Alerts – Page 2 – CYNET-CSIRT

North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs

Summary The U.S. Federal Bureau of Investigation (FBI) and the following authoring partners are releasing this Cybersecurity Advisory to highlight cyber espionage activity associated with the Democratic People’s Republic of…

Comments Off

July 26, 2024

Alerts

CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth

EXECUTIVE SUMMARY In early 2023, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a SILENTSHIELD red team assessment against a Federal Civilian Executive Branch (FCEB) organization. During SILENTSHIELD assessments, the…

Comments Off

July 12, 2024

Alerts

People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action

Overview Background This advisory, authored by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the United States Cybersecurity and Infrastructure Security Agency (CISA), the United States National Security…

Comments Off

July 9, 2024

Alerts

#StopRansomware: Black Basta

SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These…

Comments Off

May 10, 2024

Alerts

#StopRansomware: Akira Ransomware

SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These…

Comments Off

April 19, 2024

Alerts

Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways

SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and the following partners (hereafter referred to as the authoring organizations) are releasing this joint Cybersecurity Advisory to warn that cyber threat…

Comments Off

March 1, 2024

Alerts

#StopRansomware: Phobos Ransomware

SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories…

Comments Off

March 1, 2024

Alerts

SVR Cyber Actors Adapt Tactics for Initial Cloud Access

How SVR-Attributed Actors are Adapting to the Move of Government and Corporations to Cloud Infrastructure OVERVIEW This advisory details recent tactics, techniques, and procedures (TTPs) of the group commonly known…

Comments Off

February 27, 2024

Alerts

Threat Actor Leverages Compromised Account of Former Employee to Access State Government Organization

SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) conducted an incident response assessment of a state government organization’s network environment after…

Comments Off

February 16, 2024

Alerts

PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure

SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state-sponsored cyber actors are seeking…

Comments Off

February 8, 2024