022

"WASHINGTON — The Transportation Security Administration (TSA) anticipates airport security checkpoints nationwide will be busier this holiday travel season compared to last year.

"TSA expects travel volumes to be close to pre-pandemic levels. The busiest days are expected to be Thursday, Dec. 22, and Friday, Dec. 30."

To read this press release, click here.

Published by Cybersecurity & Infrastructure Security Agency 01 December 2022

"The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint CSA to disseminate known Cuba ransomware IOCs and TTPs associated with Cuba ransomware actors identified through FBI investigations, third-party reporting, and open-source reporting. This advisory updates the December 2021 FBI Flash: Indicators of Compromise Associated with Cuba Ransomware.

"Note: While this ransomware is known by industry as “Cuba ransomware,” there is no indication Cuba ransomware actors have any connection or affiliation with the Republic of Cuba."

To read this advisory, click here.

Published by U.S. Department of Homeland Security 30 November 2022

"The United States remains in a heightened threat environment. Lone offenders and small groups motivated by a range of ideological beliefs and/or personal grievances continue to pose a persistent and lethal threat to the Homeland.  Domestic actors and foreign terrorist organizations continue to maintain a visible presence online in attempts to motivate supporters to conduct attacks in the Homeland.  Threat actors have recently mobilized to violence, citing factors such as reactions to current events and adherence to violent extremist ideologies. In the coming months, threat actors could exploit several upcoming events to justify or commit acts of violence, including certifications related to the midterm elections, the holiday season and associated large gatherings, the marking of two years since the breach of the U.S. Capitol on January 6, 2021, and potential sociopolitical developments connected to ideological beliefs or personal hostility. Targets of potential violence include public gatherings, faith-based institutions, the LGBTQI+ community, schools, racial and religious minorities, government facilities and personnel, U.S. critical infrastructure, the media, and perceived ideological opponents."

To read this NTAS Bulletin, click here.

Published by Cybersecurity & Infrastructure Security Agency 17 November 2022

"The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) are releasing this joint CSA to disseminate known Hive IOCs and TTPs identified through FBI investigations as recently as November 2022.

"FBI, CISA, and HHS encourage organizations to implement the recommendations in the Mitigations section of this CSA to reduce the likelihood and impact of ransomware incidents. Victims of ransomware operations should report the incident to their local FBI field office or CISA."

To read this advisory, click here.

Published by Transportation Security Administration 17, November 2022

"WASHINGTON – The Transportation Security Administration (TSA) has seen an increase in travel this year and anticipates airport security checkpoints nationwide will be very busy this holiday travel season. The season kicks off with Thanksgiving travel, which begins Friday, Nov. 18 and concludes Sunday, Nov. 27.

“We expect to be busier this year than last year at this time, and probably very close to pre-pandemic levels,” said TSA Administrator David Pekoske. “We are prepared to handle the projected increase in travel volumes next week. However, going forward, making the TSA pay levels equal to other federal agencies is critical to our ability in 2023 to recruit, train, equip and retain a highly skilled and professional workforce on the frontlines of transportation security. It is up to Congress to act on the President’s budget request without delay, enabling TSA to address the current pay gap, which is up to 30% compared with other federal employees.”

To read this press release, click here.

Published by Cybersecurity & Infrastructure Security Agency 16 November 2022

"From mid-June through mid-July 2022, CISA conducted an incident response engagement at a Federal Civilian Executive Branch (FCEB) organization where CISA observed suspected advanced persistent threat (APT) activity. In the course of incident response activities, CISA determined that cyber threat actors exploited the Log4Shell vulnerability in an unpatched VMware Horizon server, installed XMRig crypto mining software, moved laterally to the domain controller (DC), compromised credentials, and then implanted Ngrok reverse proxies on several hosts to maintain persistence. CISA and the Federal Bureau of Investigation (FBI) assess that the FCEB network was compromised by Iranian government-sponsored APT actors."

To read this advisory, click here.

Published by FBI 10 November 2022

"As recently as October 2022, the FBI observed several instances nationwide of scammers conducting computer-technical support scams, where criminals pose as service representatives of a company's technical or computer repair service and contact victims through email or by telephone about a highly priced, soon-to-renew subscription. Scammers request victims contact the scammers at a provided telephone number or email to cancel the renewal and receive a varying refund amount. After the victims contact the scammers, they attempt to obtain personal and banking information that is then used to conduct unauthorized wire transfers of funds held within the targeted victim's accounts. Targeted victims generally fall within the elderly population."

To read this alert, click here. 

Published by Cybersecurity & Infrastructure Security Agency 31 October 2022

"The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the  Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint guide, “Understanding and Responding to Distributed Denial-of-Service Attacks”, to provide organizations with proactive steps to reduce the likelihood and impact of distributed denial-of-service (DDoS) attacks.  

"Although DDoS attacks are unlikely to impact the confidentiality or integrity of a system and its associated data, they affect availability by interfering with the legitimate use of that system, thereby imposing a cost of time and money, and possibly reputation on the victim’s business. Some of the actions listed in the joint DDoS guide that should be taken by organizations before an incident are:  

• Understand your critical assets and services: Identify which services you have exposed to the public internet and the vulnerabilities of those services. Prioritize assets based on mission criticality and need for availability. 
• Enroll in DDoS protection service: Protect systems and services by enrolling in DDoS protection service that can monitor network traffic, confirm the presence of an attack, identify the source, and mitigate the situation by rerouting malicious traffic away from your network. 
• Determine the coverage and limitations with internet service providers defenses: Engage with your internet service providers (ISP) and cloud service providers (CSP) to understand existing DDoS protections, which should include reviewing Terms of Service agreements.  
• Develop an agency DDoS response plan: The response plan should guide the organization through identifying, mitigating, and rapidly recovering from DDoS attacks.  

"Depending on the scale of the DDoS attack, the impact may be negligible or severe to include loss or degradation of critical services, loss of productivity, extensive remediation costs, and acute reputational damage. If an incident is suspected, some the action that can be taken include;  

• Review indicators in the guide that can help confirm a DDoS attack, as well as contact your upstream network service provider to determine if there is an outage on their end or if their network is the target of the attack and you are an indirect victim.  
• Deploy mitigation to include continue working with the service providers to get the DDoS attacks blocked, as well as configuration changes to the current environment and initiating business continuity plans that may assist in response and recovery. MS-ISAC offer a Guide to DDoS Attack that provides several recommended mitigations.   
• DDoS attacks may also be used to divert attention away from other more malicious acts—malware insertion or data exfiltration--being carried out by the threat actor, so victims should stay on guard throughout a DDoS response. 

"In the near future, CISA plans to offer a tabletop exercise that can be used by any organization to assess their security and resilience to a DDoS attack.    

"CISA, FBI and MS-ISAC urge every organization to apply the recommended actions in this joint DDoS Guide, as well as adopt our Shields Up guidance and take steps to implement necessary security and resilience measures that can reduce the likelihood of compromise.  

"Your support to amplify this joint guide through your communications and social media channels is appreciated. And as always, thank you for your continued collaboration." 

To read this guide, click here.

Published by Cybersecurity & Infrastructure Security Agency 31 Oct 2022

"Today, we released our first ever CISA Stakeholder Engagement Strategic Plan 2023-2025, along with a related blog. We developed this plan with agency-wide input to help us unify our approach to stakeholder engagement through more integrated agency functions and capabilities.

"Building on CISA’s collaboration and coordination efforts since we were established in 2018, and in alignment with the CISA Strategic Plan for CY 2023-2025, the Stakeholder Engagement Strategic Plan elaborates on areas of focus for the next three years that will elevate and enhance coordinated engagement and partnership activities, including the full integration of our regional offices. These efforts will strengthen whole-of-nation operational collaboration and information sharing.

"The plan’s three goals, summarized below, express CISA’s commitment to collaboratively working with stakeholders from industry, government, the international community, academia, and others to achieve our vision for a secure and resilient critical infrastructure for the American people: 

• We are committed to collaboration—within CISA as well as with all our stakeholders. The plan describes how CISA will collaboratively plan and implement stakeholder engagements and partnership activities to advance a unified mission delivery.
• We value stakeholder feedback and insights. We want to hear from you! Stakeholder feedback is incredibly important in shaping the development and delivery of CISA products and resources — which are critical for mission implementation.
• We believe in accessibility and transparency. CISA will make it easier for stakeholders to quickly find and access relevant products and services, including actionable decision support information. As we work towards this goal, keep an eye out for updates!

"Thanks to everyone who collaborated on developing this plan and helping us reach this milestone. As with any plan, however, it marks the beginning not the end of our work—and I am counting on everyone across CISA to do diligently work to make these goals a reality."

