Januar 2023
31.01.2023
US CERT
Protecting Against Malicious Use of Remote Monitoring a...
Titel
<a href="/news-events/cybersecurity-advisories/aa23-025a" hreflang="en">Protecting Against Malicious Use of Remote Monitoring and Management Software</a>
Veröffentlicht
31. Januar 2023 22:32
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-025a
Text
25.01.2023
US CERT
AA23-025A: Protecting Against Malicious Use of Remote Monitoring and Management Software
Titel
AA23-025A: Protecting Against Malicious Use of Remote Monitoring and Management Software
Veröffentlicht
25. Januar 2023 18:55
URL
https://us-cert.cisa.gov/ncas/alerts/aa23-025a
Text
Original release date: January 25, 2023SummaryThe Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) (hereafter referred to as the “authoring organizations”) are releasing this joint Cybersecurity Advisory (CSA) to warn network defenders about malicious use of legitimate remote monitoring and ...
Dezember 2022
01.12.2022
US CERT
AA22-335A: #StopRansomware: Cuba Ransomware
Titel
AA22-335A: #StopRansomware: Cuba Ransomware
Veröffentlicht
1. Dezember 2022 19:04
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-335a
Text
Original release date: December 1, 2022SummaryActions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce phishing-resistant multifactor authentication. Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort ...
November 2022
17.11.2022
US CERT
AA22-321A: #StopRansomware: Hive Ransomware
Titel
AA22-321A: #StopRansomware: Hive Ransomware
Veröffentlicht
17. November 2022 18:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-321a
Text
Original release date: November 17, 2022SummaryActions to Take Today to Mitigate Cyber Threats from Ransomware: • Prioritize remediating known exploited vulnerabilities. • Enable and enforce multifactor authentication with strong passwords • Close unused ports and remove any application not deemed necessary for day-to-day operations. Note: This joint Cybersecurity Advisory (CSA) ...
16.11.2022
US CERT
AA22-320A: Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester
Titel
AA22-320A: Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester
Veröffentlicht
16. November 2022 16:04
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-320a
Text
Original release date: November 16, 2022SummaryFrom mid-June through mid-July 2022, CISA conducted an incident response engagement at a Federal Civilian Executive Branch (FCEB) organization where CISA observed suspected advanced persistent threat (APT) activity. In the course of incident response activities, CISA determined that cyber threat actors exploited the Log4Shell vulnerability ...
Oktober 2022
21.10.2022
US CERT
AA22-294A: #StopRansomware: Daixin Team
Titel
AA22-294A: #StopRansomware: Daixin Team
Veröffentlicht
21. Oktober 2022 16:29
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-294a
Text
Original release date: October 21, 2022SummaryActions to take today to mitigate cyber threats from ransomware: • Install updates for operating systems, software, and firmware as soon as they are released. • Require phishing-resistant MFA for as many services as possible. • Train users to recognize and report phishing attempts. Note: ...
06.10.2022
US CERT
AA22-279A: Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors
Titel
AA22-279A: Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors
Veröffentlicht
6. Oktober 2022 19:08
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-279a
Text
Original release date: October 6, 2022SummaryThis joint Cybersecurity Advisory (CSA) provides the top Common Vulnerabilities and Exposures (CVEs) used since 2020 by People’s Republic of China (PRC) state-sponsored cyber actors as assessed by the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI). ...
04.10.2022
US CERT
AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization
Titel
AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization
Veröffentlicht
4. Oktober 2022 19:58
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-277a
Text
Original release date: October 4, 2022SummaryActions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity: • Enforce multifactor authentication (MFA) on all user accounts. • Implement network segmentation to separate network segments based on role and functionality. • Update software, including operating systems, applications, and firmware, on network assets. • ...
September 2022
22.09.2022
US CERT
AA22-265A: Control System Defense: Know the Opponent
Titel
AA22-265A: Control System Defense: Know the Opponent
Veröffentlicht
22. September 2022 14:55
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-265a
Text
