Januar 2022
11.01.2022
US CERT
AA22-011A: Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
Titel
AA22-011A: Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
Veröffentlicht
11. Januar 2022 16:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa22-011a
Text
Original release date: January 11, 2022SummaryActions Critical Infrastructure Organizations Should Implement to Immediately Strengthen Their Cyber Posture. • Patch all systems. Prioritize patching known exploited vulnerabilities. • Implement multi-factor authentication. • Use antivirus software. • Develop internal contact lists and surge support. Note: this advisory uses the MITRE Adversarial Tactics, ...
Dezember 2021
22.12.2021
US CERT
AA21-356A: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
Titel
AA21-356A: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
Veröffentlicht
22. Dezember 2021 16:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-356a
Text
Original release date: December 22, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), the Computer Emergency Response Team New Zealand (CERT NZ), the New Zealand National Cyber Security Centre (NZ ...
02.12.2021
US CERT
AA21-336A: APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus
Titel
AA21-336A: APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus
Veröffentlicht
2. Dezember 2021 19:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-336a
Text
Original release date: December 2, 2021 | Last revised: December 6, 2021SummaryThis joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise framework for referenced threat actor techniques and for mitigations. This joint advisory is the result of analytic ...
November 2021
17.11.2021
US CERT
AA21-321A: Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furthera...
Titel
AA21-321A: Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
Veröffentlicht
17. November 2021 15:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-321a
Text
Original release date: November 17, 2021 | Last revised: November 19, 2021SummaryActions to Take Today to Protect Against Iranian State-Sponsored Malicious Cyber Activity • Immediately patch software affected by the following vulnerabilities: CVE-2021-34473, 2018-13379, 2020-12812, and 2019-5591. • Implement multi-factor authentication. • Use strong, unique passwords. Note: this advisory uses ...
Oktober 2021
18.10.2021
US CERT
AA21-291A: BlackMatter Ransomware
Titel
AA21-291A: BlackMatter Ransomware
Veröffentlicht
18. Oktober 2021 19:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-291a
Text
Original release date: October 18, 2021SummaryActions You Can Take Now to Protect Against BlackMatter Ransomware • Implement and enforce backup and restoration policies and procedures. • Use strong, unique passwords. • Use multi-factor authentication. • Implement network segmentation and traversal monitoring. Note: this advisory uses the MITRE Adversarial Tactics, Techniques, ...
14.10.2021
US CERT
AA21-287A: Ongoing Cyber Threats to U.S. Water and Wastewater Systems
Titel
AA21-287A: Ongoing Cyber Threats to U.S. Water and Wastewater Systems
Veröffentlicht
14. Oktober 2021 20:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-287a
Text
Original release date: October 14, 2021SummaryImmediate Actions WWS Facilities Can Take Now to Protect Against Malicious Cyber Activity • Do not click on suspicious links. • If you use RDP, secure and monitor it. • Use strong passwords. • Use multi-factor authentication. Note: This advisory uses the MITRE Adversarial Tactics, ...
September 2021
22.09.2021
US CERT
AA21-265A: Conti Ransomware
Titel
AA21-265A: Conti Ransomware
Veröffentlicht
22. September 2021 19:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-265a
Text
Original release date: September 22, 2021SummaryImmediate Actions You Can Take Now to Protect Against Conti Ransomware • Use multi-factor authentication. • Segment and segregate networks and functions. • Update your operating system and software. Note: This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, version 9. ...
16.09.2021
US CERT
AA21-259A: APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus
Titel
AA21-259A: APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus
Veröffentlicht
16. September 2021 19:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-259a
Text
Original release date: September 16, 2021SummaryThis Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 8. See the ATT&CK for Enterprise for referenced threat actor tactics and for techniques. This joint advisory is the result of analytic efforts between the Federal Bureau of Investigation ...
August 2021
31.08.2021
US CERT
AA21-243A: Ransomware Awareness for Holidays and Weekends
Titel
AA21-243A: Ransomware Awareness for Holidays and Weekends
Veröffentlicht
31. August 2021 19:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-243a
Text
Original release date: August 31, 2021 | Last revised: September 2, 2021SummaryImmediate Actions You Can Take Now to Protect Against Ransomware • Make an offline backup of your data. • Do not click on suspicious links. • If you use RDP, secure and monitor it. • Update your OS and ...
17.08.2021
US CERT
AA21-229A: BadAlloc Vulnerability Affecting BlackBerry QNX RTOS
Titel
AA21-229A: BadAlloc Vulnerability Affecting BlackBerry QNX RTOS
Veröffentlicht
17. August 2021 19:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-229a
Text
Original release date: August 17, 2021 | Last revised: August 23, 2021SummaryOn August 17, 2021, BlackBerry publicly disclosed that its QNX Real Time Operating System (RTOS) is affected by a BadAlloc vulnerability—CVE-2021-22156. BadAlloc is a collection of vulnerabilities affecting multiple RTOSs and supporting libraries.[1] A remote attacker could exploit CVE-2021-22156 ...
Juli 2021
28.07.2021
US CERT
AA21-209A: Top Routinely Exploited Vulnerabilities
Titel
AA21-209A: Top Routinely Exploited Vulnerabilities
Veröffentlicht
28. Juli 2021 14:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-209a
Text
Original release date: July 28, 2021 | Last revised: August 20, 2021SummaryThis Joint Cybersecurity Advisory was coauthored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI). This advisory ...
20.07.2021
US CERT
AA21-201A: Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013
Titel
AA21-201A: Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013
Veröffentlicht
20. Juli 2021 15:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-201a
Text
Original release date: July 20, 2021 | Last revised: July 21, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. Note: CISA released technical information, including indicators of compromise (IOCs), provided ...
19.07.2021
US CERT
AA21-200B: Chinese State-Sponsored Cyber Operations: Observed TTPs
Titel
AA21-200B: Chinese State-Sponsored Cyber Operations: Observed TTPs
