Alerts – Page 6 – CYNET-CSIRT

Increased Truebot Activity Infects U.S. and Canada Based Networks

SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Canadian Centre for Cyber Security (CCCS)…

Comments Off

July 7, 2023

Alerts

Understanding Ransomware Threat Actors: LockBit

SUMMARY In 2022, LockBit was the most deployed ransomware variant across the world and continues to be prolific in 2023. Since January 2020, affiliates using LockBit have attacked organizations of…

Comments Off

June 15, 2023

Alerts

#StopRansomware: CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability

SUMMARY Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These…

Comments Off

June 8, 2023

Alerts

People’s Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection

Summary The United States and international cybersecurity authorities are issuing this joint Cybersecurity Advisory (CSA) to highlight a recently discovered cluster of activity of interest associated with a People’s Republic…

Comments Off

May 25, 2023

Alerts

#StopRansomware: BianLian Ransomware Group

Summary Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These…

Comments Off

May 17, 2023

Alerts

Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG

SUMMARY The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) in response to the active exploitation of CVE-2023-27350. This…

Comments Off

May 12, 2023

Alerts

Hunting Russian Intelligence “Snake” Malware

SUMMARY The Snake implant is considered the most sophisticated cyber espionage tool designed and used by Center 16 of Russia’s Federal Security Service (FSB) for long-term intelligence collection on sensitive…

Comments Off

May 10, 2023

Alerts

APT28 Exploits Known Vulnerability to Carry Out Reconnaissance and Deploy Malware on Cisco Routers

APT28 accesses poorly maintained Cisco routers and deploys malware on unpatched devices using CVE-2017-6742. Overview and Context The UK National Cyber Security Centre (NCSC), the US National Security Agency (NSA),…

Comments Off

April 19, 2023

Alerts

#StopRansomware: LockBit 3.0

SUMMARY Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail ransomware variants and ransomware threat actors. These #StopRansomware…

Comments Off

March 17, 2023

Alerts

Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server

SUMMARY From November 2022 through early January 2023, the Cybersecurity and Infrastructure Security Agency (CISA) and authoring organizations identified the presence of indicators of compromise (IOCs) at a federal civilian…

Comments Off

March 16, 2023