April 2021
26.04.2021
US CERT
AA21-116A: Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders
Titel
AA21-116A: Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders
Veröffentlicht
26. April 2021 17:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-116a
Text
Original release date: April 26, 2021SummaryThe Federal Bureau of Investigation (FBI), Department of Homeland Security (DHS), and Cybersecurity and Infrastructure Security Agency (CISA) assess Russian Foreign Intelligence Service (SVR) cyber actors—also known as Advanced Persistent Threat 29 (APT 29), the Dukes, CozyBear, and Yttrium—will continue to seek intelligence from U.S. ...
20.04.2021
US CERT
AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities
Titel
AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities
Veröffentlicht
20. April 2021 17:03
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-110a
Text
Original release date: April 20, 2021 | Last revised: May 28, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises affecting a number of U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actor—or actors—beginning in June 2020 or earlier related to ...
März 2021
18.03.2021
US CERT
AA21-077A: Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool
Titel
AA21-077A: Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool
Veröffentlicht
18. März 2021 19:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-077a
Text
Original release date: March 18, 2021 | Last revised: April 15, 2021SummaryUpdated April 15, 2021: The U.S. Government attributes this activity to the Russian Foreign Intelligence Service (SVR). Additional information may be found in a statement from the White House. For more information on SolarWinds-related activity, go to https://us-cert.cisa.gov/remediating-apt-compromised-networks and ...
17.03.2021
US CERT
AA21-076A: TrickBot Malware
Titel
AA21-076A: TrickBot Malware
Veröffentlicht
17. März 2021 16:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-076a
Text
Original release date: March 17, 2021 | Last revised: May 20, 2021SummaryThis Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 8. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency (CISA) and Federal ...
03.03.2021
US CERT
AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities
Titel
AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities
Veröffentlicht
3. März 2021 19:12
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-062a
Text
Original release date: March 3, 2021 | Last revised: March 14, 2021SummaryNote: This Alert was updated March 13, 2021 to provide further guidance. Cybersecurity and Infrastructure Security (CISA) partners have observed active exploitation of vulnerabilities in Microsoft Exchange Server products. Successful exploitation of these vulnerabilities allows an unauthenticated attacker to ...
Februar 2021
24.02.2021
US CERT
AA21-055A: Exploitation of Accellion File Transfer Appliance
Titel
AA21-055A: Exploitation of Accellion File Transfer Appliance
Veröffentlicht
24. Februar 2021 15:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-055a
Text
Original release date: February 24, 2021 | Last revised: February 25, 2021SummaryThis joint advisory is the result of a collaborative effort by the cybersecurity authorities of Australia,[1] New Zealand,[2] Singapore,[3] the United Kingdom,[4] and the United States.[5][6] These authorities are aware of cyber actors exploiting vulnerabilities in Accellion File Transfer ...
17.02.2021
US CERT
AA21-048A: AppleJeus: Analysis of North Korea’s Cryptocurrency Malware
Titel
AA21-048A: AppleJeus: Analysis of North Korea’s Cryptocurrency Malware
Veröffentlicht
17. Februar 2021 17:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-048a
Text
Original release date: February 17, 2021 | Last revised: March 2, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This joint advisory is the result of analytic efforts among the Federal Bureau ...
11.02.2021
US CERT
AA21-042A: Compromise of U.S. Water Treatment Facility
Titel
AA21-042A: Compromise of U.S. Water Treatment Facility
Veröffentlicht
11. Februar 2021 20:15
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-042a
Text
Original release date: February 11, 2021 | Last revised: February 12, 2021SummaryOn February 5, 2021, unidentified cyber actors obtained unauthorized access to the supervisory control and data acquisition (SCADA) system at a U.S. drinking water treatment facility. The unidentified actors used the SCADA system’s software to increase the amount of ...
Januar 2021
08.01.2021
US CERT
AA21-008A: Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments
Titel
AA21-008A: Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments
Veröffentlicht
8. Januar 2021 17:36
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-008a
Text
Original release date: January 8, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This Alert is a companion alert to AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private ...
Dezember 2020
17.12.2020
US CERT
AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations
Titel
AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations
Veröffentlicht
17. Dezember 2020 16:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa20-352a
Text
Original release date: December 17, 2020 | Last revised: January 7, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises of U.S. government agencies, critical infrastructure entities, and private sector organizations by an advanced persistent threat (APT) actor beginning in at least March 2020. This APT actor has ...
10.12.2020
US CERT
AA20-345A: Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data
Titel
AA20-345A: Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data
Veröffentlicht
10. Dezember 2020 18:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa20-345a
Text
Original release date: December 10, 2020SummaryThis Joint Cybersecurity Advisory was coauthored by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC). The FBI, CISA, and MS-ISAC assess malicious cyber actors are targeting kindergarten through twelfth grade (K-12) ...
01.12.2020
US CERT
AA20-336A: Advanced Persistent Threat Actors Targeting U.S. Think Tanks
Titel
AA20-336A: Advanced Persistent Threat Actors Targeting U.S. Think Tanks
Veröffentlicht
1. Dezember 2020 19:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa20-336a
Text
Original release date: December 1, 2020

Summary

This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques.

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have ...

