March 2022
24.03.2022
US CERT
AA22-083A: Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector
Title
AA22-083A: Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector
Published
March 24, 2022, 3 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-083a
Summary
Original release date: March 24, 2022SummaryActions to Take Today to Protect Energy Sector Networks: • Implement and ensure robust network segmentation between IT and ICS networks. • Enforce MFA to authenticate to a system. • Manage the creation of, modification of, use of—and permissions associated with—privileged accounts. This joint Cybersecurity ...
17.03.2022
US CERT
AA22-076A: Strengthening Cybersecurity of SATCOM Network Providers and Customers
Title
AA22-076A: Strengthening Cybersecurity of SATCOM Network Providers and Customers
Published
March 17, 2022, 8 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-076a
Summary
Original release date: March 17, 2022SummaryActions to Take Today: • Use secure methods for authentication. • Enforce principle of least privilege. • Review trust relationships. • Implement encryption. • Ensure robust patching and system configuration audits. • Monitor logs for suspicious activity. • Ensure incident response, resilience, and continuity of ...
15.03.2022
US CERT
AA22-074A: Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols ...
Title
AA22-074A: Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability
Published
March 15, 2022, 3 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-074a
Summary
Original release date: March 15, 2022SummaryMultifactor Authentication (MFA): A Cybersecurity Essential • MFA is one of the most important cybersecurity practices to reduce the risk of intrusions—according to industry research, users who enable MFA are up to 99 percent less likely to have an account compromised. • Every organization should ...
February 2022
26.02.2022
US CERT
AA22-057A: Destructive Malware Targeting Organizations in Ukraine
Title
AA22-057A: Destructive Malware Targeting Organizations in Ukraine
Published
Feb. 26, 2022, 4 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-057a
Summary
Original release date: February 26, 2022SummaryActions to Take Today: • Set antivirus and antimalware programs to conduct regular scans. • Enable strong spam filters to prevent phishing emails from reaching end users. • Filter network traffic. • Update software. • Require multifactor authentication. Leading up to Russia’s unprovoked attack against ...
26.02.2022
US CERT
AA22-057A: Update: Destructive Malware Targeting Organizations in Ukraine
Title
AA22-057A: Update: Destructive Malware Targeting Organizations in Ukraine
Published
Feb. 26, 2022, 4 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-057a
Summary
Original release date: February 26, 2022 | Last revised: April 28, 2022SummaryActions to Take Today: • Set antivirus and antimalware programs to conduct regular scans. • Enable strong spam filters to prevent phishing emails from reaching end users. • Filter network traffic. • Update software. • Require multifactor authentication. (Updated ...
24.02.2022
US CERT
AA22-055A : Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks
Title
AA22-055A : Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks
Published
Feb. 24, 2022, 5 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-055a
Summary
Original release date: February 24, 2022SummaryActions to Take Today to Protect Against Malicious Activity * Search for indicators of compromise. * Use antivirus software. * Patch all systems. * Prioritize patching known exploited vulnerabilities. * Train users to recognize and report phishing attempts. * Use multi-factor authentication. Note: this advisory ...
23.02.2022
US CERT
AA22-054A: New Sandworm Malware Cyclops Blink Replaces VPNFilter
Title
AA22-054A: New Sandworm Malware Cyclops Blink Replaces VPNFilter
Published
Feb. 23, 2022, 4 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-054a
Summary
Original release date: February 23, 2022SummaryThe Sandworm actor, which the United Kingdom and the United States have previously attributed to the Russian GRU, has replaced the exposed VPNFilter malware with a new more advanced framework. The United Kingdom's (UK) National Cyber Security Centre (NCSC), the Cybersecurity and Infrastructure Security Agency ...
16.02.2022
US CERT
AA22-047A: Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Inf...
Title
AA22-047A: Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology
Published
Feb. 16, 2022, 4 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-047a
Summary