Original release date: September 22, 2022SummaryTraditional approaches to securing OT/ICS do not adequately address current threats. Operational technology/industrial control system (OT/ICS) assets that operate, control, and monitor day-to-day critical infrastructure and industrial processes continue to be an attractive target for malicious cyber actors. These cyber actors, including advanced persistent threat ...
21.09.2022
US CERT
A22-264A: Iranian State Actors Conduct Cyber Operations Against the Government of Albania
Titel
A22-264A: Iranian State Actors Conduct Cyber Operations Against the Government of Albania
Veröffentlicht
21. September 2022 19:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-264a
Text
Original release date: September 21, 2022SummaryThe Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory to provide information on recent cyber operations against the Government of Albania in July and September. This advisory provides a timeline of activity observed, from ...
21.09.2022
US CERT
AA22-264A: Iranian State Actors Conduct Cyber Operations Against the Government of Albania
Titel
AA22-264A: Iranian State Actors Conduct Cyber Operations Against the Government of Albania
Veröffentlicht
21. September 2022 19:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-264a
Text
Original release date: September 21, 2022SummaryThe Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory to provide information on recent cyber operations against the Government of Albania in July and September. This advisory provides a timeline of activity observed, from ...
14.09.2022
US CERT
AA22-257A: Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and ...
Titel
AA22-257A: Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations
Veröffentlicht
14. September 2022 17:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-257a
Text
Original release date: September 14, 2022SummaryActions to take today to protect against ransom operations: • Keep systems and software updated and prioritize remediating known exploited vulnerabilities. • Enforce MFA. • Make offline backups of your data. This joint Cybersecurity Advisory (CSA) is the result of an analytic effort among the ...
06.09.2022
US CERT
AA22-249A: #StopRansomware: Vice Society
Titel
AA22-249A: #StopRansomware: Vice Society
Veröffentlicht
6. September 2022 15:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-249a
Text
Original release date: September 6, 2022SummaryActions to take today to mitigate cyber threats from ransomware: • Prioritize and remediate known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce multifactor authentication. Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort ...
August 2022
16.08.2022
US CERT
AA22-228A: Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite
Titel
AA22-228A: Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite
Veröffentlicht
16. August 2022 17:38
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-228a
Text
Original release date: August 16, 2022SummaryActions for ZCS administrators to take today to mitigate malicious cyber activity: • Patch all systems and prioritize patching known exploited vulnerabilities. • Deploy detection signatures and hunt for indicators of compromise (IOCs). • If ZCS was compromised, remediate malicious activity. The Cybersecurity and Infrastructure ...
11.08.2022
US CERT
AA22-223A: #StopRansomware: Zeppelin Ransomware
Titel
AA22-223A: #StopRansomware: Zeppelin Ransomware
Veröffentlicht
11. August 2022 18:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-223a
Text
Original release date: August 11, 2022SummaryActions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce multifactor authentication. Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to ...
04.08.2022
US CERT
AA22-216A: 2021 Top Malware Strains
Titel
AA22-216A: 2021 Top Malware Strains
Veröffentlicht
4. August 2022 20:10
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-216a
Text
Original release date: August 4, 2022SummaryImmediate Actions You Can Take Now to Protect Against Malware: • Patch all systems and prioritize patching known exploited vulnerabilities. • Enforce multifactor authentication (MFA). • Secure Remote Desktop Protocol (RDP) and other risky services. • Make offline backups of your data. • Provide end-user ...
Juli 2022
06.07.2022
US CERT
AA22-187A: North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector
Titel
AA22-187A: North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector
Veröffentlicht
6. Juli 2022 16:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-187a
Text
Original release date: July 6, 2022SummaryThe Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of the Treasury (Treasury) are releasing this joint Cybersecurity Advisory (CSA) to provide information on Maui ransomware, which has been used by North Korean state-sponsored cyber actors since at least ...
Juni 2022
30.06.2022
US CERT
