Alerts

Alerts

AA20-283A: APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations

Original release date: October 9, 2020SummaryThis joint cybersecurity advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat…

Comments Off on AA20-283A: APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations
October 10, 2020
Alerts

AA20-280A: Emotet Malware

Original release date: October 6, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.…

Comments Off on AA20-280A: Emotet Malware
October 6, 2020
Alerts

AA20-275A: Potential for China Cyber Response to Heightened U.S.–China Tensions

Original release date: October 1, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.…

Comments Off on AA20-275A: Potential for China Cyber Response to Heightened U.S.–China Tensions
October 1, 2020
Alerts

AA20-266A: LokiBot Malware

Original release date: September 22, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise frameworks for all referenced threat actor techniques.…

Comments Off on AA20-266A: LokiBot Malware
September 22, 2020
Alerts

AA20-259A: Iran-Based Threat Actor Exploits VPN Vulnerabilities

Original release date: September 15, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.…

Comments Off on AA20-259A: Iran-Based Threat Actor Exploits VPN Vulnerabilities
September 15, 2020
Alerts

AA20-258A: Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity

Original release date: September 14, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) has consistently observed Chinese Ministry of State Security (MSS)-affiliated cyber threat actors using publicly available information sources and…

Comments Off on AA20-258A: Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity
September 14, 2020
Alerts

AA20-245A: Technical Approaches to Uncovering and Remediating Malicious Activity

Original release date: September 1, 2020SummaryThis joint advisory is the result of a collaborative research effort by the cybersecurity authorities of five nations: Australia,[1] Canada,[2] New Zealand,[3][4] the United Kingdom,[5]…

Comments Off on AA20-245A: Technical Approaches to Uncovering and Remediating Malicious Activity
September 1, 2020
Alerts

AA20-239A: FASTCash 2.0: North Korea’s BeagleBoyz Robbing Banks

Original release date: August 26, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.…

Comments Off on AA20-239A: FASTCash 2.0: North Korea’s BeagleBoyz Robbing Banks
August 26, 2020
Alerts

AA20-227A: Phishing Emails Used to Deploy KONNI Malware

Original release date: August 14, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.…

Comments Off on AA20-227A: Phishing Emails Used to Deploy KONNI Malware
August 15, 2020