Juli 2024
24.07.2024
US CERT
North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs
Titel
North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs
Veröffentlicht
24. Juli 2024 18:37
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-207a
Text
Summary The U.S. Federal Bureau of Investigation (FBI) and the following authoring partners are releasing this Cybersecurity Advisory to highlight cyber espionage activity associated with the Democratic People’s Republic of Korea (DPRK)’s Reconnaissance General Bureau (RGB) 3rd Bureau based in Pyongyang and Sinuiju: U.S. Cyber National Mission Force (CNMF) U.S. ...
09.07.2024
US CERT
CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth
Titel
CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth
Veröffentlicht
9. Juli 2024 16:09
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-193a
Text
EXECUTIVE SUMMARY In early 2023, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a SILENTSHIELD red team assessment against a Federal Civilian Executive Branch (FCEB) organization. During SILENTSHIELD assessments, the red team first performs a no-notice, long-term simulation of nation-state cyber operations. The team mimics the techniques, tradecraft, and behaviors ...
08.07.2024
US CERT
People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action
Titel
People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action
Veröffentlicht
8. Juli 2024 15:52
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-190a
Text
Overview Background This advisory, authored by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the United States Cybersecurity and Infrastructure Security Agency (CISA), the United States National Security Agency (NSA), the United States Federal Bureau of Investigation (FBI), the United Kingdom National Cyber Security Centre (NCSC-UK), the Canadian ...
Mai 2024
10.05.2024
US CERT
#StopRansomware: Black Basta
Titel
#StopRansomware: Black Basta
Veröffentlicht
10. Mai 2024 15:02
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-131a
Text
SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations ...
April 2024
17.04.2024
US CERT
#StopRansomware: Akira Ransomware
Titel
#StopRansomware: Akira Ransomware
Veröffentlicht
17. April 2024 18:23
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-109a
Text
SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations ...
Februar 2024
26.02.2024
US CERT
#StopRansomware: Phobos Ransomware
Titel
#StopRansomware: Phobos Ransomware
Veröffentlicht
26. Februar 2024 15:51
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-060a
Text
SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations ...
23.02.2024
US CERT
SVR Cyber Actors Adapt Tactics for Initial Cloud Access
Titel
SVR Cyber Actors Adapt Tactics for Initial Cloud Access
Veröffentlicht
23. Februar 2024 18:37
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-057a
Text
How SVR-Attributed Actors are Adapting to the Move of Government and Corporations to Cloud Infrastructure OVERVIEW This advisory details recent tactics, techniques, and procedures (TTPs) of the group commonly known as APT29, also known as Midnight Blizzard, the Dukes, or Cozy Bear. The UK National Cyber Security Centre (NCSC) and ...
21.02.2024
US CERT
Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways
Titel
Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways
Veröffentlicht
21. Februar 2024 21:30
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-060b
Text
SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and the following partners (hereafter referred to as the authoring organizations) are releasing this joint Cybersecurity Advisory to warn that cyber threat actors are exploiting previously identified vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure gateways. CISA and authoring organizations appreciate ...
14.02.2024
US CERT
Threat Actor Leverages Compromised Account of Former Employee to Access State Government Organization
Titel
Threat Actor Leverages Compromised Account of Former Employee to Access State Government Organization
Veröffentlicht
14. Februar 2024 21:19
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-046a
Text
SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) conducted an incident response assessment of a state government organization’s network environment after documents containing host and user information, including metadata, were posted on a dark web brokerage site. Analysis confirmed that an ...
01.02.2024
US CERT
PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure
Titel
PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure
Veröffentlicht
1. Februar 2024 21:37
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-038a
Text
SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state-sponsored cyber actors are seeking to pre-position themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a ...
Januar 2024
12.01.2024
US CERT
Known Indicators of Compromise Associated with Androxgh0st Malware
Titel
Known Indicators of Compromise Associated with Androxgh0st Malware
Veröffentlicht
12. Januar 2024 18:13
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-016a
Text
SUMMARY The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with threat actors deploying Androxgh0st malware. Multiple, ongoing investigations and trusted third party reporting ...
Dezember 2023
19.12.2023
US CERT
#StopRansomware: ALPHV Blackcat
Titel
#StopRansomware: ALPHV Blackcat
Veröffentlicht
19. Dezember 2023 15:31
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-353a
Text
SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations ...
14.12.2023
US CERT
Enhancing Cyber Resilience: Insights from the CISA Healthcare and Public Health Sector Risk and Vulnerability Assessment
Titel
Enhancing Cyber Resilience: Insights from the CISA Healthcare and Public Health Sector Risk and Vulnerability Assessment
Veröffentlicht
14. Dezember 2023 01:24
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-349a
Text
SUMMARY In January 2023, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a Risk and Vulnerability Assessment (RVA) at the request of a Healthcare and Public Health (HPH) sector organization to identify vulnerabilities and areas for improvement. An RVA is a two-week penetration test of an entire organization, with one ...
