Alerts

Alerts

AA20-258A: Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity

Original release date: September 14, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) has consistently observed Chinese Ministry of State Security (MSS)-affiliated cyber threat actors using publicly available information sources and…

Comments Off on AA20-258A: Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity
September 14, 2020
Alerts

AA20-245A: Technical Approaches to Uncovering and Remediating Malicious Activity

Original release date: September 1, 2020SummaryThis joint advisory is the result of a collaborative research effort by the cybersecurity authorities of five nations: Australia,[1] Canada,[2] New Zealand,[3][4] the United Kingdom,[5]…

Comments Off on AA20-245A: Technical Approaches to Uncovering and Remediating Malicious Activity
September 1, 2020
Alerts

AA20-239A: FASTCash 2.0: North Korea’s BeagleBoyz Robbing Banks

Original release date: August 26, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.…

Comments Off on AA20-239A: FASTCash 2.0: North Korea’s BeagleBoyz Robbing Banks
August 26, 2020
Alerts

AA20-227A: Phishing Emails Used to Deploy KONNI Malware

Original release date: August 14, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.…

Comments Off on AA20-227A: Phishing Emails Used to Deploy KONNI Malware
August 15, 2020
Alerts

AA20-209A: Potential Legacy Risk from Malware Targeting QNAP NAS Devices

Original release date: July 27, 2020SummaryThis is a joint alert from the United States Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). CISA…

Comments Off on AA20-209A: Potential Legacy Risk from Malware Targeting QNAP NAS Devices
July 27, 2020
Alerts

AA20-206A: Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902

Original release date: July 24, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is issuing this alert in response to recently disclosed exploits that target F5 BIG-IP devices that are vulnerable…

Comments Off on AA20-206A: Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902
July 25, 2020
Alerts

AA20-205A: NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems

Original release date: July 23, 2020SummaryNote: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise and ATT&CK for Industrial Control Systems frameworks…

Comments Off on AA20-205A: NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems
July 23, 2020
Alerts

AA20-195A: Critical Vulnerability in SAP NetWeaver AS Java

Original release date: July 13, 2020SummaryOn July 13, 2020 EST, SAP released a security update to address a critical vulnerability, CVE-2020-6287, affecting the SAP NetWeaver Application Server (AS) Java component…

Comments Off on AA20-195A: Critical Vulnerability in SAP NetWeaver AS Java
July 14, 2020