October 2020 – CYNET-CSIRT

CISA and FBI Release Joint Advisory on Iranian APT Actor Targeting Voter Registration Data

Original release date: October 30, 2020The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint cybersecurity advisory on an Iranian advanced persistent…

Comments Off

October 30, 2020

Alerts

AA20-304A: Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data

Original release date: October 30, 2020SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced…

Comments Off

October 30, 2020

Current Activity

Microsoft Warns of Continued Exploitation of CVE-2020-1472

Original release date: October 29, 2020Microsoft has released a blog post on cyber threat actors exploiting CVE-2020-1472, an elevation of privilege vulnerability in Microsoft’s Netlogon. A remote attacker can exploit…

Comments Off

October 30, 2020

Analysis Reports

AR20-303B: MAR-10310246-1.v1 – ZEBROCY Backdoor

Original release date: October 29, 2020DescriptionNotification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind…

Comments Off

October 29, 2020

Current Activity

CISA and CNMF Identify a New Malware Variant: Zebrocy

Original release date: October 29, 2020Content: The Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Defense (DOD) Cyber National Mission Force (CNMF) have identified a malware variant—referred to…

Comments Off

October 29, 2020

Current Activity

CISA, FBI, and CNMF Identify a New Malware Variant: ComRAT

Original release date: October 29, 2020The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense Cyber National Mission Force (CNMF) have identified…

Comments Off

October 29, 2020

Analysis Reports

AR20-303A: MAR-10310246-2.v1 – PowerShell Script: ComRAT

Original release date: October 29, 2020Description Notification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any…

Comments Off

October 29, 2020

Current Activity

Ransomware Activity Targeting the Healthcare and Public Health Sector

Original release date: October 28, 2020The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of Health and Human Services (HHS) have credible…

Comments Off

October 29, 2020

Current Activity

Ransomware Activity Targeting the Healthcare and Public Health Sector

Original release date: October 28, 2020The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of Health and Human Services (HHS) have credible…

Comments Off

October 29, 2020

Alerts

AA20-302A: Ransomware Activity Targeting the Healthcare and Public Health Sector

Original release date: October 28, 2020SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced…

Comments Off

October 29, 2020