Alerts – Page 3 – CYNET-CSIRT

Threat Actor Leverages Compromised Account of Former Employee to Access State Government Organization

SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) conducted an incident response assessment of a state government organization’s network environment after…

Comments Off

February 16, 2024

Alerts

PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure

SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state-sponsored cyber actors are seeking…

Comments Off

February 8, 2024

Alerts

Known Indicators of Compromise Associated with Androxgh0st Malware

SUMMARY The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) to disseminate known indicators of compromise (IOCs) and…

Comments Off

January 17, 2024

Alerts

#StopRansomware: ALPHV Blackcat

SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These…

Comments Off

December 19, 2023

Alerts

#StopRansomware: Play Ransomware

SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These…

Comments Off

December 19, 2023

Alerts

Enhancing Cyber Resilience: Insights from the CISA Healthcare and Public Health Sector Risk and Vulnerability Assessment

SUMMARY In January 2023, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a Risk and Vulnerability Assessment (RVA) at the request of a Healthcare and Public Health (HPH) sector organization…

Comments Off

December 16, 2023

Alerts

Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally

SUMMARY The U.S. Federal Bureau of Investigation (FBI), U.S. Cybersecurity & Infrastructure Security Agency (CISA), U.S. National Security Agency (NSA), Polish Military Counterintelligence Service (SKW), CERT Polska (CERT.PL), and the…

Comments Off

December 14, 2023

Alerts

Russian FSB Cyber Actor Star Blizzard Continues Worldwide Spear-phishing Campaigns

The Russia-based actor is targeting organizations and individuals in the UK and other geographical areas of interest. OVERVIEW The Russia-based actor Star Blizzard (formerly known as SEABORGIUM, also known as…

Comments Off

December 8, 2023

Alerts

Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers

SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) is releasing a Cybersecurity Advisory (CSA) in response to confirmed exploitation of CVE-2023-26360 by unidentified threat actors at a Federal Civilian Executive…

Comments Off

December 6, 2023

Alerts

IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities

SUMMARY The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Environmental Protection Agency (EPA), and the Israel National Cyber Directorate (INCD)—hereafter referred to…

Comments Off

December 2, 2023