April 2023
17.04.2023
US CERT
APT28 Exploits Known Vulnerability to Carry Out Reconnaissance and Deploy Malware on Cisco Routers
Title
APT28 Exploits Known Vulnerability to Carry Out Reconnaissance and Deploy Malware on Cisco Routers
Published
April 17, 2023, 10:32 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-108
Summary
APT28 accesses poorly maintained Cisco routers and deploys malware on unpatched devices using CVE-2017-6742. Overview and Context The UK National Cyber Security Centre (NCSC), the US National Security Agency (NSA), US Cybersecurity and Infrastructure Security Agency (CISA) and US Federal Bureau of Investigation (FBI) are releasing this joint advisory to ...
March 2023
15.03.2023
US CERT
#StopRansomware: LockBit 3.0
Title
#StopRansomware: LockBit 3.0
Published
March 15, 2023, 8:20 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-075a
Summary
SUMMARY Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect ...
13.03.2023
US CERT
Threat Actors Exploit Progress Telerik Vulnerabilities in Multiple U.S. Government IIS Servers
Title
Threat Actors Exploit Progress Telerik Vulnerabilities in Multiple U.S. Government IIS Servers
Published
March 13, 2023, 6:57 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-074a
Summary
SUMMARY From November 2022 through early January 2023, the Cybersecurity and Infrastructure Security Agency (CISA) and authoring organizations identified the presence of indicators of compromise (IOCs) at a federal civilian executive branch (FCEB) agency. Analysts determined that multiple cyber threat actors, including an advanced persistent threat (APT) actor, were able ...
13.03.2023
US CERT
Threat Actors Exploit Progress Telerik Vulnerability in...
Title
<a href="/news-events/cybersecurity-advisories/aa23-074a" hreflang="en">Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server</a>
Published
March 13, 2023, 6:57 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-074a
Summary
SUMMARY From November 2022 through early January 2023, the Cybersecurity and Infrastructure Security Agency (CISA) and authoring organizations identified the presence of indicators of compromise (IOCs) at a federal civilian executive branch (FCEB) agency. Analysts determined that multiple cyber threat actors, including an APT actor, were able to exploit a ...
13.03.2023
US CERT
Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server
Title
Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server
Published
March 13, 2023, 6:57 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-074a
Summary
SUMMARY From November 2022 through early January 2023, the Cybersecurity and Infrastructure Security Agency (CISA) and authoring organizations identified the presence of indicators of compromise (IOCs) at a federal civilian executive branch (FCEB) agency. Analysts determined that multiple cyber threat actors, including an APT actor, were able to exploit a ...
February 2023
24.02.2023
US CERT
CISA Red Team Shares Key Findings to Improve Monitoring...
Title
<a href="/news-events/cybersecurity-advisories/aa23-059a" hreflang="en">CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks</a>
Published
Feb. 24, 2023, 8:04 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-059a
Summary
24.02.2023
US CERT
CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks
Title
CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks
Published
Feb. 24, 2023, 8:04 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-059a
Summary
SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this Cybersecurity Advisory (CSA) detailing activity and key findings from a recent CISA red team assessment—in coordination with the assessed organization—to provide network defenders recommendations for improving their organization's cyber posture. Actions to take today to harden your local environment: ...
24.02.2023
US CERT
#StopRansomware: Royal Ransomware
Title
#StopRansomware: Royal Ransomware
Published
Feb. 24, 2023, 6:30 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-061a
Summary
SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations ...
24.02.2023
US CERT
#StopRansomware: Royal Ransomware
Title
<a href="/news-events/cybersecurity-advisories/aa23-061a" hreflang="en">#StopRansomware: Royal Ransomware</a>
Published
Feb. 24, 2023, 6:30 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-061a
Summary
16.02.2023
US CERT
#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Title
#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Published
Feb. 16, 2023, 9:45 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-040a
Summary
SUMMARY Note: This Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and various ransomware threat actors. These #StopRansomware advisories detail historically and recently observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations ...
16.02.2023
US CERT
#StopRansomware: Ransomware Attacks on Critical Infrast...
Title
<a href="/news-events/cybersecurity-advisories/aa23-040a" hreflang="en">#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities</a>
Published
Feb. 16, 2023, 9:45 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-040a
Summary
16.02.2023
US CERT
ESXiArgs Ransomware Virtual Machine Recovery Guidance
Title
<a href="/news-events/cybersecurity-advisories/aa23-039a" hreflang="en">ESXiArgs Ransomware Virtual Machine Recovery Guidance</a>
Published
Feb. 16, 2023, 7:50 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-039a
Summary
16.02.2023
US CERT
ESXiArgs Ransomware Virtual Machine Recovery Guidance
Title