Original release date: February 16, 2022SummaryActions to Help Protect Against Russian State-Sponsored Malicious Cyber Activity: • Enforce multifactor authentication. • Enforce strong, unique passwords. • Enable M365 Unified Audit Logs. • Implement endpoint detection and response tools. From at least January 2020, through February 2022, the Federal Bureau of Investigation ...
09.02.2022
US CERT
AA22-040A: 2021 Trends Show Increased Globalized Threat of Ransomware
Title
AA22-040A: 2021 Trends Show Increased Globalized Threat of Ransomware
Published
Feb. 9, 2022, 3 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-040a
Summary
Original release date: February 9, 2022SummaryImmediate Actions You Can Take Now to Protect Against Ransomware: • Update your operating system and software. • Implement user training and phishing exercises to raise awareness about the risk of suspicious links and attachments. • If you use Remote Desktop Protocol (RDP), secure and ...
January 2022
11.01.2022
US CERT
AA22-011A: Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
Title
AA22-011A: Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
Published
Jan. 11, 2022, 4 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-011a
Summary
Original release date: January 11, 2022SummaryActions Critical Infrastructure Organizations Should Implement to Immediately Strengthen Their Cyber Posture. • Patch all systems. Prioritize patching known exploited vulnerabilities. • Implement multi-factor authentication. • Use antivirus software. • Develop internal contact lists and surge support. Note: this advisory uses the MITRE Adversarial Tactics, ...
December 2021
22.12.2021
US CERT
AA21-356A: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
Title
AA21-356A: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
Published
Dec. 22, 2021, 4 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-356a
Summary
Original release date: December 22, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), the Computer Emergency Response Team New Zealand (CERT NZ), the New Zealand National Cyber Security Centre (NZ ...
02.12.2021
US CERT
AA21-336A: APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus
Title
AA21-336A: APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus
Published
Dec. 2, 2021, 7 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-336a
Summary
Original release date: December 2, 2021 | Last revised: December 6, 2021SummaryThis joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise framework for referenced threat actor techniques and for mitigations. This joint advisory is the result of analytic ...
November 2021
17.11.2021
US CERT
AA21-321A: Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furthera...
Title
AA21-321A: Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
Published
Nov. 17, 2021, 3 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-321a
Summary
Original release date: November 17, 2021 | Last revised: November 19, 2021SummaryActions to Take Today to Protect Against Iranian State-Sponsored Malicious Cyber Activity • Immediately patch software affected by the following vulnerabilities: CVE-2021-34473, 2018-13379, 2020-12812, and 2019-5591. • Implement multi-factor authentication. • Use strong, unique passwords. Note: this advisory uses ...
October 2021
18.10.2021
US CERT
AA21-291A: BlackMatter Ransomware
Title
AA21-291A: BlackMatter Ransomware
Published
Oct. 18, 2021, 7 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-291a
Summary
Original release date: October 18, 2021SummaryActions You Can Take Now to Protect Against BlackMatter Ransomware • Implement and enforce backup and restoration policies and procedures. • Use strong, unique passwords. • Use multi-factor authentication. • Implement network segmentation and traversal monitoring. Note: this advisory uses the MITRE Adversarial Tactics, Techniques, ...
14.10.2021
US CERT
AA21-287A: Ongoing Cyber Threats to U.S. Water and Wastewater Systems
Title
AA21-287A: Ongoing Cyber Threats to U.S. Water and Wastewater Systems
Published
Oct. 14, 2021, 8 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-287a
Summary
Original release date: October 14, 2021SummaryImmediate Actions WWS Facilities Can Take Now to Protect Against Malicious Cyber Activity • Do not click on suspicious links. • If you use RDP, secure and monitor it. • Use strong passwords. • Use multi-factor authentication. Note: This advisory uses the MITRE Adversarial Tactics, ...
September 2021
22.09.2021
US CERT
AA21-265A: Conti Ransomware
Title
AA21-265A: Conti Ransomware
Published
Sept. 22, 2021, 7 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-265a
Summary
Original release date: September 22, 2021SummaryImmediate Actions You Can Take Now to Protect Against Conti Ransomware • Use multi-factor authentication. • Segment and segregate networks and functions. • Update your operating system and software. Note: This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, version 9. ...
