Alerts

Alerts

AA20-245A: Technical Approaches to Uncovering and Remediating Malicious Activity

Original release date: September 1, 2020SummaryThis joint advisory is the result of a collaborative research effort by the cybersecurity authorities of five nations: Australia,[1] Canada,[2] New Zealand,[3][4] the United Kingdom,[5]…

Comments Off on AA20-245A: Technical Approaches to Uncovering and Remediating Malicious Activity
September 1, 2020
Alerts

AA20-239A: FASTCash 2.0: North Korea’s BeagleBoyz Robbing Banks

Original release date: August 26, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.…

Comments Off on AA20-239A: FASTCash 2.0: North Korea’s BeagleBoyz Robbing Banks
August 26, 2020
Alerts

AA20-227A: Phishing Emails Used to Deploy KONNI Malware

Original release date: August 14, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.…

Comments Off on AA20-227A: Phishing Emails Used to Deploy KONNI Malware
August 15, 2020
Alerts

AA20-209A: Potential Legacy Risk from Malware Targeting QNAP NAS Devices

Original release date: July 27, 2020SummaryThis is a joint alert from the United States Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). CISA…

Comments Off on AA20-209A: Potential Legacy Risk from Malware Targeting QNAP NAS Devices
July 27, 2020
Alerts

AA20-206A: Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902

Original release date: July 24, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is issuing this alert in response to recently disclosed exploits that target F5 BIG-IP devices that are vulnerable…

Comments Off on AA20-206A: Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902
July 25, 2020
Alerts

AA20-205A: NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems

Original release date: July 23, 2020SummaryNote: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise and ATT&CK for Industrial Control Systems frameworks…

Comments Off on AA20-205A: NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems
July 23, 2020
Alerts

AA20-195A: Critical Vulnerability in SAP NetWeaver AS Java

Original release date: July 13, 2020SummaryOn July 13, 2020 EST, SAP released a security update to address a critical vulnerability, CVE-2020-6287, affecting the SAP NetWeaver Application Server (AS) Java component…

Comments Off on AA20-195A: Critical Vulnerability in SAP NetWeaver AS Java
July 14, 2020
Alerts

AA20-183A: Defending Against Malicious Cyber Activity Originating from Tor

Original release date: July 1, 2020SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) and Pre-ATT&CK framework. See the ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced…

Comments Off on AA20-183A: Defending Against Malicious Cyber Activity Originating from Tor
July 2, 2020