Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-05-24CISACISA
@online{cisa:20230524:aa23144a:ea45fbb, author = {CISA}, title = {{AA23-144a: People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection}}, date = {2023-05-24}, organization = {CISA}, url = {https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-144a}, language = {English}, urldate = {2023-05-26} } AA23-144a: People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection
2023-05-09CISACISA
@online{cisa:20230509:hunting:eee110d, author = {CISA}, title = {{Hunting Russian Intelligence “Snake” Malware}}, date = {2023-05-09}, organization = {CISA}, url = {https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-129a}, language = {English}, urldate = {2023-05-10} } Hunting Russian Intelligence “Snake” Malware
Agent.BTZ Cobra Carbon System Uroburos
2023-04-18NCSC UKNCSC UK, CISA, FBI, NSA
@techreport{uk:20230418:apt28:f50b70e, author = {NCSC UK and CISA and FBI and NSA}, title = {{APT28 exploits known vulnerability to carry out reconnaissance and deploy malware on Cisco routers}}, date = {2023-04-18}, institution = {NCSC UK}, url = {https://www.ncsc.gov.uk/files/Advisory_APT28-exploits-known-vulnerability.pdf}, language = {English}, urldate = {2023-04-22} } APT28 exploits known vulnerability to carry out reconnaissance and deploy malware on Cisco routers
2023-03-09VulnCheckJacob Baines
@online{baines:20230309:vulncheck:55f2b21, author = {Jacob Baines}, title = {{The VulnCheck 2022 Exploited Vulnerability Report - Missing CISA KEV Catalog Entries}}, date = {2023-03-09}, organization = {VulnCheck}, url = {https://vulncheck.com/blog/2022-missing-kev-report}, language = {English}, urldate = {2023-03-13} } The VulnCheck 2022 Exploited Vulnerability Report - Missing CISA KEV Catalog Entries
2023-03-02CISACISA
@online{cisa:20230302:stopransomware:09958a9, author = {CISA}, title = {{#StopRansomware: Royal Ransomware}}, date = {2023-03-02}, organization = {CISA}, url = {https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-061a}, language = {English}, urldate = {2023-03-04} } #StopRansomware: Royal Ransomware
Royal Ransom
2023-02-09NSA, FBI, CISA, HHS, ROK, DSA
@techreport{nsa:20230209:stopransomware:87d3a94, author = {NSA and FBI and CISA and HHS and ROK and DSA}, title = {{#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities}}, date = {2023-02-09}, institution = {}, url = {https://media.defense.gov/2023/Feb/09/2003159161/-1/-1/0/CSA_RANSOMWARE_ATTACKS_ON_CI_FUND_DPRK_ACTIVITIES.PDF}, language = {English}, urldate = {2023-02-13} } #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Maui Ransomware SiennaBlue SiennaPurple
2022-12-01CISACISA
@techreport{cisa:20221201:stopransomware:de73b79, author = {CISA}, title = {{#StopRansomware: Cuba Ransomware}}, date = {2022-12-01}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/aa22-335a-stopransomware-cuba-ransomware.pdf}, language = {English}, urldate = {2022-12-02} } #StopRansomware: Cuba Ransomware
Cuba
2022-10-21CISAUS-CERT, HHS, FBI
@online{uscert:20221021:alert:6acb015, author = {US-CERT and HHS and FBI}, title = {{Alert (AA22-294A) #StopRansomware: Daixin Team}}, date = {2022-10-21}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-294a}, language = {English}, urldate = {2022-10-24} } Alert (AA22-294A) #StopRansomware: Daixin Team
2022-10-06CISAUS-CERT, NSA, FBI
@online{uscert:20221006:alert:07aeb24, author = {US-CERT and NSA and FBI}, title = {{Alert (AA22-279A) Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors}}, date = {2022-10-06}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-279a}, language = {English}, urldate = {2022-10-19} } Alert (AA22-279A) Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors
2022-10-04CISAUS-CERT
@online{uscert:20221004:alert:0011858, author = {US-CERT}, title = {{Alert (AA22-277A) Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization}}, date = {2022-10-04}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-277a}, language = {English}, urldate = {2022-10-19} } Alert (AA22-277A) Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization
2022-09-22CISAUS-CERT, NSA
@online{uscert:20220922:alert:8d8a111, author = {US-CERT and NSA}, title = {{Alert (AA22-265A) Control System Defense: Know the Opponent}}, date = {2022-09-22}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-265a}, language = {English}, urldate = {2022-10-19} } Alert (AA22-265A) Control System Defense: Know the Opponent