To read this plan, click here.

Published by Cybersecurity & Infrastructure Security Agency 31 Oct 2022

"Today, the Cybersecurity and Infrastructure Security Agency (CISA) released a set of cross-sector Cybersecurity Performance Goals (CPGs), which were developed at the direction of the White House, in coordination with the National Institute for Standards and Technology (NIST) and other agencies. 

"The CPGs provide voluntary guidance to critical infrastructure partners to help them prioritize security investments toward areas that will have the greatest impact on their cybersecurity, and they are developed to be implemented in concert with the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). Every organization should use the NIST Cybersecurity Framework to develop a rigorous, comprehensive cybersecurity program. The CPGs prescribe an abridged subset of actions – a kind of “QuickStart guide” – for the NIST CSF to help organizations prioritize their investments. 

"Along with the CPGs themselves, CISA is releasing an accompanying Checklist (https://www.cisa.gov/sites/default/files/publications/CISA_CPG_CHECKLIST_508c.pdf)  that prioritizes each Goal by Cost, Impact, and Complexity.  

"CISA developed the CPGs based on extensive feedback from partners with the goal of creating a final product that reflects input from a wide range of groups including federal agencies, the private sector, and international partners. We achieved this goal via written comments, workshops, listening sessions, and focused discussions with experts across a variety of disciplines."  

To view these goals, click here.

Published by NATA Compliance Services 18 October 2022

"Reno, NV, October 18th, 2022 – The Transportation Security Administration (TSA) renewed its government/industry partnership with the National Air Transportation Association - Compliance Services (NATACS) for an additional five years. Entering into its third decade, NATACS will continue to operate as a Trusted Fingerprint Facility to process Biographical and Biometric information and other services for certain Commercial, Business and General aviation populations."

To read this press release, click here.

Published by Cybersecurity & Infrastructure Security Agency 18 October 2022

"Today, CISA released a new source titled Tactics of Disinformation Series, also available in Spanish, which offers state, local, tribal, and territorial (SLTT) government officials and private sector partners insight into eight common tactics used by disinformation actors. 

"This series of one-pagers describes each tactic, highlights examples of their use by disinformation actors, and outlines proactive measures that can be taken to mitigate the effectiveness of each tactic. This guide is founded on the knowledge that understanding these tactics can increase preparedness and promote resilience when stakeholders are faced with disinformation campaigns that target our nation's critical infrastructure." 

For additional mis-, dis, and main information resources, click here.

Published by Cybersecurity & Infrastructure Security Agency 6 October 2022

"This joint Cybersecurity Advisory (CSA) provides the top Common Vulnerabilities and Exposures (CVEs) used since 2020 by People’s Republic of China (PRC) state-sponsored cyber actors as assessed by the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI). PRC state-sponsored cyber actors continue to exploit known vulnerabilities to actively target U.S. and allied networks as well as software and hardware companies to steal intellectual property and develop access into sensitive networks.

"This joint CSA builds on previous NSA, CISA, and FBI reporting to inform federal and state, local, tribal and territorial (SLTT) government; critical infrastructure, including the Defense Industrial Base Sector; and private sector organizations about notable trends and persistent tactics, techniques, and procedures (TTPs).

"NSA, CISA, and FBI urge U.S. and allied governments, critical infrastructure, and private sector organizations to apply the recommendations listed in the Mitigations section and Appendix A to increase their defensive posture and reduce the threat of compromise from PRC state-sponsored malicious cyber actors."

To read this advisory, click here.

Published by Cybersecurity & Infrastructure Security Agency 

"This year’s campaign theme — “See Yourself in Cyber” — demonstrates that while cybersecurity may seem like a complex subject, ultimately, it’s really all about people . This October will focus on the “people” part of cybersecurity, providing information and resources to help educate CISA partners and the public, and ensure all individuals and organizations make smart decisions whether on the job, at home or at school – now and in the future. We encourage each of you to engage in this year’s efforts by creating your own cyber awareness campaigns and sharing this messaging with your peers."

To learn more, click here.

Published by Government of Canada 26 September 2022

"Starting October 1, 2022, all COVID-19 border requirements, including vaccination, mandatory use of ArriveCAN, and any testing and quarantine/isolation requirements will end for all travellers entering Canada whether by land, air or sea."

To visit Canada's website, click here.

Published by Cybersecurity & Infrastructure Security Agency 6 September 2022

"The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint CSA to disseminate IOCs and TTPs associated with Vice Society actors identified through FBI investigations as recently as September 2022. The FBI, CISA, and the MS-ISAC have recently observed Vice Society actors disproportionately targeting the education sector with ransomware attacks."

To read this alert, click here.

Published by Cybersecurity & Infrastructure Security Agency 16 August 2022

"The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) are publishing this joint Cybersecurity Advisory (CSA) in response to active exploitation of multiple Common Vulnerabilities and Exposures (CVEs) against Zimbra Collaboration Suite (ZCS), an enterprise cloud-hosted collaboration software and email platform."

To read this alert, click here.

Published by Cybersecurity & Infrastructure Security Agency 11 August 2022

"The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint CSA to disseminate known Zeppelin ransomware IOCs and TTPs associated with ransomware variants identified through FBI investigations as recently as 21 June 2022.

"The FBI and CISA encourage organizations to implement the recommendations in the Mitigations section of this CSA to reduce the likelihood and impact of ransomware incidents."

To read this alert, click here.

Published by Homeland Security Today 6 August 2022

The U.S. Court of Appeals has upheld rules set out by the Federal Aviation Administration (FAA) for Remote ID, which provides in-flight identification of drones.

The ruling was in response to a lawsuit brought by Tyler Brennan, co-founder and CEO of RaceDayQuads, who argued that Remote ID rules violated the U.S. Constitution’s Fourth Amendment by allowing “constant, warrantless governmental surveillance.” 

But Judge Cornelia Pillard warned that increasing numbers of drones are posing a threat to national security. “Their ability to pry, spy, crash, and drop things poses real risks,” she said. “Free-for-all drone use threatens air traffic, people and things on the ground, and even national security.”

To read this article, click here.

Published by Cybersecurity & Infrastructure Security Agency 4 Aug 2022

"This joint Cybersecurity Advisory (CSA) was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC). This advisory provides details on the top malware strains observed in 2021."

To read this alert, click here.

Published by U.S. Department of Homeland Security 29 July 2022

"WASHINGTON – Today, the Department of Homeland Security (DHS) announced a strategic partnership between the Department’s Center for Countering Human Trafficking (CCHT) and international non-governmental organization (NGO) Liberty Shared to enhance the Department’s ability to investigate forced labor in the supply chain.

“Partnerships are essential in the fight to bring traffickers to justice and put victims on the path to recovery,” said Secretary of Homeland Security Alejandro N. Mayorkas. “As we mark World Day Against Trafficking in Persons this week, we recognize the need to use every resource possible to further our Department-wide mission of ending the heinous crime of human trafficking."

To read this press release, click here.

Published by Reuters 29 July 2022

"WASHINGTON, July 29 (Reuters) - A U.S. Appeals Court on Friday upheld rules set by the Federal Aviation Administration (FAA) requiring drones to have remote identification technology to enable them to be identified from the ground.

"The rules, which were finalized in April 2021, give drone manufacturers 18 months to begin producing drones with so-called Remote ID and are aimed at safely managing the growing use of drones in U.S. airspace."

To read this article, click here.

Published by The Hill 19 July 2022

"CORRECTION: Los Angeles International Airport (LAX) is one of the first airports in the country to allow passengers to complete their application for a REAL ID while they wait to board a flight. A previous version of this story included incorrect information.

"Los Angeles International Airport (LAX) will launch a pilot REAL ID application pop-up on Tuesday, becoming one of the first airports in the country to allow passengers to complete their application for the enhanced identification document while they wait to board a flight."

To read this article, click here.

Published by Cybersecurity & Infrastructure Security Agency 30 June 2022

"The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury, and the Financial Crimes Enforcement Network (FinCEN) are releasing this CSA to provide information on MedusaLocker ransomware."

To read this alert, click here.

Published by The Hill 10 June 2022

"The Biden administration announced Friday that it is ending a requirement that international travelers test negative for the coronavirus before coming to the United States.

"The Centers for Disease Control and Prevention (CDC) “has determined based on the science and data that this requirement is no longer necessary at this time,” a senior administration official said."

To read this article, click here.

Published by Cybersecurity & Infrastructure Security Agency 7 June 2022

"This joint Cybersecurity Advisory describes the ways in which People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit publicly known vulnerabilities in order to establish a broad network of compromised infrastructure. These actors use the network to exploit a wide variety of targets worldwide, including public and private sector organizations. The advisory details the targeting and compromise of major telecommunications companies and network service providers and the top vulnerabilities—primarily Common Vulnerabilities and Exposures (CVEs)—associated with network devices routinely exploited by the cyber actors since 2020."

