April 2024
17.04.2024
US CERT
#StopRansomware: Akira Ransomware
Titel
#StopRansomware: Akira Ransomware
Veröffentlicht
17. April 2024 18:23
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-109a
Text
SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations ...
Februar 2024
26.02.2024
US CERT
#StopRansomware: Phobos Ransomware
Titel
#StopRansomware: Phobos Ransomware
Veröffentlicht
26. Februar 2024 15:51
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-060a
Text
SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations ...
23.02.2024
US CERT
SVR Cyber Actors Adapt Tactics for Initial Cloud Access
Titel
SVR Cyber Actors Adapt Tactics for Initial Cloud Access
Veröffentlicht
23. Februar 2024 18:37
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-057a
Text
How SVR-Attributed Actors are Adapting to the Move of Government and Corporations to Cloud Infrastructure OVERVIEW This advisory details recent tactics, techniques, and procedures (TTPs) of the group commonly known as APT29, also known as Midnight Blizzard, the Dukes, or Cozy Bear. The UK National Cyber Security Centre (NCSC) and ...
21.02.2024
US CERT
Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways
Titel
Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways
Veröffentlicht
21. Februar 2024 21:30
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-060b
Text
SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and the following partners (hereafter referred to as the authoring organizations) are releasing this joint Cybersecurity Advisory to warn that cyber threat actors are exploiting previously identified vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure gateways. CISA and authoring organizations appreciate ...
14.02.2024
US CERT
Threat Actor Leverages Compromised Account of Former Employee to Access State Government Organization
Titel
Threat Actor Leverages Compromised Account of Former Employee to Access State Government Organization
Veröffentlicht
14. Februar 2024 21:19
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-046a
Text
SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) conducted an incident response assessment of a state government organization’s network environment after documents containing host and user information, including metadata, were posted on a dark web brokerage site. Analysis confirmed that an ...
01.02.2024
US CERT
PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure
Titel
PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure
Veröffentlicht
1. Februar 2024 21:37
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-038a
Text
SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state-sponsored cyber actors are seeking to pre-position themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a ...
Januar 2024
12.01.2024
US CERT
Known Indicators of Compromise Associated with Androxgh0st Malware
Titel
Known Indicators of Compromise Associated with Androxgh0st Malware
Veröffentlicht
12. Januar 2024 18:13
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-016a
Text
SUMMARY The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with threat actors deploying Androxgh0st malware. Multiple, ongoing investigations and trusted third party reporting ...
Dezember 2023
19.12.2023
US CERT
#StopRansomware: ALPHV Blackcat
Titel
#StopRansomware: ALPHV Blackcat
Veröffentlicht
19. Dezember 2023 15:31
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-353a
Text
SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations ...
14.12.2023
US CERT
Enhancing Cyber Resilience: Insights from the CISA Healthcare and Public Health Sector Risk and Vulnerability Assessment
Titel
Enhancing Cyber Resilience: Insights from the CISA Healthcare and Public Health Sector Risk and Vulnerability Assessment
Veröffentlicht
14. Dezember 2023 01:24
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-349a
Text
SUMMARY In January 2023, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a Risk and Vulnerability Assessment (RVA) at the request of a Healthcare and Public Health (HPH) sector organization to identify vulnerabilities and areas for improvement. An RVA is a two-week penetration test of an entire organization, with one ...
12.12.2023
US CERT
Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally
Titel
Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally
Veröffentlicht
12. Dezember 2023 18:33
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-347a
Text
SUMMARY The U.S. Federal Bureau of Investigation (FBI), U.S. Cybersecurity & Infrastructure Security Agency (CISA), U.S. National Security Agency (NSA), Polish Military Counterintelligence Service (SKW), CERT Polska (CERT.PL), and the UK’s National Cyber Security Centre (NCSC) assess Russian Foreign Intelligence Service (SVR) cyber actors—also known as Advanced Persistent Threat 29 ...
11.12.2023
US CERT
#StopRansomware: Play Ransomware
Titel
#StopRansomware: Play Ransomware
Veröffentlicht
11. Dezember 2023 23:41
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-352a
Text
SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations ...
06.12.2023
US CERT
Russian FSB Cyber Actor Star Blizzard Continues Worldwide Spear-phishing Campaigns
Titel
Russian FSB Cyber Actor Star Blizzard Continues Worldwide Spear-phishing Campaigns
Veröffentlicht
6. Dezember 2023 21:18
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-341a
Text
The Russia-based actor is targeting organizations and individuals in the UK and other geographical areas of interest. OVERVIEW The Russia-based actor Star Blizzard (formerly known as SEABORGIUM, also known as Callisto Group/TA446/COLDRIVER/TAG-53/BlueCharlie) continues to successfully use spear-phishing attacks against targeted organizations and individuals in the UK, and other geographical areas ...
04.12.2023
US CERT
Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers
Titel
Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers
Veröffentlicht
4. Dezember 2023 19:05
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-339a
Text
SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) is releasing a Cybersecurity Advisory (CSA) in response to confirmed exploitation of CVE-2023-26360 by unidentified threat actors at a Federal Civilian Executive Branch (FCEB) agency. This vulnerability presents as an improper access control issue impacting Adobe ColdFusion versions 2018 Update 15 (and ...
01.12.2023
US CERT
IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities
Titel
IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities
Veröffentlicht
1. Dezember 2023 23:21
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-335a
Text
SUMMARY The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Environmental Protection Agency (EPA), and the Israel National Cyber Directorate (INCD)—hereafter referred to as "the authoring agencies"—are disseminating this joint Cybersecurity Advisory (CSA) to highlight continued malicious cyber activity against operational technology devices ...
November 2023
21.11.2023
US CERT
#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability
Titel
#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability
Veröffentlicht
21. November 2023 14:50
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-325a
Text
SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations ...
15.11.2023
US CERT
Scattered Spider
Titel
Scattered Spider
Veröffentlicht
15. November 2023 15:55
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-320a
Text
SUMMARY The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) in response to recent activity by Scattered Spider threat actors against the commercial facilities sectors and subsectors. This advisory provides tactics, techniques, and procedures (TTPs) obtained through FBI investigations ...
14.11.2023
US CERT
#StopRansomware: Rhysida Ransomware
Titel
#StopRansomware: Rhysida Ransomware
Veröffentlicht
14. November 2023 17:45
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-319a
Text
SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders detailing various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect ...
Oktober 2023
13.10.2023
US CERT
Threat Actors Exploit Atlassian Confluence CVE-2023-22515 for Initial Access to Networks
Titel
Threat Actors Exploit Atlassian Confluence CVE-2023-22515 for Initial Access to Networks
Veröffentlicht
13. Oktober 2023 22:48
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-289a
Text
SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint Cybersecurity Advisory (CSA) in response to the active exploitation of CVE-2023-22515. This recently disclosed vulnerability affects certain versions of Atlassian Confluence Data Center and Server, ...
10.10.2023
US CERT
#StopRansomware: AvosLocker Ransomware (Update)
Titel
#StopRansomware: AvosLocker Ransomware (Update)
Veröffentlicht
10. Oktober 2023 17:46
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-284a
Text
SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations ...
02.10.2023
US CERT
NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations
Titel
NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations
Veröffentlicht
2. Oktober 2023 21:42
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-278a
Text
A plea for network defenders and software manufacturers to fix common problems. EXECUTIVE SUMMARY The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint cybersecurity advisory (CSA) to highlight the most common cybersecurity misconfigurations in large organizations, and detail the tactics, techniques, and procedures ...
September 2023
26.09.2023
US CERT
People's Republic of China-Linked Cyber Actors Hide in Router Firmware
Titel
People's Republic of China-Linked Cyber Actors Hide in Router Firmware
Veröffentlicht
26. September 2023 21:45
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-270a
Text
Executive Summary The United States National Security Agency (NSA), the U.S. Federal Bureau of Investigation (FBI), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Japan National Police Agency (NPA), and the Japan National Center of Incident Readiness and Strategy for Cybersecurity (NISC) (hereafter referred to as the “authoring agencies”) ...
18.09.2023
US CERT
#StopRansomware: Snatch Ransomware
Titel
#StopRansomware: Snatch Ransomware
Veröffentlicht
18. September 2023 23:27
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-263a
Text
SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations ...
06.09.2023
US CERT
Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475
Titel
Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475
Veröffentlicht
6. September 2023 19:03
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-250a
Text
SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Cyber National Mission Force (CNMF) identified the presence of indicators of compromise (IOCs) at an Aeronautical Sector organization as early as January 2023. Analysts confirmed that nation-state advanced persistent threat (APT) actors exploited CVE-2022-47966 to gain ...
August 2023
29.08.2023
US CERT
Identification and Disruption of QakBot Infrastructure
Titel
Identification and Disruption of QakBot Infrastructure
Veröffentlicht
29. August 2023 21:28
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-242a
Text
SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) to disseminate QakBot infrastructure indicators of compromise (IOCs) identified through FBI investigations as of August 2023. On August 25, FBI and international partners executed a coordinated operation to disrupt ...
02.08.2023
US CERT
2022 Top Routinely Exploited Vulnerabilities
Titel
2022 Top Routinely Exploited Vulnerabilities
Veröffentlicht
2. August 2023 20:57
URL
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-215a
Text
SUMMARY The following cybersecurity agencies coauthored this joint Cybersecurity Advisory (CSA): United States: The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) Australia: Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) Canada: Canadian Centre for Cyber Security (CCCS) New Zealand: New Zealand ...

Letzte Updates

BOSCH PSIRT
20.03.2024
CODESYS
28.06.2023
SIEMENS CERT
19.04.2024
US CERT
17.04.2024
US CERT (ICS)
25.04.2024

Nach Quelle

Archiv

2024
2023
2022
2021
2020
2019
2018
2017

Feeds