Oktober 2020
30.10.2020
US CERT
AA20-304A: Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data
Titel
AA20-304A: Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data
Veröffentlicht
30. Oktober 2020 19:11
URL
https://us-cert.cisa.gov/ncas/alerts/aa20-304a
Text
Original release date: October 30, 2020 | Last revised: November 3, 2020SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 8 framework. See the ATT&CK for Enterprise version 8 for all referenced threat actor techniques. This joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure ...
29.10.2020
US CERT
AA20-302A: Ransomware Activity Targeting the Healthcare and Public Health Sector
Titel
AA20-302A: Ransomware Activity Targeting the Healthcare and Public Health Sector
Veröffentlicht
29. Oktober 2020 00:07
URL
https://us-cert.cisa.gov/ncas/alerts/aa20-302a
Text
Original release date: October 28, 2020 | Last revised: November 2, 2020SummaryThis advisory was updated to include information on Conti, TrickBot, and BazarLoader, including new IOCs and Yara Rules for detection. This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for ...
27.10.2020
US CERT
AA20-301A: North Korean Advanced Persistent Threat Focus: Kimsuky
Titel
AA20-301A: North Korean Advanced Persistent Threat Focus: Kimsuky
Veröffentlicht
27. Oktober 2020 18:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa20-301a
Text
Original release date: October 27, 2020SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques. This joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA), the ...
22.10.2020
US CERT
AA20-296B: Iranian Advanced Persistent Threat Actors Threaten Election-Related Systems
Titel
AA20-296B: Iranian Advanced Persistent Threat Actors Threaten Election-Related Systems
Veröffentlicht
22. Oktober 2020 18:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa20-296b
Text
Original release date: October 22, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are warning that Iranian advanced persistent threat (APT) actors are likely intent on influencing and interfering with the U.S. elections to sow discord among voters and undermine public confidence in the ...
22.10.2020
US CERT
AA20-296A: Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets
Titel
AA20-296A: Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets
Veröffentlicht
22. Oktober 2020 14:44
URL
https://us-cert.cisa.gov/ncas/alerts/aa20-296a
Text
Original release date: October 22, 2020SummaryThis joint cybersecurity advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor tactics and techniques This joint cybersecurity advisory—written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure ...
09.10.2020
US CERT
AA20-283A: APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations
Titel
AA20-283A: APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations
Veröffentlicht
9. Oktober 2020 22:21
URL
https://us-cert.cisa.gov/ncas/alerts/aa20-283a
Text
Original release date: October 9, 2020 | Last revised: October 24, 2020SummaryThis joint cybersecurity advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. Note: the analysis in this joint cybersecurity advisory is ongoing, and the ...
06.10.2020
US CERT
AA20-280A: Emotet Malware
Titel
AA20-280A: Emotet Malware
Veröffentlicht
6. Oktober 2020 19:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa20-280a
Text
Original release date: October 6, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. This product was written by the Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center ...
01.10.2020
US CERT
AA20-275A: Potential for China Cyber Response to Heightened U.S.–China Tensions
Titel
AA20-275A: Potential for China Cyber Response to Heightened U.S.–China Tensions
Veröffentlicht
1. Oktober 2020 18:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa20-275a
Text
Original release date: October 1, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. In light of heightened tensions between the United States and China, the Cybersecurity and Infrastructure Security Agency (CISA) is providing ...
September 2020
22.09.2020
US CERT
AA20-266A: LokiBot Malware
Titel
AA20-266A: LokiBot Malware
Veröffentlicht
22. September 2020 17:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa20-266a
Text
Original release date: September 22, 2020 | Last revised: September 23, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise frameworks for all referenced threat actor techniques. This product was written by the Cybersecurity and Infrastructure Security Agency (CISA) with contributions ...
15.09.2020
US CERT
AA20-259A: Iran-Based Threat Actor Exploits VPN Vulnerabilities
Titel
AA20-259A: Iran-Based Threat Actor Exploits VPN Vulnerabilities
Veröffentlicht
15. September 2020 18:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa20-259a
Text
Original release date: September 15, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. This product was written by the Cybersecurity and Infrastructure Security Agency (CISA) with contributions from the Federal Bureau of Investigation ...
14.09.2020
US CERT
AA20-258A: Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity
Titel
AA20-258A: Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity
Veröffentlicht
14. September 2020 15:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa20-258a
Text
Original release date: September 14, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) has consistently observed Chinese Ministry of State Security (MSS)-affiliated cyber threat actors using publicly available information sources and common, well-known tactics, techniques, and procedures (TTPs) to target U.S. Government agencies. CISA has observed these—and other threat actors with ...
01.09.2020
US CERT
AA20-245A: Technical Approaches to Uncovering and Remediating Malicious Activity
Titel
AA20-245A: Technical Approaches to Uncovering and Remediating Malicious Activity
Veröffentlicht
1. September 2020 14:30
URL
https://us-cert.cisa.gov/ncas/alerts/aa20-245a
Text
Original release date: September 1, 2020 | Last revised: September 24, 2020SummaryThis joint advisory is the result of a collaborative research effort by the cybersecurity authorities of five nations: Australia,[1] Canada,[2] New Zealand,[3][4] the United Kingdom,[5] and the United States.[6] It highlights technical approaches to uncovering malicious activity and includes ...
August 2020
26.08.2020
US CERT
AA20-239A: FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks
Titel
AA20-239A: FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks
Veröffentlicht
26. August 2020 16:17
URL
https://us-cert.cisa.gov/ncas/alerts/aa20-239a
Text
Original release date: August 26, 2020 | Last revised: October 1, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. This joint advisory is the result of analytic efforts among the Cybersecurity and Infrastructure ...

Letzte Updates

BOSCH PSIRT
21.08.2024
SIEMENS CERT
12.09.2024
US CERT
19.09.2024
US CERT (ICS)
19.09.2024

Nach Quelle

Archiv

2024
2023
2022
2021
2020
2019
2018
2017

Feeds