To read this alert, click here.

Published by U.S. Department of Homeland Security 7 June 2022

"The United States remains in a heightened threat environment, as noted in the previous Bulletin, and several recent attacks have highlighted the dynamic and complex nature of the threat environment.  In the coming months, we expect the threat environment to become more dynamic as several high-profile events could be exploited to justify acts of violence against a range of possible targets. These targets could include public gatherings, faith-based institutions, schools, racial and religious minorities, government facilities and personnel, U.S. critical infrastructure, the media, and perceived ideological opponents.  Threat actors have recently mobilized to violence due to factors such as personal grievances, reactions to current events, and adherence to violent extremist ideologies, including racially or ethnically motivated or anti-government/anti-authority violent extremism.  Foreign adversaries—including terrorist organizations and nation state adversaries—also remain intent on exploiting the threat environment to promote or inspire violence, sow discord, or undermine U.S. democratic institutions.  We continue to assess that the primary threat of mass casualty violence in the United States stems from lone offenders and small groups motivated by a range of ideological beliefs and/or personal grievances."

To read this NTAS Bulletin, click here.

Published by Cybersecurity & Infrastructure Security Agency 1 June 2022

"The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury (Treasury), and the Financial Crimes Enforcement Network (FinCEN) are releasing this joint Cybersecurity Advisory (CSA) to provide information on the Karakurt data extortion group, also known as the Karakurt Team and Karakurt Lair."

To read this alert, click here.

Published by Cybersecurity & Infrastructure Security Agency 18 May 2022

"CISA has issued Emergency Directive (ED) 22-03 and released a Cybersecurity Advisory (CSA) in response to active and expected exploitation of multiple vulnerabilities in the following VMware products: VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation, vRealize Suite Lifecycle Manager."

To read this emergency directive, click here.

Published by Cybersecurity & Infrastructure Security Agency 17 May 2022

"Cyber actors routinely exploit poor security configurations (either misconfigured or left unsecured), weak controls, and other poor cyber hygiene practices to gain initial access or as part of other tactics to compromise a victim’s system. This joint Cybersecurity Advisory identifies commonly exploited controls and practices and includes best practices to mitigate the issues."

To read this alert, click here. 

Published by The United States Department of Justice 12 May 2022

"At the Council of Europe (COE) headquarters in Strasbourg, France, on May 12, Deputy Assistant Attorney General (DAAG) Richard Downing of the U.S. Department of Justice’s Criminal Division signed the Second Additional Protocol to the Convention on Cybercrime on enhanced cooperation and disclosure of electronic evidence on behalf of the U.S. government. This strengthening and expansion of the multilateral international treaty commonly called the Budapest Convention is part of the United States’ steadfast commitment to helping nations, including the United States, fight cybercrime by obtaining access to needed electronic evidence."

Published by Cybersecurity & Infrastructure Security Agency 5 May 2022

"We’re big music fans here at CISA, and today we’re beginning a month-long mission to rock the message that multifactor authentication keeps you more secure! So, join us for MFA May!

"Whether you call it MFA or 2FA, Walk This Way to learn how simple it is to take an extra step that reduces your risk of getting hacked."

To read this press release, click here.

Published by Cybersecurity & Infrastructure Security Agency 27 April 2022

"This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), New Zealand National Cyber Security Centre (NZ NCSC), and United Kingdom’s National Cyber Security Centre (NCSC-UK). This advisory provides details on the top 15 Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2021, as well as other CVEs frequently exploited."

To read this alert, click here.

Published by U.S. Department of Homeland Security 21 April 2022 

"WASHINGTON – Today, the Department of Homeland Security (DHS) announced that it will extend temporary Title 19 requirements and continue to require non-U.S. travelers entering the United States via land ports of entry and ferry terminals at the U.S.-Mexico and U.S.-Canada borders to be fully vaccinated against COVID-19 and provide related proof of vaccination upon request. These requirements will continue to apply to non-U.S. travelers who are traveling both for essential and non-essential reasons, and do not apply to U.S. citizens, Lawful Permanent Residents, or U.S. nationals."

To read this press release, click here.

Published by Cybersecurity & Infrastructure Security Agency 20 April 2022

"The cybersecurity authorities of the United States[1][2][3], Australia[4], Canada[5], New Zealand[6], and the United Kingdom[7][8] are releasing this joint Cybersecurity Advisory (CSA). The intent of this joint CSA is to warn organizations that Russia’s invasion of Ukraine could expose organizations both within and beyond the region to increased malicious cyber activity. This activity may occur as a response to the unprecedented economic costs imposed on Russia as well as materiel support provided by the United States and U.S. allies and partners."

To read this alert, click here.

Published by Transportation Security Administration 18 April 2022

"Due to today’s court ruling, effective immediately, TSA will no longer enforce its Security Directives and Emergency Amendment requiring mask use on public transportation and transportation hubs. TSA will also rescind the new Security Directives that were scheduled to take effect tomorrow. CDC continues to recommend that people wear masks in indoor public transportation settings at this time."

To read this statement, click here.

Published by Transportation Security Administration 13 April 2022

"At CDC's recommendation, TSA will extend the Security Directives and Emergency Amendment requiring mask use on public transportation and transportation hubs for 15 days through May 3, 2022."

To read this statement, click here.

Published by Cybersecurity & Infrastructure Security Agency 6 April 2022

"Google has released Chrome version 100.0.4896.75 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system."

To read this notice, click here.

Published by U.S. Department of State 4 April 2022

"The Department is pleased to announce that the Bureau of Cyberspace and Digital Policy (CDP) began operations today. A key piece of Secretary Blinken’s modernization agenda, the CDP bureau will address the national security challenges, economic opportunities, and implications for U.S. values associated with cyberspace, digital technologies, and digital policy."

To read this press release, click here.

Published by Cybersecurity & Infrastructure Security Agency 30 March 2022 

"Google has released Chrome version 100.0.4896.60 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. 

"CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update."

To read this notice, click here.

Published by Cybersecurity & Infrastructure Security Agency 29 March 2022

"CISA and the Department of Energy (DOE) are aware of threat actors gaining access to a variety of internet-connected uninterruptable power supply (UPS) devices, often through unchanged default usernames and passwords. Organizations can mitigate attacks against their UPS devices, which provide emergency power in a variety of applications when normal power sources are lost, by removing management interfaces from the internet."

To read this notice, click here.

Published by U.S. Department of State - Bureau of Consular Affairs 28 March 2022

"U.S. citizens should depart Russia immediately via one of the limited commercial options still available. U.S. Citizens wishing to depart Russia have several options listed below. The situation on Russian borders is constantly evolving, and this page will be updated regularly to reflect these changes."

To read this advisory, click here.

Published by Cybersecurity & Infrastructure Security Agency 22 March 2022

"CISA Director Jen Easterly, Deputy Executive Assistant Director for Cybersecurity Matt Hartman, and Tonya Ugoretz, Deputy Assistant Director for the FBI’s cyber division, encouraged organizations of all sizes to have their Shields Up to cyber threats and take proactive measures now to mitigate risk to their networks."

To listen to the advisory, click here.

Published by Cybersecurity & Infrastructure Security Agency 24 March 2022

"CISA, the Federal Bureau of Investigation, and the Department of Energy have released a joint Cybersecurity Advisory (CSA) detailing campaigns conducted by state-sponsored Russian cyber actors from 2011 to 2018 that targeted U.S. and international Energy Sector organizations. The CSA highlights historical tactics, techniques, and procedures as well as mitigations Energy Sector organizations can take now to protect their networks. "

To read this alert, click here.

Published by U.S. Department of Homeland Security 21 March 2022

Published by Cybersecurity & Infrastructure Security Agency 17 March 2022

"The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are aware of possible threats to U.S. and international satellite communication (SATCOM) networks. Successful intrusions into SATCOM networks could create risk in SATCOM network providers’ customer environments.

"Given the current geopolitical situation, CISA’s Shields Up initiative requests that all organizations significantly lower their threshold for reporting and sharing indications of malicious cyber activity. To that end, CISA and FBI will update this joint Cybersecurity Advisory (CSA) as new information becomes available so that SATCOM providers and their customers can take additional mitigation steps pertinent to their environments."

To read this alert, click here.