ESXiArgs Ransomware Virtual Machine Recovery Guidance
Published
Feb. 16, 2023, 7:50 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-039a
Summary
Summary The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) in response to the ongoing ransomware campaign, known as “ESXiArgs.” Malicious actors may be exploiting known vulnerabilities in VMware ESXi servers that are likely running unpatched and out-of-service ...
09.02.2023
US CERT
AA23-040A: #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Title
AA23-040A: #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Published
Feb. 9, 2023, 7 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa23-040a
Summary
Original release date: February 9, 2023SummaryNote: This Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and various ransomware threat actors. These #StopRansomware advisories detail historically and recently observed tactics, techniques, and procedures (TTPs) and indicators of compromise ...
08.02.2023
US CERT
AA23-039A: ESXiArgs Ransomware Virtual Machine Recovery Guidance
Title
AA23-039A: ESXiArgs Ransomware Virtual Machine Recovery Guidance
Published
Feb. 8, 2023, 5:14 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa23-039a
Summary
Original release date: February 8, 2023SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) in response to the ongoing ransomware campaign, known as “ESXiArgs.” Malicious actors may be exploiting known vulnerabilities in VMware ESXi servers that are likely ...
January 2023
31.01.2023
US CERT
#StopRansomware: Cuba Ransomware
Title
<a href="/news-events/cybersecurity-advisories/aa22-335a" hreflang="en">#StopRansomware: Cuba Ransomware</a>
Published
Jan. 31, 2023, 10:32 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-335a
Summary
31.01.2023
US CERT
#StopRansomware: Hive Ransomware
Title
#StopRansomware: Hive Ransomware
Published
Jan. 31, 2023, 10:32 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-321a
Summary
Summary Actions to Take Today to Mitigate Cyber Threats from Ransomware: • Prioritize remediating known exploited vulnerabilities. • Enable and enforce multifactor authentication with strong passwords • Close unused ports and remove any application not deemed necessary for day-to-day operations. Note: This joint Cybersecurity Advisory (CSA) is part of an ...
31.01.2023
US CERT
Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester
Title
Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester
Published
Jan. 31, 2023, 10:32 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-320a
Summary
Summary From mid-June through mid-July 2022, CISA conducted an incident response engagement at a Federal Civilian Executive Branch (FCEB) organization where CISA observed suspected advanced persistent threat (APT) activity. In the course of incident response activities, CISA determined that cyber threat actors exploited the Log4Shell vulnerability in an unpatched VMware ...
31.01.2023
US CERT
#StopRansomware: Hive Ransomware
Title
<a href="/news-events/cybersecurity-advisories/aa22-321a" hreflang="en">#StopRansomware: Hive Ransomware</a>
Published
Jan. 31, 2023, 10:32 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-321a
Summary
31.01.2023
US CERT
#StopRansomware: Cuba Ransomware
Title
#StopRansomware: Cuba Ransomware
Published
Jan. 31, 2023, 10:32 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-335a
Summary
Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce phishing-resistant multifactor authentication. Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for ...
31.01.2023
US CERT
Protecting Against Malicious Use of Remote Monitoring and Management Software
Title
Protecting Against Malicious Use of Remote Monitoring and Management Software
Published
Jan. 31, 2023, 10:32 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-025a
Summary
Summary The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) (hereafter referred to as the “authoring organizations”) are releasing this joint Cybersecurity Advisory (CSA) to warn network defenders about malicious use of legitimate remote monitoring and management (RMM) software. In ...
31.01.2023
US CERT
Impacket and Exfiltration Tool Used to Steal Sensitive ...
Title
<a href="/news-events/cybersecurity-advisories/aa22-277a" hreflang="en">Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization</a>
Published
Jan. 31, 2023, 10:32 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-277a
Summary
31.01.2023
US CERT
Top CVEs Actively Exploited By People’s Republic of Chi...
Title
<a href="/news-events/cybersecurity-advisories/aa22-279a" hreflang="en">Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors</a>
Published
Jan. 31, 2023, 10:32 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-279a
Summary
31.01.2023
US CERT
Protecting Against Malicious Use of Remote Monitoring a...
Title
<a href="/news-events/cybersecurity-advisories/aa23-025a" hreflang="en">Protecting Against Malicious Use of Remote Monitoring and Management Software</a>
Published
Jan. 31, 2023, 10:32 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-025a
Summary
31.01.2023
US CERT
Iranian Government-Sponsored APT Actors Compromise Fede...
Title
<a href="/news-events/cybersecurity-advisories/aa22-320a" hreflang="en">Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester</a>
Published
Jan. 31, 2023, 10:32 p.m.
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-320a
Summary

Last Updates

BOSCH PSIRT
31.10.2024
SIEMENS CERT
26.11.2024
US CERT
08.11.2024
US CERT (ICS)
03.12.2024

By Source

Archive

2024
2023
2022
2021
2020
2019
2018
2017

Feeds