Veröffentlicht
19. Juli 2021 13:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-200b
Text
Original release date: July 19, 2021 | Last revised: August 20, 2021SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9, and MITRE D3FEND™ framework, version 0.9.2-BETA-3. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques and the D3FEND framework for ...
19.07.2021
US CERT
AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Depar...
Titel
AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department
Veröffentlicht
19. Juli 2021 13:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-200a
Text
Original release date: July 19, 2021 | Last revised: July 20, 2021SummaryThis Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to provide information on a Chinese Advanced Persistent Threat (APT) group known in open-source reporting as APT40. This ...
Mai 2021
29.05.2021
US CERT
AA21-148A: Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs
Titel
AA21-148A: Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs
Veröffentlicht
29. Mai 2021 00:29
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-148a
Text
Original release date: May 28, 2021 | Last revised: May 29, 2021SummaryThis Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency (CISA) and the ...
11.05.2021
US CERT
AA21-131A: DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks
Titel
AA21-131A: DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks
Veröffentlicht
11. Mai 2021 21:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-131a
Text
Original release date: May 11, 2021 | Last revised: May 20, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau ...
April 2021
26.04.2021
US CERT
AA21-116A: Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders
Titel
AA21-116A: Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders
Veröffentlicht
26. April 2021 17:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-116a
Text
Original release date: April 26, 2021SummaryThe Federal Bureau of Investigation (FBI), Department of Homeland Security (DHS), and Cybersecurity and Infrastructure Security Agency (CISA) assess Russian Foreign Intelligence Service (SVR) cyber actors—also known as Advanced Persistent Threat 29 (APT 29), the Dukes, CozyBear, and Yttrium—will continue to seek intelligence from U.S. ...
20.04.2021
US CERT
AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities
Titel
AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities
Veröffentlicht
20. April 2021 17:03
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-110a
Text
Original release date: April 20, 2021 | Last revised: May 28, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises affecting a number of U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actor—or actors—beginning in June 2020 or earlier related to ...
März 2021
18.03.2021
US CERT
AA21-077A: Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool
Titel
AA21-077A: Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool
Veröffentlicht
18. März 2021 19:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-077a
Text
Original release date: March 18, 2021 | Last revised: April 15, 2021SummaryUpdated April 15, 2021: The U.S. Government attributes this activity to the Russian Foreign Intelligence Service (SVR). Additional information may be found in a statement from the White House. For more information on SolarWinds-related activity, go to https://us-cert.cisa.gov/remediating-apt-compromised-networks and ...
17.03.2021
US CERT
AA21-076A: TrickBot Malware
Titel
AA21-076A: TrickBot Malware
Veröffentlicht
17. März 2021 16:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-076a
Text
Original release date: March 17, 2021 | Last revised: May 20, 2021SummaryThis Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 8. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency (CISA) and Federal ...
03.03.2021
US CERT
AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities
Titel
AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities
Veröffentlicht
3. März 2021 19:12
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-062a
Text
Original release date: March 3, 2021 | Last revised: March 14, 2021SummaryNote: This Alert was updated March 13, 2021 to provide further guidance. Cybersecurity and Infrastructure Security (CISA) partners have observed active exploitation of vulnerabilities in Microsoft Exchange Server products. Successful exploitation of these vulnerabilities allows an unauthenticated attacker to ...
Februar 2021
24.02.2021
US CERT
AA21-055A: Exploitation of Accellion File Transfer Appliance
Titel
AA21-055A: Exploitation of Accellion File Transfer Appliance
Veröffentlicht
24. Februar 2021 15:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-055a
Text
Original release date: February 24, 2021 | Last revised: February 25, 2021SummaryThis joint advisory is the result of a collaborative effort by the cybersecurity authorities of Australia,[1] New Zealand,[2] Singapore,[3] the United Kingdom,[4] and the United States.[5][6] These authorities are aware of cyber actors exploiting vulnerabilities in Accellion File Transfer ...
17.02.2021
US CERT
AA21-048A: AppleJeus: Analysis of North Korea’s Cryptocurrency Malware
Titel
AA21-048A: AppleJeus: Analysis of North Korea’s Cryptocurrency Malware
Veröffentlicht
17. Februar 2021 17:00
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-048a
Text
Original release date: February 17, 2021 | Last revised: March 2, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This joint advisory is the result of analytic efforts among the Federal Bureau ...
11.02.2021
US CERT
AA21-042A: Compromise of U.S. Water Treatment Facility
Titel
AA21-042A: Compromise of U.S. Water Treatment Facility
Veröffentlicht
11. Februar 2021 20:15
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-042a
Text
Original release date: February 11, 2021 | Last revised: February 12, 2021SummaryOn February 5, 2021, unidentified cyber actors obtained unauthorized access to the supervisory control and data acquisition (SCADA) system at a U.S. drinking water treatment facility. The unidentified actors used the SCADA system’s software to increase the amount of ...
Januar 2021
08.01.2021
US CERT
AA21-008A: Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments
Titel
AA21-008A: Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments
Veröffentlicht
8. Januar 2021 17:36
URL
https://us-cert.cisa.gov/ncas/alerts/aa21-008a
Text
Original release date: January 8, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This Alert is a companion alert to AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private ...

Letzte Updates

BOSCH PSIRT
15.05.2024
SIEMENS CERT
14.05.2024
US CERT
10.05.2024
US CERT (ICS)
16.05.2024

Nach Quelle

Archiv

2024
2023
2022
2021
2020
2019
2018
2017

Feeds