Published by Cybersecurity & Infrastructure Security Agency 15 March 2022

"The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) to warn organizations that Russian state-sponsored cyber actors have gained network access through exploitation of default MFA protocols and a known vulnerability. As early as May 2021, Russian state-sponsored cyber actors took advantage of a misconfigured account set to default MFA protocols at a non-governmental organization (NGO), allowing them to enroll a new device for MFA and access the victim network. The actors then exploited a critical Windows Print Spooler vulnerability, “PrintNightmare” (CVE-2021-34527) to run arbitrary code with system privileges. Russian state-sponsored cyber actors successfully exploited the vulnerability while targeting an NGO using Cisco’s Duo MFA, enabling access to cloud and email accounts for document exfiltration."

To read this alert, click here.

Published by Cybersecurity & Infrastructure Security Agency 11 March 2022

"WASHINGTON – Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly released the following statement today:

“As the nation’s cyber defense agency, CISA applauds the passage of cyber incident reporting legislation. Thanks to the support of our many partners in Congress, CISA will have the data and visibility we need to help better protect critical infrastructure and businesses across the country from the devastating effects of cyber-attacks."

To read this press release, click here.

Published by Cybersecurity & Infrastructure Security Agency 9 March 2022

Published by U.S. Department of State - Bureau of Consular Affairs 5 March 2022

"Do not travel to Russia due to the unprovoked and unjustified attack by Russian military forces in Ukraine, the potential for harassment against U.S. citizens by Russian government security officials, the Embassy’s limited ability to assist U.S. citizens in Russia, COVID-19 and related entry restrictions, terrorism, limited flights into and out of Russia, and the arbitrary enforcement of local law.  U.S. citizens should depart Russia immediately."

To read this advisory, click here.

Published by Cybersecurity & Infrastructure Security Agency 26 February 2022

"WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a joint Cybersecurity Advisory today providing an overview of destructive malware that has been used to target organizations in Ukraine as well as guidance on how organizations can detect and protect their networks. The joint Advisory, “Destructive Malware Targeting Organizations in Ukraine,” provides information on WhisperGate and HermeticWiper malware, both used to target organizations in Ukraine." 

To read this advisory, click here.

Published by Aircraft Owners & Pilots Association 24 February 2022

"A temporary flight restriction will be in place March 1 in the Washington, D.C., area for President Joe Biden’s State of the Union address.

"Extending 30 nautical miles from the VOR/DME at the Ronald Reagan Washington National Airport, the presidential TFR will start at the surface and include altitudes up to 18,000 feet msl from 8 to 11 p.m. Eastern time on March 1."

To read this notice, click here.

Published by Cybersecurity & Infrastructure Security Agency 8 February 2022

 "On February 8, 2022, SAP released security updates to address vulnerabilities affecting multiple products, including critical vulnerabilities affecting SAP applications using SAP Internet Communication Manager (ICM). SAP applications help organizations manage critical business processes—such as enterprise resource planning, product lifecycle management, customer relationship management, and supply chain management." 

To read the updates, click here.

Published by U.S. Department of Homeland Security 7 February 2022 

"WASHINGTON – Secretary of Homeland Security Alejandro N. Mayorkas issued a National Terrorism Advisory System (NTAS) Bulletin regarding the continued heightened threat environment across the United States. This is the fifth NTAS Bulletin issued by the Department of Homeland Security since January 2021 and it replaces the current Bulletin that was set to expire tomorrow."

To read this bulletin, click here.

Published by Cybersecurity & Infrastructure Security Agency 4 February 2022 

"CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise."

To read this press release, click here.

Published by U.S. Department of Homeland Security 3 February 2022

"WASHINGTON –Today, the U.S. Department of Homeland Security (DHS) announced the establishment of the Cyber Safety Review Board (CSRB), as directed in President Biden’s Executive Order 14028 on Improving the Nation’s Cybersecurity. The CSRB is an unprecedented public-private initiative that will bring together government and industry leaders to elevate our nation’s cybersecurity."

To read this press release, click here.

Published by U.S. Department of Homeland Security 25 January 2022

"WASHINGTON – Today, Secretary of Homeland Security Alejandro N. Mayorkas released the following statement on National Human Trafficking Prevention Month:" 

To read this press release, click here.

Published by Transportation Security Administration 18 January 2022

"WASHINGTON – The Transportation Security Administration (TSA) closed 2021 demonstrating the agency’s commitment to the security of the nation’s transportation system, and the ability to drive innovation and address emerging threats."

“In many ways, 2021 was a year of resilience as the dedicated TSA workforce worked diligently to screen near pre-pandemic passenger volumes at the nation’s airports while facing three major waves of COVID-19 across the country,” said TSA Administrator David Pekoske. “Despite the challenges, we facilitated freedom of movement for passengers and goods, and we made great progress in security innovation in close coordination with our federal partners and industry stakeholders.”

To read this press release, click here.

Published by Politico 14 January 2022

To read this article, click here.

Published by Cybersecurity & Infrastructure Security Agency 11 January 2022

"This joint Cybersecurity Advisory (CSA)—authored by the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA)—is part of our continuing cybersecurity mission to warn organizations of cyber threats and help the cybersecurity community reduce the risk presented by these threats. This CSA provides an overview of Russian state-sponsored cyber operations; commonly observed tactics, techniques, and procedures (TTPs); detection actions; incident response guidance; and mitigations. This overview is intended to help the cybersecurity community reduce the risk presented by these threats."

To read this alert, click here.

Published by Cybersecurity & Infrastructure Security Agency 5 January 2022

To review this release note, click here.

Published by Cybersecurity & Infrastructure Security Agency 5 January 2022

"VMware has released a security advisory to address a vulnerability in Workstation, Fusion, and ESXi. An attacker could exploit this vulnerability to take control of an affected system.

To review this advisory, click here.

January 2022

Did you know? Over 600,000 victims of human trafficking are transported by air each year. The U.S. Department of Homeland Security's Blue Campaign aims to provide education and increase awareness to those in aviation as well as the general public.

Take action during Human Trafficking Awareness Month and educate yourself on the signs of possible trafficking activity, and how you can help save others.

To learn more, click here.

Published by U.S. Department of Homeland Security 15 December 2021

"WASHINGTON – The Department of Homeland Security announced its commitment to adopt a definition of statelessness for immigration purposes and enhance protections for stateless individuals living in the United States.  Through the adoption of a standardized definition of statelessness, the Department will ensure it can recognize unique barriers encountered by stateless persons and better identify and protect such individuals."

To read this press release, click here.

Published by U.S. Department of Homeland Security 14 December 2021

"WASHINGTON – Today, the Department of Homeland Security (DHS) announced the launch of “Hack DHS,” a bug bounty program to identify potential cybersecurity vulnerabilities within certain DHS systems and increase the Department’s cybersecurity resilience. Through Hack DHS, vetted cybersecurity researchers who have been invited to access select external DHS systems (“hackers”) will identify vulnerabilities (“bugs”) that could be exploited by bad actors so they can be patched. These hackers will be rewarded with payments (“bounties”) for the bugs they identify."

To read this press release, click here.

Published by U.S. Department of Homeland Security 13 December 2021

"WASHINGTON – Secretary of Homeland Security Alejandro N. Mayorkas today delivered the Oath of Office to Chris Magnus, the fifth Commissioner of U.S. Customs and Border Protection (CBP)."

To read this press release, click here.

Published by Cybersecurity & Infrastructure Security Agency 11 December 2021

"WASHINGTON – Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly released the following statement today on the “log4j” vulnerability: 
 
“CISA is working closely with our public and private sector partners to proactively address a critical vulnerability affecting products containing the log4j software library. This vulnerability, which is being widely exploited by a growing set of threat actors, presents an urgent challenge to network defenders given its broad use. End users will be reliant on their vendors, and the vendor community must immediately identify, mitigate, and patch the wide array of products using this software. Vendors should also be communicating with their customers to ensure end users know that their product contains this vulnerability and should prioritize software updates."

To read this release, click here.

Published by The Ascent 10 December 2021

Threat actors have created fake TSA websites to target people with TSA PreCheck. TSA PreCheck holders should use care in protecting the investment they make by scrutinizing emails for fraudulent links.

PreCheck has long been a popular convenience for travelers. The key component in signing up for the service is the ability to sidestep long security clearance lines at airports. 

To read this article, click here.

Published by Cybersecurity & Infrastructure Security Agency 8 December 2021

"The holiday shopping season is underway, and retailers are enticing patrons to come into their venues with sales and festive events. Given the increase of patrons during the holidays, individuals or groups intending to inflict harm or disrupt festivities may also leverage the corresponding shopping season as an opportunity to engage in grievance-based violence. Although there are currently no credible or imminent threats, shopping venues should assess existing security practices to ensure effective procedures are in place. To assist shopping venue owners and operators in enhancing their security, CISA released the updated Protecting Patrons During the Holiday Shopping Season fact sheet."

