Alerts

Alerts

AA20-275A: Potential for China Cyber Response to Heightened U.S.–China Tensions

Original release date: October 1, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.…

Comments Off on AA20-275A: Potential for China Cyber Response to Heightened U.S.–China Tensions
October 1, 2020
Alerts

AA20-266A: LokiBot Malware

Original release date: September 22, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise frameworks for all referenced threat actor techniques.…

Comments Off on AA20-266A: LokiBot Malware
September 22, 2020
Alerts

AA20-259A: Iran-Based Threat Actor Exploits VPN Vulnerabilities

Original release date: September 15, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.…

Comments Off on AA20-259A: Iran-Based Threat Actor Exploits VPN Vulnerabilities
September 15, 2020
Alerts

AA20-258A: Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity

Original release date: September 14, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) has consistently observed Chinese Ministry of State Security (MSS)-affiliated cyber threat actors using publicly available information sources and…

Comments Off on AA20-258A: Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity
September 14, 2020
Alerts

AA20-245A: Technical Approaches to Uncovering and Remediating Malicious Activity

Original release date: September 1, 2020SummaryThis joint advisory is the result of a collaborative research effort by the cybersecurity authorities of five nations: Australia,[1] Canada,[2] New Zealand,[3][4] the United Kingdom,[5]…

Comments Off on AA20-245A: Technical Approaches to Uncovering and Remediating Malicious Activity
September 1, 2020
Alerts

AA20-239A: FASTCash 2.0: North Korea’s BeagleBoyz Robbing Banks

Original release date: August 26, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.…

Comments Off on AA20-239A: FASTCash 2.0: North Korea’s BeagleBoyz Robbing Banks
August 26, 2020
Alerts

AA20-227A: Phishing Emails Used to Deploy KONNI Malware

Original release date: August 14, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.…

Comments Off on AA20-227A: Phishing Emails Used to Deploy KONNI Malware
August 15, 2020
Alerts

AA20-209A: Potential Legacy Risk from Malware Targeting QNAP NAS Devices

Original release date: July 27, 2020SummaryThis is a joint alert from the United States Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). CISA…

Comments Off on AA20-209A: Potential Legacy Risk from Malware Targeting QNAP NAS Devices
July 27, 2020
Alerts

AA20-206A: Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902

Original release date: July 24, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is issuing this alert in response to recently disclosed exploits that target F5 BIG-IP devices that are vulnerable…

Comments Off on AA20-206A: Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902
July 25, 2020