AA22-181A: #StopRansomware: MedusaLocker
Titel
AA22-181A: #StopRansomware: MedusaLocker
Veröffentlicht
30. Juni 2022 19:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-181a
Text
Original release date: June 30, 2022SummaryActions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce multifactor authentication. Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to ...
23.06.2022
US CERT
AA22-174A: Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems
Titel
AA22-174A: Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems
Veröffentlicht
23. Juni 2022 19:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-174a
Text
Original release date: June 23, 2022SummaryActions to take today: • Install fixed builds, updating all affected VMware Horizon and UAG systems to the latest versions. If updates or workarounds were not promptly applied following VMware’s release of updates for Log4Shell in December 2021, treat all affected VMware systems as compromised. ...
08.06.2022
US CERT
AA22-158A: People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices
Titel
AA22-158A: People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices
Veröffentlicht
8. Juni 2022 00:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-158a
Text
Original release date: June 7, 2022SummaryBest Practices • Apply patches as soon as possible • Disable unnecessary ports and protocols • Replace end-of-life infrastructure • Implement a centralized patch management system This joint Cybersecurity Advisory describes the ways in which People’s Republic of China (PRC) state-sponsored cyber actors continue to ...
01.06.2022
US CERT
AA22-152A: Karakurt Data Extortion Group
Titel
AA22-152A: Karakurt Data Extortion Group
Veröffentlicht
1. Juni 2022 16:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-152a
Text
Original release date: June 1, 2022SummaryActions to take today to mitigate cyber threats from ransomware: • Prioritize patching known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enforce multifactor authentication. The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Department of ...
Mai 2022
18.05.2022
US CERT
AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control
Titel
AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control
Veröffentlicht
18. Mai 2022 20:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-138b
Text
Original release date: May 18, 2022SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is releasing this Cybersecurity Advisory (CSA) to warn organizations that malicious cyber actors, likely advanced persistent threat (APT) actors, are exploiting CVE-2022-22954 and CVE-2022-22960 separately and in combination. These vulnerabilities affect certain versions of VMware Workspace ONE Access, ...
18.05.2022
US CERT
AA22-138A: Threat Actors Exploiting F5 BIG-IP CVE-2022-1388
Titel
AA22-138A: Threat Actors Exploiting F5 BIG-IP CVE-2022-1388
Veröffentlicht
18. Mai 2022 15:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-138a
Text
Original release date: May 18, 2022SummaryActions for administrators to take today: • Do not expose management interfaces to the internet. • Enforce multi-factor authentication. • Consider using CISA’s Cyber Hygiene Services. The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) are releasing this ...
17.05.2022
US CERT
AA22-137A: Weak Security Controls and Practices Routinely Exploited for Initial Access
Titel
AA22-137A: Weak Security Controls and Practices Routinely Exploited for Initial Access
Veröffentlicht
17. Mai 2022 15:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-137a
Text
Original release date: May 17, 2022SummaryBest Practices to Protect Your Systems: • Control access. • Harden Credentials. • Establish centralized log management. • Use antivirus solutions. • Employ detection tools. • Operate services exposed on internet-accessible hosts with secure configurations. • Keep software updated. Cyber actors routinely exploit poor security ...
11.05.2022
US CERT
AA22-131A: Protecting Against Cyber Threats to Managed Service Providers and their Customers
Titel
AA22-131A: Protecting Against Cyber Threats to Managed Service Providers and their Customers
Veröffentlicht
11. Mai 2022 13:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-131a
Text
Original release date: May 11, 2022SummaryTactical actions for MSPs and their customers to take today: • Identify and disable accounts that are no longer in use. • Enforce MFA on MSP accounts that access the customer environment and monitor for unexplained failed authentication. • Ensure MSP-customer contracts transparently identify ownership ...

Letzte Updates

BOSCH PSIRT
31.10.2024
SIEMENS CERT
22.11.2024
US CERT
08.11.2024
US CERT (ICS)
21.11.2024

Nach Quelle

Archiv

2024
2023
2022
2021
2020
2019
2018
2017

Feeds