To read this press release, click here.

Published by Cybersecurity & Infrastructure Security Agency 8 December 2021

"Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system."

To read this press release, click here.

Published by Transportation Security Administration 2 December 2021

"WASHINGTON – DHS’s Transportation Security Administration (TSA) today announced two new Security Directives and additional guidance for voluntary measures to strengthen cybersecurity across the transportation sector in response to the ongoing cybersecurity threat to surface transportation systems and associated infrastructure. These actions are among several steps DHS is taking to increase the cybersecurity of U.S. critical infrastructure."

To read this press release, click here.

Published by Aviation International News 30 November 2021

"Air carriers and certain other operators must use the pilot records database (PRD) beginning on December 7 to obtain records from the FAA, the National Air Transportation Association (NATA) is alerting members. At that point, the FAA will no longer accept Form 8060-10 for the records, the association said, but added operators can obtain the pilot information via the PRD beforehand."

To read this article, click here.

Published by Cybersecurity & Infrastructure Security Agency 23 November 2021

"WASHINGTON – This holiday season, the Cybersecurity and Infrastructure Security Agency (CISA) hopes online shoppers will do their part help spread a cup of cyber cheer.  Today, CISA launched a series of resources aimed at helping Americans protect themselves when shopping online. Remember that hackers are trying to take advantage of unsuspecting shoppers by searching for weaknesses in their devices and internet connections or attempting to extract personal and financial information through fake websites and charities." 

To read this press release, click here.

Published by U.S. Department of Defense 23 November 2021

To read this press release, click here.

Published by Transportation Security Administration 17 November 2021

"This week, we’re celebrating the 20th anniversary of TSA’s inception."

"Since our origin, we’ve taken significant steps to improve the safety of our transportation system, keep travelers safe, and improve the security of our country. In 20 years, we’ve improved technology and procedures, and we continue to adapt to the ever-evolving security threats.”

To read this blog, click here.

Published by Transportation Security Administration 17 November 2021

"The Transportation Security Administration (TSA) expects airport security checkpoints nationwide will be busy during the upcoming Thanksgiving travel period, which runs from Friday, Nov. 19, through Sunday, Nov. 28, and the agency is prepared to handle the increase in passenger volume for the holiday. TSA expects to screen about 20 million passengers during the Thanksgiving holiday."

“We anticipate that travel may be very close to pre-pandemic levels this holiday, and we are staffed and prepared for the holiday travelers. We have deployed technologies that enhance detection capabilities and reduce physical contact, and it’s equally important that passengers are prepared with travel tips for the most efficient checkpoint experience,” said TSA Administrator David Pekoske. “With overall vaccination rates improving nationwide and greater confidence in healthy travel, there will be more people traveling so plan ahead, remain vigilant and practice kindness.”

To read this press release, click here.

Published by Federal Bureau of Investigation 14 November 2021

"The FBI is aware of a software misconfiguration that temporarily allowed an actor to leverage the Law Enforcement Enterprise Portal (LEEP) to send fake emails. LEEP is FBI IT infrastructure used to communicate with our state and local law enforcement partners. While the illegitimate email originated from an FBI operated server, that server was dedicated to pushing notifications for LEEP and was not part of the FBI’s corporate email service. No actor was able to access or compromise any data or PII on the FBI’s network. Once we learned of the incident, we quickly remediated the software vulnerability, warned partners to disregard the fake emails, and confirmed the integrity of our networks."

To read this press release, click here.

Published by National Air Transportation Association 4 November 2021

"Today, the Department of Labor announced that the Occupational Health and Safety Administration (OSHA) has filed an Emergency Temporary Standard (ETS) mandating COVID-19 vaccination or weekly testing for employees of private companies with 100 or more workers. The ETS will be officially published in the Federal Register on Friday, November 5."

To read this member alert, click here.

Published by The Washington Post 25 October 2021

A bevy of musical instruments can cause quite the stir at security checkpoints in airports. 

If you plan to create ad hoc joy, either whilst traveling, or at your destination, it is best practice to keep your musical instrument and its components at the ready for TSA agents to inspect. Packing them in a carry-on bag or backpack will likely attract unwanted attention and cause a delay.

To read this article, click here.

Published by Aviation International News 22 October 2021

 "Employers of 100 or more workers should prepare to get ahead of looming vaccine requirements, in part by confidentially surveying staff to determine how many people might be affected. That was the advice of Alison Squiccimarro of the Law Offices of Paul Lange during a videotaped question-and-answer session with National Air Transportation Association senior v-p Ryan Waguespack."

To read this article, click here.

Published by U.S. Department of Homeland Security 20 October 2021

"WASHINGTON – Today marks the first anniversary of the creation of the Department of Homeland Security’s (DHS) Center for Countering Human Trafficking (CCHT). The CCHT, led by ICE Homeland Security Investigations (HSI), is a DHS-wide effort dedicated to bringing human traffickers to justice, protecting victims of sex trafficking and forced labor, and preventing these terrible crimes from occurring." 

"In recognition of the CCHT and to continue to advance its critical work, Secretary of Homeland Security Alejandro N. Mayorkas directed DHS components to incorporate a victim-centered approach into all policies, programs, and activities governing DHS interactions with victims of crime."

To read this press release, click here.

Published by Cybersecurity and Infrastructure Security Agency 18 October 2021

"WASHINGTON - The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA) published a cybersecurity advisory today regarding BlackMatter ransomware cyber intrusions targeting multiple U.S. critical infrastructure entities, including two U.S. food and agriculture sector organizations. The advisory includes technical details, analysis, and assessment of this cyber threat, as well as several mitigation actions that can be taken to reduce the risk to this ransomware."

To read this press release, click here.

Published by Transportation Security Administration 7 October 2021

"DULLES, Va. – Transportation Security Administration (TSA) officers at Washington Dulles International Airport (IAD) stopped a Fredericksburg, Virginia, man from bringing his gun and ammunition onto his flight yesterday, October 6. The 9 mm handgun was not loaded, although the man was in possession of a magazine loaded with five bullets." 

"TSA alerted the Metropolitan Washington Airports Authority police who confiscated the gun and cited the man on weapons charges. The man said he forgot that he had his handgun with him. He now faces a stiff federal financial penalty for carrying a gun to a TSA checkpoint."

To read this press release, click here.

Published by U.S. Department of Homeland Security 6 October 2021

In his remarks at the October 6, 2021, 12th Annual Billington CyberSecurity Summit, Secretary of Homeland Security Alejandro N. Mayorkas stated, "...TSA has begun updating its aviation security program. By the close of this sprint, TSA will require critical U.S. airport operators, passenger aircraft operators, and all-cargo aircraft operators to designate a cybersecurity coordinator and report cyber incidents to CISA. TSA will expand the covered entities gradually to other relevant entities and consider additional measures over time."

To read the full speech, click here.

Published by Cybersecurity & Infrastructure Security Agency 1 October 2021

"Cybersecurity Colleagues and Partners,"

"Join us as we recognize the 18^th Cybersecurity Awareness Month.  All through the month CISA and the National Cybersecurity Alliance (NCSA) are asking you to “Do Your Part. Be Cyber Smart.” Cybersecurity is important for all Americans, and CISA and NCSA are sharing information and resources to help every one of us recognize and reduce the risk of cybersecurity threats."

"Each week in October we will highlight a different aspect of what it takes to “Do Your Part. Be Cyber Smart.”

• Week 1 (October 4-10): Be Cyber Smart: 
  Take simple actions to keep our digital lives secure.
• Week 2 (October 11-17): Phight the Phish!:
  Learn how to spot phishing attempts to prevent ransomware and other malware attacks.
• Week 3 (October 18-24): Explore. Experience. Share.:
  During week three of Cybersecurity Awareness Month, we will join the National Initiative for Cybersecurity Education (NICE) to celebrate Cybersecurity Career Awareness Week.
• Week 4 (October 25-31): Cybersecurity First: 
  Explore how cybersecurity and staying safe online is increasingly important as our world continues to operate virtually for so much of work and play.

"We are asking for you to take action at work and at home to drive home our message.  Follow us on social media we share tips and tools throughout the month that highlight each of the weekly messages. Want to do more? We have tools and resources for organizations to conduct their own efforts to promote cybersecurity."

Published by Aviation International News 30 September 2021

"MedAire is bolstering its aviation security intelligence-gathering operations for the Middle East region because of growing demand, the International SOS company announced. At its Dubai operations center, it is adding two dedicated aviation security specialists and a security manager. Also, MedAire has enhanced its aviation security content management system and technological capabilities there."

