AR19-133A: Microsoft Office 365 Security Observations

Summary As the number of organizations migrating email services to Microsoft Office 365 (O365) and other cloud services increases, the use of third-party companies that move organizations to the cloud…

Comments Off on AR19-133A: Microsoft Office 365 Security Observations

AA19-122A: New Exploits for Unsecure SAP Systems

The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this activity alert in response to recently disclosed exploits that target unsecure configurations of SAP components. [1] A presentation at the…

Comments Off on AA19-122A: New Exploits for Unsecure SAP Systems

AR19-100A: MAR-10135536-8 – North Korean Trojan: HOPLIGHT

NotificationThis report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. The…

Comments Off on AR19-100A: MAR-10135536-8 – North Korean Trojan: HOPLIGHT

AA19-024A: DNS Infrastructure Hijacking Campaign

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a global Domain Name System (DNS) infrastructure hijacking campaign. Using…

Comments Off on AA19-024A: DNS Infrastructure Hijacking Campaign

AR18-352A: Quasar Open-Source Remote Administration Tool

Quasar is a publically available, open-source RAT for Microsoft Windows operating systems (OSs) written in the C# programming language. Quasar is authored by GitHub user MaxXor and publicly hosted as…

Comments Off on AR18-352A: Quasar Open-Source Remote Administration Tool

AR18-337C: MAR-10158513.r1.v1 – SamSam3

NotificationThis report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. The…

Comments Off on AR18-337C: MAR-10158513.r1.v1 – SamSam3

AR18-337B: MAR-10166283.r1.v1 – SamSam2

This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. The…

Comments Off on AR18-337B: MAR-10166283.r1.v1 – SamSam2

AR18-337A: MAR-10219351.r1.v2 – SamSam1

NotificationThis report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. The…

Comments Off on AR18-337A: MAR-10219351.r1.v2 – SamSam1

AA18-337A: SamSam Ransomware

The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the Federal Bureau of Investigation (FBI) are issuing this activity alert to inform computer network defenders…

Comments Off on AA18-337A: SamSam Ransomware