Analysis Reports

Analysis Reports

AR20-268A: Federal Agency Compromised by Malicious Cyber Actor

Original release date: September 24, 2020SummaryThis Analysis Report uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor…

Comments Off on AR20-268A: Federal Agency Compromised by Malicious Cyber Actor
September 24, 2020
Analysis Reports

AR20-259A: MAR-10297887-1.v1 – Iranian Web Shells

Original release date: September 15, 2020Description Notification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any…

Comments Off on AR20-259A: MAR-10297887-1.v1 – Iranian Web Shells
September 15, 2020
Analysis Reports

AR20-216A: MAR-10292089-1.v1 – Chinese Remote Access Trojan: TAIDOOR

Original release date: August 3, 2020<br/><h3>Detection and Response</h3><table id="cma-table"> <thead> </thead> <tbody> <tr> <td> <h3 class="cma-section-title">Notification</h3> <div class="cma-section"> <p class="cma-text">This report is provided "as is" for informational purposes only. The…

Comments Off on AR20-216A: MAR-10292089-1.v1 – Chinese Remote Access Trojan: TAIDOOR
August 4, 2020
Analysis Reports

AR20-198B: MAR-10296782-2.v1 – WELLMESS

Original release date: July 16, 2020DescriptionNotification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind…

Comments Off on AR20-198B: MAR-10296782-2.v1 – WELLMESS
July 16, 2020
Analysis Reports

AR20-198A: MAR-10296782-1.v1 – SOREFANG

Original release date: July 16, 2020DescriptionNotification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind…

Comments Off on AR20-198A: MAR-10296782-1.v1 – SOREFANG
July 16, 2020