16.09.2021
US CERT
AA21-259A: APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus
Title
AA21-259A: APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus
Published
Sept. 16, 2021, 7 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-259a
Summary
Original release date: September 16, 2021SummaryThis Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 8. See the ATT&CK for Enterprise for referenced threat actor tactics and for techniques. This joint advisory is the result of analytic efforts between the Federal Bureau of Investigation ...
August 2021
31.08.2021
US CERT
AA21-243A: Ransomware Awareness for Holidays and Weekends
Title
AA21-243A: Ransomware Awareness for Holidays and Weekends
Published
Aug. 31, 2021, 7 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-243a
Summary
Original release date: August 31, 2021 | Last revised: September 2, 2021SummaryImmediate Actions You Can Take Now to Protect Against Ransomware • Make an offline backup of your data. • Do not click on suspicious links. • If you use RDP, secure and monitor it. • Update your OS and ...
17.08.2021
US CERT
AA21-229A: BadAlloc Vulnerability Affecting BlackBerry QNX RTOS
Title
AA21-229A: BadAlloc Vulnerability Affecting BlackBerry QNX RTOS
Published
Aug. 17, 2021, 7 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-229a
Summary
Original release date: August 17, 2021 | Last revised: August 23, 2021SummaryOn August 17, 2021, BlackBerry publicly disclosed that its QNX Real Time Operating System (RTOS) is affected by a BadAlloc vulnerability—CVE-2021-22156. BadAlloc is a collection of vulnerabilities affecting multiple RTOSs and supporting libraries.[1] A remote attacker could exploit CVE-2021-22156 ...
July 2021
28.07.2021
US CERT
AA21-209A: Top Routinely Exploited Vulnerabilities
Title
AA21-209A: Top Routinely Exploited Vulnerabilities
Published
July 28, 2021, 2 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-209a
Summary
Original release date: July 28, 2021 | Last revised: August 20, 2021SummaryThis Joint Cybersecurity Advisory was coauthored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI). This advisory ...
20.07.2021
US CERT
AA21-201A: Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013
Title
AA21-201A: Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013
Published
July 20, 2021, 3 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-201a
Summary
Original release date: July 20, 2021 | Last revised: July 21, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. Note: CISA released technical information, including indicators of compromise (IOCs), provided ...
19.07.2021
US CERT
AA21-200B: Chinese State-Sponsored Cyber Operations: Observed TTPs
Title
AA21-200B: Chinese State-Sponsored Cyber Operations: Observed TTPs
Published
July 19, 2021, 1 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-200b
Summary
Original release date: July 19, 2021 | Last revised: August 20, 2021SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9, and MITRE D3FEND™ framework, version 0.9.2-BETA-3. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques and the D3FEND framework for ...
19.07.2021
US CERT
AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Depar...
Title
AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department
Published
July 19, 2021, 1 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-200a
Summary
Original release date: July 19, 2021 | Last revised: July 20, 2021SummaryThis Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to provide information on a Chinese Advanced Persistent Threat (APT) group known in open-source reporting as APT40. This ...
May 2021
29.05.2021
US CERT
AA21-148A: Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs
Title
AA21-148A: Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs
Published
May 29, 2021, 12:29 a.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-148a
Summary
Original release date: May 28, 2021 | Last revised: May 29, 2021SummaryThis Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency (CISA) and the ...
11.05.2021
US CERT
AA21-131A: DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks
Title
AA21-131A: DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks
Published
May 11, 2021, 9 p.m.
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-131a
Summary
Original release date: May 11, 2021 | Last revised: May 20, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau ...

Last Updates

BOSCH PSIRT
21.08.2024
SIEMENS CERT
12.09.2024
US CERT
19.09.2024
US CERT (ICS)
19.09.2024

By Source

Archive

2024
2023
2022
2021
2020
2019
2018
2017

Feeds