AA21-200B: Chinese State-Sponsored Cyber Operations: Observed TTPs

Original release date: July 19, 2021SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9, and MITRE D3FEND™ framework, version 0.9.2-BETA-3. See the ATT&CK for Enterprise…

Comments Off on AA21-200B: Chinese State-Sponsored Cyber Operations: Observed TTPs

AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department

Original release date: July 19, 2021SummaryThis Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to provide information on…

Comments Off on AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department

AA21-116A: Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders

Original release date: April 26, 2021SummaryThe Federal Bureau of Investigation (FBI), Department of Homeland Security (DHS), and Cybersecurity and Infrastructure Security Agency (CISA) assess Russian Foreign Intelligence Service (SVR) cyber…

Comments Off on AA21-116A: Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders

AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities

Original release date: April 20, 2021SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations by a…

Comments Off on AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities

AA21-076A: TrickBot Malware

Original release date: March 17, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and…

Comments Off on AA21-076A: TrickBot Malware

AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities

Original release date: March 3, 2021SummaryCybersecurity and Infrastructure Security (CISA) partners have observed active exploitation of vulnerabilities in Microsoft Exchange Server products. Successful exploitation of these vulnerabilities allows an unauthenticated…

Comments Off on AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities

AA21-055A: Exploitation of Accellion File Transfer Appliance

Original release date: February 24, 2021SummaryThis joint advisory is the result of a collaborative effort by the cybersecurity authorities of Australia,[1] New Zealand,[2] Singapore,[3] the United Kingdom,[4] and the United…

Comments Off on AA21-055A: Exploitation of Accellion File Transfer Appliance