To read this article, click here.

Published by Cybersecurity & Infrastructure Security Agency 22 September 2021

"Cybersecurity Colleagues and Partners,"

"The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and the National Security Agency (NSA) announced the release of an advisory today on the Conti ransomware threat, including technical details about cyber actors’ behavior mapped to MITRE ATT&CK and recommended mitigations."

"CISA and FBI have observed an increased use of Conti ransomware in more 400 attacks to steal sensitive data from U.S. and international organizations. Malicious cyber actors typically use Conti ransomware against a victim to steal files, encrypt servers and workstations, and demand a ransom payment to return stolen, sensitive data."

"To secure systems against Conti ransomware, CISA, FBI, and NSA recommend implementing the mitigation measures described in this advisory, which include requiring multi-factor authentication (MFA), implementing network segmentation, and updating your operating system and software."

"If a ransomware incident occurs at your organization, CISA, FBI, and NSA recommend the following actions:"

"Follow the Ransomware Response Checklist on p. 11 of the CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide."

"Scan your backups. If possible, scan your backup data with an antivirus program to check that it is free of malware."

"Report incidents immediately to CISA at https://us-cert.cisa.gov/report, a local FBI Field Office, or U.S. Secret Service Field Office."

"Apply incident response best practices found in the joint advisory from Australia, Canada, New Zealand, the United Kingdom, and the United States on Technical Approaches to Uncovering and Remediating Malicious Activity."

"Organizations should read the advisory, assess your unique cybersecurity environment, and implement recommended mitigations for any observed security gaps or weaknesses. Any support you and your organizations can do to amplify this joint advisory through your communications and social media channels is appreciated. And as always, thank you for your continued collaboration."

"The advisory can be found here and is also available on the new, whole-of-government ransomware website, Stopransomware.gov."

To read this alert, click here. 

Published by NPR 14 September 2021

"WASHINGTON — Three former U.S. intelligence and military operatives have admitted providing sophisticated computer hacking technology to the United Arab Emirates and agreed to pay nearly $1.7 million to resolve criminal charges in an agreement that the Justice Department described Tuesday as the first of its kind."

To read this article, click here.

Published by Defense One 14 September 2021

Equal regard for individuals within an organization who are researching cyber sources of harmful information is key to a successful collaboration. Several branches of the United States military, including Space Force, met recently to discuss partnering to detect and deter malign information. The discussion also included a plan to convey these processes to international counterparts.

To read this article, click here.

Published by Federal Aviation Administration 9 September 2021

"COVID-19 Test Kits: Unused COVID-19 test kits do not contain dangerous goods and are typically allowed in both carry-on and checked baggage."

"COVID-19 test kits containing diagnostic samples (e.g., nasal swabs and vials of sputum) are not allowed in carry-on baggage. These samples must be properly packaged, handled, and identified as a UN3373 Category B Infectious Substance (PDF) during transportation. Passengers should check with their carrier before packing COVID-19 test kits containing diagnostic samples in checked baggage or shipping as cargo. Individual carriers and international requirements may be more restrictive than domestic regulations."

For more information, click here.

Published by Transportation Security Administration 9 September 2021

"Today, the Department of Homeland Security’s Transportation Security Administration (TSA) will increase the range of civil penalties that may be imposed on individuals who violate the federal mask mandate at airports, on commercial aircraft, and in various modes of surface transportation, including passenger railroads, intercity bus services, and other public transportation. The federal mask mandate for transportation, which was implemented by TSA on February 2, 2021, will remain in effect until January 18, 2022."

To read this press release, click here.

Published by Cybersecurity & Infrastructure Security Agency 8 September 2021

"To access this resource and/or learn more about drone security and CISA’s resources, visit: cisa.gov/uas. For questions regarding this guide please email suassecurity@cisa.dhs.gov."

To learn more, click here.

Published by Federal Aviation Administration 1 September 2021

"The FAA releases new laser strike data visualization highlighting this menacing and growing trend. Laser strikes are a menace to the skies. As a pilot, FAA Administrator Dickson knows this is an issue of concern. Shining a laser at an aircraft is dangerous for everyone onboard and on the ground. It is a federal crime resulting in fines or prison time. #LoseTheLaser"

To watch this video, click here.

Published by AIN Online 1 September 2021

Several factors are at play recently, causing concern in the business of chartering a private aircraft. Industry subject matter experts are offering guidance on avoiding a potential for all sorts of unknowns. Many air passengers do not realize the steps needed to ensure a safe flight. And the pandemic isn’t making matters any less complicated. The National Air Transportation Association (NATA), together with the FAA, has leaned in to help educate individuals new to the aviation market.

To read this article, click here.

Published by Transportation Security Administration 25 August 2021.

Air passengers should take stock of what is in their luggage prior to leaving for the airport. The method in which a firearm is being transported may be illegal. Checking it in correctly will cause less issues with airport security measures.

To read this article, click here.

Published by US Customs and Border Patrol 24 August 2021

"WASHINGTON – Air and Marine Operations (AMO) National Air Security Operations Center, P-3 Long Range Tracker and Airborne Early Warning crews and partners disrupted the flow of 113,779 pounds of cocaine in drug source and transit zones through the end of the third quarter of Fiscal Year 2021. It is estimated that United States Southern Command counter-narcotics operations involving Air and Marine Operations, federal and international partners denied transnational criminal organizations more than two billion dollars between October 1, 2020 and June 30, 2021."

To read this press release, click here.

Published by Cybersecurity & Infrastructure Security Agency 31 August 2021

"Today, the Federal Bureau of Investigation (FBI) and CISA released a Joint Cybersecurity Advisory (CSA) to urge organizations to ensure they protect themselves against ransomware attacks during holidays and weekends—when offices are normally closed."

To read this press release, click here.

Published by Federal Aviation Administration 24 August 2021

"The U.S. Department of Transportation’s Federal Aviation Administration (FAA) awarded more than $766 million in grants to build safer, more sustainable and more accessible airports across the United States."

To read this press release, click here.

Published by NBC News 19 August 2021

As a means of protection against a bad actor, some crew members on a recent flight chose to arm themselves with items intended for onboard service, such as an ice mallet. This is just one of several incidents involving crewmembers and passengers that have been reported.

Inflight infractions could prove to be very costly to non-compliant passengers. Inappropriate touching of a cabin crewmember, launching projectiles, drug use, public intoxication, non-adherence to mask mandates and using foul language aboard the aircraft are just some of the recent allegations. 

To read this article, click here.

Published by Transportation Security Administration 7 August 2021

To consult "with key partners on aviation security matters, including the development, refinement, and implementation of policies, programs, rulemaking and security directives pertaining to aviation security" the Aviation Security Advisory Committee (ASAC) has been in existence since 1989. 

To learn more, click here.

Published by CBS News 29 July 2021

Can a man with a jetpack actually fly up to 3,000 or 5,000 feet? It seems unlikely, according to the FBI, but a pilot recently reported such a sighting to Air Traffic Control at Los Angeles International Airport.

To learn more, click here.

Published by U.S. Department of State 21 July 2021

The U.S. Department of State has published a new webpage with information regarding passport applications. According to this page, an expedited request can take up to 12 weeks while a standard request may take up to 18 weeks.

To learn more, click here.

Published by Homeland Security Today 20 July 2021

The COVID-19 virus and its variants continue to claim the lives of thousands of people around the world each day. The Centers for Disease Control and Prevention has identified the risk of travel for each country.

To read this article, click here.

Published by U.S. Department of State 15 July 2021

Offering monetary rewards for useful information is a practice that has proven effective. In its program to prevent terrorism, the U.S. Department of State has paid out more than $200 million over the last 30+ years to informants. Now, it has expanded this program to gather information on malicious cyber activity.

To read this press release, click here.

Published by Transportation Security Administration 15 July 2021

Luckily, air marshals were on board an aircraft heading to Florida when a passenger began acting erratically. The air marshals had to separate the man from the other passengers after he claimed a flight attendant and another passenger were carrying explosive device components, and he could smell gas.

To read this press release, click here.

Published by Transportation Security Administration 1 July 2021

Planning a summer getaway that involves air travel? The Transportation Security Administration (TSA) has released a new set of helpful reminders to navigate airport security checkpoints.

To read this press release, click here.

Published by Cybersecurity & Infrastructure Security Agency 30 June 2021

Now companies have a new tool to assist them in protecting their data against cyber criminals. The Ransomeware Readiness Assessment is intended to show organizations how ready they are in the event of a ransomware attack.

To read this release, click here.

Published by U.S. Immigration and Customs Enforcement 29 June 2021

Protecting people from victimization is one of the principal goals of the Homeland Security Investigations (HSI). The HSI joined with other law enforcement agencies in the month of June in an operation aimed at rescuing victims of sex trafficking.

