Threat Bulletins
The cyber threat bulletins published by the MD-ISAC are intended for the MD-ISAC members and provide intelligence on potential threats and vulnerabilities. A selection of the MD-ISAC’s bulletins is publicly available here. These are subject to standard copyright rules and are categorized as TLP:CLEAR.
2025
2024
- Maryland Residents Receiving Smishing Messages Impersonating MDOT EZ-Pass (AR20241016-33) - PDF - 201.32 KB
- Exercise Caution: Threat Actors May Take Advantage Of Crowdstrike Outage (FA20240719-002) - PDF - 60.73 KB
- Threat Actors Continue To Exploit Out Of Date And End Of Life Devices In The Emergency Services Industry (AR20240207-002) - PDF - 99.63 KB
- PRC-Linked Threat Actor Volt Typhoon Targets US Critical Infrastructure (AR20240209-003) - PDF - 119.43 KB
- Vulnerabilities Found In FortiOS Could Allow For Remote Code Execution And Other Attacks (VAR20240209-001.1) - PDF - 108.6 KB
2023
- Vice Society threat group wreaks havoc in Education and Rail sectors (AR20230124-002) - PDF - 147.21 KB
- OneNote attachments used to spread malware (AR20230127-003) - PDF - 463.55 KB
- Exploiting the User: Leveraging Valid Services for Malicious Activity (TAR20230206-001) - PDF - 844.37 KB
- Threat Analysis Report - Phishing Campaign Targeting Facebook Session (TAR20230427-002) - PDF - 1.33 MB
2022
- Killnet targeting US civilian network infrastructure to include the State of Maryland (FA20221010–001) - PDF - 128.51 KB
- Russian Hacktivist Group Killnet Targeting US Government Network Infrastructure (AR20221215–004) - PDF - 106.78 KB
- Social Engineering Awareness in Advance of 2022 Holiday Season (AR20221222–006) - PDF - 98.74 KB
- Twitter Account Data Leak Reported by Independent Researcher (AR20221227-007) - PDF - 853.4 KB