Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

BRICKSTORM mitigation guidance

Advisory/Mitigation
First reported
Last updated
Happening score
H score 39
1 unique sources, 1 articles

Summary

Hide ▲

CISA, NSA, and the Cyber Centre issued BRICKSTORM mitigation and detection guidance for critical infrastructure owners and operators, urging them to review IOCs, apply detection signatures, and harden exposed environments against PRC-linked activity.

Related Happenings

US government warning on Iran-affiliated critical infrastructure disruption risk

Public Sector Action
First: 18.05.2026 18:41 Last: 18.05.2026 18:41 Sources 1

About this happening: The **US government** warned that **Iran-affiliated threat actors** were disrupting **US critical infrastructure** through attacks on **Internet-exposed OT devices** across **mult...

Open Happening

CISA releases CI Fortify guidance for critical infrastructure resilience

Public Sector Action
First: 05.05.2026 15:00 Last: 05.05.2026 15:00 Sources 1

About this happening: CISA released CI Fortify, guidance for critical infrastructure operators across sectors to help keep essential services running during cyberattack or crisis conditions. The framew...

Latest development: 06.05.2026 16:15

CISA launched CI Fortify on Tuesday as a planning framework for critical infrastructure operators in water, energy, transportation and communications to prepare for cyber disruption by disconnecting OT systems from third-party and business networks, maintaining essential services in degraded communications conditions, and recovering compromised systems through backups, component replacement, or a transition to manual operations.

Open Happening

NCSC-UK joint advisory on covert botnets and proxy networks

Public Sector Action
First: 23.04.2026 15:28 Last: 23.04.2026 15:28 Sources 1

About this happening: **NCSC-UK** and partner agencies issued a **joint advisory** warning that **China-nexus hackers** are using **hijacked consumer devices** as covert proxy networks to hide maliciou...

Open Happening

Iranian-affiliated US CNI OT attack campaign

Campaign
First: 08.04.2026 11:15 Last: 08.04.2026 11:15 Sources 1

About this happening: An **Iranian-affiliated** campaign is actively targeting **US critical national infrastructure providers**, creating **operational disruption** and **financial loss** across multi...

Open Happening

Iranian-linked PLC targeting campaign against U.S. critical infrastructure

Campaign
First: 07.04.2026 21:02 Last: 07.04.2026 21:02 Sources 1

About this happening: Iranian-linked hackers are actively targeting **Internet-exposed Rockwell/Allen-Bradley PLCs** on **U.S. critical infrastructure** networks, increasing the risk of operational dis...

Open Happening

Timeline

  1. 04.12.2025 14:00 2 articles · 5mo ago

    CISA, NSA, and Cyber Centre release BRICKSTORM guidance

    Initial Disclosure

    CISA, the National Security Agency, and the Canadian Centre for Cyber Security released a BRICKSTORM malware analysis report for VMware vSphere, VMware vCenter servers, and Windows environments used by People’s Republic of China state-sponsored actors, providing indicators of compromise, detection signatures, YARA and SIGMA rules, and mitigation steps for critical infrastructure defenders, especially Government and Information Technology organizations.

    Show sources
    Open in new tab