To read this press release, click here.

Published by CBS News 25 June 2021

A driver created a major security threat at Los Angeles International Airport (LAX) when he drove across two large runways twice at high speed, after managing to crash his car through a gate. It is unknown if police were already chasing him when he entered the airport property and what initiated the chase. 

To read this article, click here.

Published by Transportation Security Administration 24 June 2021

Commercial flight crew members are increasingly becoming targets of passenger violence. In response to this, the Transportation Security Administration announces it will be resuming its self-defense training for flight crew members. 

To read this press release, click here.

Published by Homeland Security Today 4 June 2021

Does the idea of standing in a TSA passenger security line cause your stress level to rise? One airport in Massachusetts is trying to make it easier by using a virtual one. 

To read this article, click here.

Published by AVweb 18 May 2021

Aircraft operators and private pilots should always check for Temporary Flight Restriction (TFR) areas on their flight plan. Otherwise, they could find their aircraft flanked by fighter jets. 

To read this article, click here.

Published by AVweb 17 May 2021

In the U.S., commercial and private drones are not permitted to fly higher than 400 feet and most cannot stay up for longer than about 30 minutes. However, according to the FBI, a government helicopter reported a drone incident at 14,000 feet. 

To read this article, click here.

Published by Federal Aviation Administration 17 May 2021

A threat to the security or safety of an aircraft, or its crew, by a passenger can result in criminal, as well as civil, actions. Four passengers are facing the consequences for their actions aboard an aircraft in four separate incidents.

To read this press release, click here.

Published by Aviation Week Network 6 May 2021

As autonomous aircraft enter the aviation world, questions arise over the ability to ensure they are safe and that they have internal values programmed into them. This new podcast discusses these questions.

To listen to this podcast, click here.

Published by U.S. Department of Homeland Security 27 April 2021

Today, the Department of Homeland Security (DHS) issued an announcement that it will be extending the deadline for REAL ID. DHS states this extension is the result of ongoing challenges facing states, due to the COVID-19 pandemic. The new deadline is May 3, 2023.

To read this announcement, click here.

Published by Homeland Security Today 6 April 2021

Prison inmates are always seeking new methods to obtain items that are prohibited. Normally, these methods are ground-based, but one inmate and his brother decided to utilize modern aerial technology with unsuccessful results. 

To read this story, click here.

Published by Office of Inspector General, U.S. Department of Transportation 25 March 2021

It is unknown why a man in Virginia decided to direct his unmanned aircraft system (UAS) into a fire station after harassing firefighters there. Now the man faces criminal charges over his actions.

To read this story, click here.

Published by Homeland Security Today 22 March 2021

On the internet, untold numbers of images depicting the sexual abuse of children are shared and traded like baseball cards, despite the existence of laws that prohibit it. Now, the Human Exploitation Rescue Operative (HERO) is accepting applications from U.S. veterans who want to become involved in the ongoing fight to stop it.

For more information, click here.

Published by Homeland Security Today 19 March 2021

Misbehaving on an aircraft puts everyone on board at risk and the FAA recently adopted a temporary zero-tolerance policy for such behavior. The policy has led to fines issued against passengers for actions that include throwing things and refusing to wear a face mask. Now, the FAA has announced this policy will stay in place.

For more information, click here.

Published by Homeland Security Today 13 March 2021

As drone operation grows in popularity, the risk of incidents involving drones and large airports rises. To provide national authorities and aviation operators with guidance on how to prepare for these types of events, a new manual has been published by the European Union Aviation Safety Agency (EASA). 

To read this article, click here.

Published by Scubby February 2021

 Next to safety, security is one of the most important things in aviation. The correct security measures protect employees and passengers alike. This article discusses general security procedures, airport security measures, why security is important and aviation security innovation.

To learn more, click here. 

Published by Department of Homeland Security 27 January 2021

Today, January 27, 2021, the Department of Homeland Security (DHS) released a National Terrorism Advisory System (NTAS) Bulletin. In light of recent and ongoing events taking place regarding the transitioning of government, DHS is asking the public to:

• Protect your personal safety
• Avoid large gatherings
• Watch for anything indicating extremist behavior, foreign or domestic
• Contact appropriate law enforcement agencies to report suspicious activity

To read this NTAS bulletin, click here. 

Issued by Centers for Disease Control and Prevention 26 January 2021

On Tuesday, January 26, 2021, an order from the Centers for Disease Control and Prevention (CDC) relating to international air travelers went into effect. This order requires air travelers who are coming from a foreign country to the United States to provide proof of their COVID-19 status.

To read this order and see how it may affect your operation, click here.

Published by The White House 31 December 2020

The Department of Justice (DOJ) and federal law enforcement agencies opened more than 3,000 cases and investigations involving human trafficking in 2019, and more than 5,000 people were arrested in connection with this crime. The U.S. government recently released a proclamation, recommitting itself to the ongoing fight to end human trafficking. 

To learn more, click here. 

Published by Federal Aviation Administration 28 December 2020

The FAA reports that over 203,000 people are now registered as remote pilots, and registration for drones are at 1.7 million, and growing. The agency recently announced final rules for Unmanned Aircraft (UA). U.S. Secretary of Transportation states, “These final rules carefully address safety, security and privacy concerns while advancing opportunities for innovation and utilization of drone technology.”

 To read this press release, click here. 

Published by Cybersecurity & Infrastructure Security Agency 16 December 2020

Almost a year later, our daily lives have been saturated with Coronavirus numbers and statistics. The pandemic has affected everyone in some way, especially essential workers. The Cybersecurity & Infrastructure Security Agency (CISA) recently released its Essential Critical Infrastructure Workforce Guidance, Version 4.0. CISA states, “This version is intended to help state, local, tribal, and territorial officials and organizations protect their workers and communities, and ensure the continued safe and secure operation of critical infrastructure.”

 To read this new guidance, click here. 

Published by AIN Online 11 December 2020

Recently, there has been a large number of cyberattacks. These attacks are now starting to target the business aviation industry. AIN states, “The airframer’s Dassault Falcon Jet division, which markets and supports the Falcon family of business jets in the Americas, on Thursday stated that certain of its IT systems had suffered a cyberattack on Monday, December 7."

To read this article, click here.

Published by ZDNET 1 December 2020

Before you click on any links, it’s always a good idea to think twice – especially with those emails you’re receiving regarding tracking and delivery of purchased online orders. There is a good possibility that the email in your inbox could be a phishing attempt from an online scammer.

To read this article, click here. 

Published by Cybersecurity & Infrastructure Security Agency 21 August 2021

There are many ways to protect oneself from cyber crime. Keeping your devices safe is one of the most important precautions to take for a stress-free holiday season. There are many other methods as recommended by CISA.

To learn more, click here.

Published by Aviation Pros 5 November 2020

Pilots of private aircraft that are flying into or out of Wilmington, DE, are under a new flight advisory issued by the FAA. The flight advisory establishes a no-fly zone around the home of Democratic presidential nominee, Joe Biden.

To learn more, click here. 

Published by Homeland Security Today 2 November 2020

 Planning on visiting Canada, eh? Before you pack your bags, you should be aware that Canada has made changes regarding quarantine for travelers as well as travel restrictions.

To read this article, click here. 

Published by Department of Homeland Security 20 October 2020

Human trafficking is a multibillion-dollar criminal industry that impacts men, women and children around the globe. The U.S. Department of Homeland Security (DHS) is actively working to end this. DHS announces, “...the opening of the DHS Center for Countering Human Trafficking, the U.S. government’s first-ever integrated law enforcement operations center directly supporting federal criminal investigations, victim assistance efforts, intelligence analysis, and outreach and training activities related to human trafficking and forced labor.”

To read more, click here. 

Published by Homeland Security Today 14 October 2020

 Are you considering traveling by air? If you are, check out these “Top Tips” provided by the Transportation Security Administration (TSA) Federal Security Directors.

 To learn how to stay safe and secure, click here. 

Published by AIN Online 12 October 2020

 Since the National Aviation Transportation Association (NATA) and National Aviation Transportation Association Compliance Services (NATACS) have joined forces with the Department of Homeland Security (DHS) and its Blue Lightning Initiative (BLI), 4,723 crewmembers have completed training that focuses on human trafficking identification and awareness.

To read this article, click here.

Published by Global Trade 14 September 2020

 Does your operation have a plan in place to mitigate cargo theft? If so, does it contain special processes or precautions to take when shipping high-value items? Global Trade states: "Any company can use a variety of shipping strategies for high-value cargo. The main aim, however, is always to completely eliminate the risk of damaging, losing, or anyone stealing the items."