12.12.2023
US CERT
Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally
Titel
Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally
Veröffentlicht
12. Dezember 2023 18:33
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-347a
Text
SUMMARY The U.S. Federal Bureau of Investigation (FBI), U.S. Cybersecurity & Infrastructure Security Agency (CISA), U.S. National Security Agency (NSA), Polish Military Counterintelligence Service (SKW), CERT Polska (CERT.PL), and the UK’s National Cyber Security Centre (NCSC) assess Russian Foreign Intelligence Service (SVR) cyber actors—also known as Advanced Persistent Threat 29 ...
11.12.2023
US CERT
#StopRansomware: Play Ransomware
Titel
#StopRansomware: Play Ransomware
Veröffentlicht
11. Dezember 2023 23:41
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-352a
Text
SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations ...
06.12.2023
US CERT
Russian FSB Cyber Actor Star Blizzard Continues Worldwide Spear-phishing Campaigns
Titel
Russian FSB Cyber Actor Star Blizzard Continues Worldwide Spear-phishing Campaigns
Veröffentlicht
6. Dezember 2023 21:18
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-341a
Text
The Russia-based actor is targeting organizations and individuals in the UK and other geographical areas of interest. OVERVIEW The Russia-based actor Star Blizzard (formerly known as SEABORGIUM, also known as Callisto Group/TA446/COLDRIVER/TAG-53/BlueCharlie) continues to successfully use spear-phishing attacks against targeted organizations and individuals in the UK, and other geographical areas ...
04.12.2023
US CERT
Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers
Titel
Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers
Veröffentlicht
4. Dezember 2023 19:05
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-339a
Text
SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) is releasing a Cybersecurity Advisory (CSA) in response to confirmed exploitation of CVE-2023-26360 by unidentified threat actors at a Federal Civilian Executive Branch (FCEB) agency. This vulnerability presents as an improper access control issue impacting Adobe ColdFusion versions 2018 Update 15 (and ...
01.12.2023
US CERT
IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities
Titel
IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities
Veröffentlicht
1. Dezember 2023 23:21
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-335a
Text
SUMMARY The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Environmental Protection Agency (EPA), and the Israel National Cyber Directorate (INCD)—hereafter referred to as "the authoring agencies"—are disseminating this joint Cybersecurity Advisory (CSA) to highlight continued malicious cyber activity against operational technology devices ...
November 2023
21.11.2023
US CERT
#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability
Titel
#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability
Veröffentlicht
21. November 2023 14:50
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-325a
Text
SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations ...
15.11.2023
US CERT
Scattered Spider
Titel
Scattered Spider
Veröffentlicht
15. November 2023 15:55
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-320a
Text
SUMMARY The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) in response to recent activity by Scattered Spider threat actors against the commercial facilities sectors and subsectors. This advisory provides tactics, techniques, and procedures (TTPs) obtained through FBI investigations ...
14.11.2023
US CERT
#StopRansomware: Rhysida Ransomware
Titel
#StopRansomware: Rhysida Ransomware
Veröffentlicht
14. November 2023 17:45
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-319a
Text
SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders detailing various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect ...
Oktober 2023
13.10.2023
US CERT
Threat Actors Exploit Atlassian Confluence CVE-2023-22515 for Initial Access to Networks
Titel
Threat Actors Exploit Atlassian Confluence CVE-2023-22515 for Initial Access to Networks
Veröffentlicht
13. Oktober 2023 22:48
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-289a
Text
SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint Cybersecurity Advisory (CSA) in response to the active exploitation of CVE-2023-22515. This recently disclosed vulnerability affects certain versions of Atlassian Confluence Data Center and Server, ...
10.10.2023
US CERT
#StopRansomware: AvosLocker Ransomware (Update)
Titel
#StopRansomware: AvosLocker Ransomware (Update)
Veröffentlicht
10. Oktober 2023 17:46
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-284a
Text
SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations ...
02.10.2023
US CERT
NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations
Titel
NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations
Veröffentlicht
2. Oktober 2023 21:42
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-278a
Text
A plea for network defenders and software manufacturers to fix common problems. EXECUTIVE SUMMARY The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint cybersecurity advisory (CSA) to highlight the most common cybersecurity misconfigurations in large organizations, and detail the tactics, techniques, and procedures ...
September 2023
26.09.2023
US CERT
People's Republic of China-Linked Cyber Actors Hide in Router Firmware
Titel
People's Republic of China-Linked Cyber Actors Hide in Router Firmware
Veröffentlicht
26. September 2023 21:45
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-270a
Text
Executive Summary The United States National Security Agency (NSA), the U.S. Federal Bureau of Investigation (FBI), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Japan National Police Agency (NPA), and the Japan National Center of Incident Readiness and Strategy for Cybersecurity (NISC) (hereafter referred to as the “authoring agencies”) ...

Letzte Updates

BOSCH PSIRT
19.07.2024
SIEMENS CERT
22.07.2024
US CERT
24.07.2024
US CERT (ICS)
25.07.2024

Nach Quelle

Archiv

2024
2023
2022
2021
2020
2019
2018
2017

Feeds