2022-09-21CISAFBI, CISA
@techreport{fbi:20220921:aa22264a:9ac5793, author = {FBI and CISA}, title = {{AA22-264A: Iranian State Actors Conduct Cyber Operations Against the Government of Albania (PDF)}}, date = {2022-09-21}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/aa22-264a-iranian-cyber-actors-conduct-cyber-operations-against-the-government-of-albania.pdf}, language = {English}, urldate = {2022-09-26} } AA22-264A: Iranian State Actors Conduct Cyber Operations Against the Government of Albania (PDF)
Unidentified 095 (Iranian Wiper)
2022-09-21CISAFBI, CISA
@online{fbi:20220921:alert:215e4f3, author = {FBI and CISA}, title = {{Alert (AA22-264A) Iranian State Actors Conduct Cyber Operations Against the Government of Albania}}, date = {2022-09-21}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-264a}, language = {English}, urldate = {2022-09-26} } Alert (AA22-264A) Iranian State Actors Conduct Cyber Operations Against the Government of Albania
Unidentified 095 (Iranian Wiper)
2022-09-14CISAFBI, US-CERT, NSA, U.S. Cyber Command, U.S. Department of the Treasury, Australian Cyber Security Centre (ACSC), CSE Canada, NCSC UK
@online{fbi:20220914:alert:c9a3789, author = {FBI and US-CERT and NSA and U.S. Cyber Command and U.S. Department of the Treasury and Australian Cyber Security Centre (ACSC) and CSE Canada and NCSC UK}, title = {{Alert (AA22-257A): Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations}}, date = {2022-09-14}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-257a}, language = {English}, urldate = {2022-09-20} } Alert (AA22-257A): Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations
2022-09-06CISAUS-CERT, FBI, CISA, MS-ISAC
@online{uscert:20220906:alert:4058a6d, author = {US-CERT and FBI and CISA and MS-ISAC}, title = {{Alert (AA22-249A) #StopRansomware: Vice Society}}, date = {2022-09-06}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-249a}, language = {English}, urldate = {2022-09-16} } Alert (AA22-249A) #StopRansomware: Vice Society
Cobalt Strike Empire Downloader FiveHands HelloKitty SystemBC Zeppelin
2022-08-11CISACISA, FBI
@online{cisa:20220811:alert:d9f4fc0, author = {CISA and FBI}, title = {{Alert (AA22-223A) #StopRansomware: Zeppelin Ransomware}}, date = {2022-08-11}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-223a}, language = {English}, urldate = {2022-08-12} } Alert (AA22-223A) #StopRansomware: Zeppelin Ransomware
Zeppelin
2022-08-11CISAFBI, CISA
@techreport{fbi:20220811:stopransomware:d37ee96, author = {FBI and CISA}, title = {{#StopRansomware: Zeppelin Ransomware (PDF)}}, date = {2022-08-11}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-223A_Zeppelin_CSA.pdf}, language = {English}, urldate = {2022-08-15} } #StopRansomware: Zeppelin Ransomware (PDF)
Zeppelin
2022-07-06CISAFBI, CISA, Department of the Treasury (Treasury)
@techreport{fbi:20220706:csa:fcffb49, author = {FBI and CISA and Department of the Treasury (Treasury)}, title = {{CSA AA22-187A: North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector (PDF)}}, date = {2022-07-06}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/aa22-187a-north-korean%20state-sponsored-cyber-actors-use-maui-ransomware-to-target-the-hph-sector.pdf}, language = {English}, urldate = {2022-07-13} } CSA AA22-187A: North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector (PDF)
Maui Ransomware
2022-07-06CISAFBI, CISA, Department of the Treasury (Treasury)
@online{fbi:20220706:alert:4231af8, author = {FBI and CISA and Department of the Treasury (Treasury)}, title = {{Alert (AA22-187A): North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector}}, date = {2022-07-06}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-187a}, language = {English}, urldate = {2022-07-13} } Alert (AA22-187A): North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector
Maui Ransomware
2022-07-01CISACISA, FBI, Department of the Treasury (Treasury), FINCEN
@online{cisa:20220701:alert:12e80c1, author = {CISA and FBI and Department of the Treasury (Treasury) and FINCEN}, title = {{Alert (AA22-181A): #StopRansomware: MedusaLocker}}, date = {2022-07-01}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-181a}, language = {English}, urldate = {2022-07-05} } Alert (AA22-181A): #StopRansomware: MedusaLocker
MedusaLocker