July 2020
Title
AA20-205A: NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems
Published
July 23, 2020, 4:29 p.m.
Summary
Original release date: July 23, 2020SummaryNote: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise and ATT&CK for Industrial Control Systems frameworks for all referenced threat actor techniques and mitigations. Over recent months, cyber actors have demonstrated their continued willingness ...
Title
AA20-198A: Malicious Cyber Actor Use of Network Tunneling and Spoofing to Obfuscate Geolocation
Published
July 16, 2020, 2:09 p.m.
Summary
Original release date: July 16, 2020SummaryThis Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) and Pre-ATT&CK frameworks. See the MITRE ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced threat actor techniques. Attributing malicious cyber activity that uses network tunneling and spoofing techniques to a specific threat ...
Title
AA20-195A: Critical Vulnerability in SAP NetWeaver AS Java
Published
July 14, 2020, 1:07 a.m.
Summary
Original release date: July 13, 2020SummaryOn July 13, 2020 EST, SAP released a security update to address a critical vulnerability, CVE-2020-6287, affecting the SAP NetWeaver Application Server (AS) Java component LM Configuration Wizard. An unauthenticated attacker can exploit this vulnerability through the Hypertext Transfer Protocol (HTTP) to take control of ...
Title
AA20-183A: Defending Against Malicious Cyber Activity Originating from Tor
Published
July 2, 2020, 3 a.m.
Summary
Original release date: July 1, 2020 | Last revised: July 2, 2020SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) and Pre-ATT&CK framework. See the ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced threat actor techniques. This advisory—written by the Cybersecurity Security and Infrastructure Security Agency (CISA) ...
June 2020
Title
AA20-182A: EINSTEIN Data Trends – 30-day Lookback
Published
June 30, 2020, 4:34 p.m.
Summary
Original release date: June 30, 2020SummaryCybersecurity and Infrastructure Security Agency (CISA) analysts have compiled the top detection signatures that have been the most active over the month of May in our national Intrusion Detection System (IDS), known as EINSTEIN. This information is meant to give the reader a closer look ...
May 2020
Title
AA20-133A: Top 10 Routinely Exploited Vulnerabilities
Published
May 12, 2020, 3 p.m.
Summary
Original release date: May 12, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the broader U.S. Government are providing this technical guidance to advise IT security professionals at public and private sector organizations to place an increased priority on patching the most commonly known ...
Title
AA20-126A: APT Groups Target Healthcare and Essential Services
Published
May 5, 2020, 2:58 p.m.
Summary
Original release date: May 5, 2020SummaryThis is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). CISA and NCSC continue to see indications that advanced persistent threat (APT) groups are exploiting the ...
April 2020
Title
AA20-120A: Microsoft Office 365 Security Recommendations
Published
April 29, 2020, 4:41 p.m.
Summary
Original release date: April 29, 2020SummaryAs organizations adapt or change their enterprise collaboration capabilities to meet “telework” requirements, many organizations are migrating to Microsoft Office 365 (O365) and other cloud collaboration services. Due to the speed of these deployments, organizations may not be fully considering the security configurations of these ...
Title
AA20-107A: Continued Threat Actor Exploitation Post Pulse Secure VPN Patching
Published
April 16, 2020, 3:21 p.m.
Summary
Original release date: April 16, 2020 | Last revised: June 30, 2020SummaryNote: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques and mitigations. This Alert provides an update to Cybersecurity and Infrastructure Security ...
Title
AA20-106A: Guidance on the North Korean Cyber Threat
Published
April 15, 2020, 2:31 p.m.
Summary
Original release date: April 15, 2020 | Last revised: June 23, 2020SummaryThe U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation are issuing this advisory as a comprehensive resource on the North Korean cyber threat for the international community, network defenders, and the public. ...
Title
AA20-099A: COVID-19 Exploited by Malicious Cyber Actors
Published
April 8, 2020, 2 p.m.
Summary
Original release date: April 8, 2020SummaryThis is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). This alert provides information on exploitation by cybercriminal and advanced persistent threat (APT) groups of the ...
March 2020
Title
AA20-073A: Enterprise VPN Security
Published
March 13, 2020, 1:08 p.m.
Summary
Original release date: March 13, 2020 | Last revised: April 15, 2020SummaryAs organizations prepare for possible impacts of Coronavirus Disease 2019 (COVID-19), many may consider alternate workplace options for their employees. Remote work options—or telework—require an enterprise virtual private network (VPN) solution to connect employees to an organization’s information technology ...
February 2020
Title
AA20-049A: Ransomware Impacting Pipeline Operations
Published
Feb. 18, 2020, 2:06 p.m.
Summary
Original release date: February 18, 2020 | Last revised: June 30, 2020SummaryNote: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework. See the MITRE ATT&CK for Enterprise and ATT&CK for Industrial Control Systems (ICS) frameworks for all referenced threat actor techniques and mitigations. The Cybersecurity ...

Last Updates

BOSCH PSIRT
21.09.2022
CODESYS
27.07.2022
SIEMENS CERT
13.09.2022
US CERT
22.09.2022
US CERT (ICS)
27.09.2022

By Source

Archive

2022
2021
2020
2019
2018
2017

Feeds