 To read this article, click here. 

Published by ABC News 1 September 2020

Was it a bird? Was it another plane? Or was it a man in a jetpack?

Instead of the fluffy white clouds and the rays of the sun, an American Airlines pilot recently witnessed something a little different in the air...

To read this article, click here. 

Published by Homeland Security Today 19 August 2020

Did you know that over $34 million as well as over 900 weapons were seized by Air and Marine Operations (AMO) in 2019? 2020 is still in progress, and a recent incident will definitely be a part of this year’s statistics. Cash was found, amounting to $20,312, along with over 50 weapons on a Learjet that was searched by officers from the Fort Lauderdale Marine Unit of the AMO.

To read this article, click here. 

Published by Homeland Security Today 10 August 2020

COVID-19 distractions, using COVID-19 as a weapon and increasing anti-government attitudes are just three impacts of the current pandemic that are presented in a new observational report on terrorism from researchers. The report discusses how terrorist activities could change in the future, as a result of the virus, and how it is already generating changes for these violent organizations.

To read this article, click here. 

Published by Transportation Security Administration 10 August 2020

Planning on traveling with a firearm? The Transportation Security Administration (TSA) has seen a large spike of loaded firearms attempting to pass through airport security checkpoints. Prior to heading for the airport, ensure you are aware of the requirements for transporting firearms and ammunition. It’s important to be familiar with the rules so you can avoid a hefty civil penalty.

To read this press release, click here.

Published by AINonline 15 July 2020

If you were to conduct a Google search for private air charter, it is highly likely that you would come across an ad promoting a website that offers this service. However, chances are this website is fake, created by fraudsters looking to take advantage. Prior to booking any travel, it’s important to do your research.

To learn how to protect yourself from fake charter websites, click here.

Published by Forbes 8 July 2020

The news of Coronavirus sent shockwaves into the economy of global travel, putting a spotlight on the potential ways to avoid transmission of the disease and making us all wonder, “If I get on this flight, will I get sick?” Well, not only does flying private reduce your risk of exposure by avoiding the masses of people, but it also gives you more direct control of your safety and surroundings; such as having the ability to fully control your own cabin environment and knowing the history of your pilots and flight attendants to see if they’ve been to areas at a higher risk of exposure, not to mention having a jet completely to yourself/family. See why others are turning to private charter, it may just change the way you travel.

To read this article, click here.

Published by PRWeb 6 July 2020

Human trafficking is a global issue that affects each of us. That's why NATA Compliance Services, along with the National Air Transportation Association (NATA), have signed a Memorandum of Understanding with the Department of Homeland Security (DHS) and the Department of Transportation (DOT), in support of the Blue Lightning Initiative (BLI).

To read this press release, click here.

Published by BM Magazine 27 May 2020

There are a variety of reasons people fly private: comfort, no long wait times, easy access to flight, privacy, security and the use of practical safety measures. Traveling private can be a much safer alternative these days, especially during the current pandemic. See what business executives are saying about the use of private aviation options and why they prefer it.

To read this article, click here.

Published by Transportation Security Administration 21 May 2020

This morning, the Transportation Safety Administration (TSA) announced it is updating security procedures for air travelers with the purpose of protecting the public and TSA employees from COVID-19. These security procedures include:

• Social distancing 
• TSA officers will wear masks and gloves at security checkpoints
• Travelers will keep possession of their boarding pass
• The allowance of up to 12 oz. of hand sanitizer
• Food should be kept separated for x-ray processing

Published by Transportation Security Administration 5 May 2020

The Transportation Security Administration (TSA) has released a Notice of temporary exemption for the Alien Flight Student Program.

The Transportation Security Administration (TSA) is granting a temporary exemption from certain requirements in 49 CFR part 1552 regarding the timeframe within which a flight school must initiate flight training for alien flight students (candidates) who have an approved TSA security threat assessment (STA). For the duration of this exemption, TSA grants an extension from 180 days to 365 calendar days for candidates to begin training if the candidate's information and fees for an STA were submitted on or between December 1, 2019 and September 1, 2020.

Published by Fox News 3 May 2020

An aircraft was searched after it was forced to land at Anchorage International Airport. The search was initiated due to a report of a bomb on-board. Authorities report they “do not believe that there is any ongoing threat to the community.” At this time, it is unknown how the threat was discovered.

To read this article, click here. 

Published by The Hill 3 May 2020

In recent news, there are some concerns surrounding terrorist threats and global security at the same time of dealing with a world-wide pandemic. The Hill states, "Security agencies and researchers are monitoring an uptick in racially motivated hate crimes pushed by extremists online. The threat is more pronounced as whole populations are under stay-at-home orders and spending more time online."

In an attempt to mitigate job losses, the Paycheck Protection Program (PPP) loan provides assistance to small businesses by providing much needed funding and allowing them to keep employees on payroll. Unfortunately, recent news of a security breach leaves many business owners concerned their personal information may end up in the wrong hands. 

Published by AV Web 19 April 2020

From the start of the pandemic, we have witnessed passenger travel drop significantly, causing airlines huge losses. In an attempt to minimize the monetary losses, airlines have made a switch to cargo-only flights. Since the seats in the cabin are unoccupied by passengers, the FAA advised airlines of their ability to remove the seats, creating more space for freight and cargo.

To read this article, click here.

Published by Transportation Security Administration 15 April 2020

Even though we are in the midst of a pandemic, there are still some individuals that are required to travel. The Transportation Security Administration (TSA) has made some adjustments that travelers should be aware of.

To read this article, click here.

Published by Business Insider 12 March 2020

Coronavirus is a global pandemic affecting numerous aspects of our daily lives. During this pandemic, hackers are taking advantage of opportunities to gain access to your systems, sensitive security information (SSI) and personal identifiable information (PII). Educate yourself on safe practices and know what to look for; double check to see if you are on a secured website and ensure what you are downloading doesn’t result in malware. Stay vigilant.

Published by Global News 21 February 2020

Two aircraft belonging to Harbour Air were involved in an accident when a man collided into them after stealing a third aircraft. After the incident, the man left the scene according to witness testimony and police are still searching for him. Situations like these only further emphasize the need for increased security and awareness surrounding these locations.

To read this article, please click here.

Published by DARKReading 19 February 2020

Sticky notes and human memory were found to be the most popular methods used by security professionals and consumers to remember passwords, according to a new report released by the Ponemon Institute. The report also revealed that security professionals share passwords, use the same passwords for workplace accounts, and don’t protect personal accounts with two factor authentication.

To read this article, click here.

Published by CNN 10 February 2020

In 2017, personal information including Social Security numbers, driver’s license numbers and names of almost 150 million Americans was stolen when Equifax became the victim of a data breach. Now, four members of the Chinese People’s Liberation Army have been charged by a federal grand jury for conducting it.

To read this article, click here.

Published by Threatpost news 4 February 2020

The application programming interface (API) on Twitter is a tool people use to identify friends and acquaintances by using their phone number. However, several fake accounts were discovered using it for the sole purpose of uncovering Twitter users. The accounts were linked to IP addresses in Malaysia, Israel and Iran, and Twitter has expressed concern that they belong to state-sponsored actors.

To read this article, click here.

Issued by Department of Homeland Security 2 February 2020

The U.S. Department of Homeland Security (DHS) has modified its notice of arrival restrictions for flights carrying persons who have recently been in the People’s Republic of China. The modification increases the number of airports where these flights can land and when these airports will begin receiving flights. 

To read this modification, please click here.

Issued by Department of Homeland Security 4 January 2020

Due to increasing tensions within the Middle East, an alert bulletin was issued by DHS. This bulletin highlights that attacks can come at any time with little or no warning, however, a specific, credible threat is not currently known. Advisory Bulletins describe current developments or general trends regarding threats of terrorism.

Read this bulletin here to stay informed, be prepared and learn how you can help.

Published by Aviation International News on 19 December 2019

An investigation is underway as authorities look into an incident where a 17-year-old girl stole a King Air and crashed into an airport building.

To read this article, click here.

Published by Security Magazine 2 December 2019

There are so many factors to consider when making your security choices. Both contract security and in-house security have benefits when it comes to cybersecurity and physical security. 

To read this article, click here.

Published by Independent on 21 November 2019

Airport security screening can vary by location. It is very possible that your screening experience in a foreign location may be very different than in the United States.

To read this article, click here.

Published by Homeland Preparedness News 25 October 2019.

A bill sponsored by the late Rep. Elijah Cummings was advanced by the House Committee on Homeland Security. The bill was to improve the Transportation Security Administration’s (TSA's) security operations.

To read this article, click here.