Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-06-01CISACISA, FBI, Department of the Treasury (Treasury), FINCEN
@online{cisa:20220601:alert:f73857d, author = {CISA and FBI and Department of the Treasury (Treasury) and FINCEN}, title = {{Alert (AA22-152A): Karakurt Data Extortion Group}}, date = {2022-06-01}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-152a}, language = {English}, urldate = {2022-06-02} } Alert (AA22-152A): Karakurt Data Extortion Group
MimiKatz
2022-06-01CISAFBI, CISA, Department of the Treasury (Treasury), FINCEN
@techreport{fbi:20220601:joint:366b0d0, author = {FBI and CISA and Department of the Treasury (Treasury) and FINCEN}, title = {{Joint Cybersecurity Advisory (Product ID AA22-152A): Karakurt Data Extortion Group}}, date = {2022-06-01}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-152A_Karakurt_Data_Extortion_Group.pdf}, language = {English}, urldate = {2022-06-02} } Joint Cybersecurity Advisory (Product ID AA22-152A): Karakurt Data Extortion Group
MimiKatz
2022-05-16FBIFBI
@techreport{fbi:20220516:fbi:0ff55a3, author = {FBI}, title = {{FBI Flash MC-000170-MW: Cyber Actors Scrape Credit Card Data from US Business’ Online Checkout Page and Maintain Persistence by Injecting Malicious PHP Code}}, date = {2022-05-16}, institution = {FBI}, url = {https://www.ic3.gov/Media/News/2022/220516.pdf}, language = {English}, urldate = {2022-05-25} } FBI Flash MC-000170-MW: Cyber Actors Scrape Credit Card Data from US Business’ Online Checkout Page and Maintain Persistence by Injecting Malicious PHP Code
2022-04-27CISACISA, NSA, FBI, Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), New Zealand National Cyber Security Centre (NZ NCSC), United Kingdom’s National Cyber Security Centre (NCSC-UK)
@online{cisa:20220427:alert:e02c831, author = {CISA and NSA and FBI and Australian Cyber Security Centre (ACSC) and Canadian Centre for Cyber Security (CCCS) and New Zealand National Cyber Security Centre (NZ NCSC) and United Kingdom’s National Cyber Security Centre (NCSC-UK)}, title = {{Alert (AA22-117A) 2021 Top Routinely Exploited Vulnerabilities}}, date = {2022-04-27}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-117a}, language = {English}, urldate = {2022-04-29} } Alert (AA22-117A) 2021 Top Routinely Exploited Vulnerabilities
2022-04-20CISACISA, NSA, FBI, Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), Government Communications Security Bureau, NCSC UK, National Crime Agency (NCA)
@techreport{cisa:20220420:aa22110a:4fde5d6, author = {CISA and NSA and FBI and Australian Cyber Security Centre (ACSC) and Canadian Centre for Cyber Security (CCCS) and Government Communications Security Bureau and NCSC UK and National Crime Agency (NCA)}, title = {{AA22-110A Joint CSA: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure}}, date = {2022-04-20}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-110A_Joint_CSA_Russian_State-Sponsored_and_Criminal_Cyber_Threats_to_Critical_Infrastructure_4_20_22_Final.pdf}, language = {English}, urldate = {2022-04-25} } AA22-110A Joint CSA: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
VPNFilter BlackEnergy DanaBot DoppelDridex Emotet EternalPetya GoldMax Industroyer Sality SmokeLoader TrickBot Triton Zloader
2022-04-19FBIFBI
@techreport{fbi:20220419:fbi:05194a3, author = {FBI}, title = {{FBI Flash CU-000167-MW: BlackCat/ALPHV Ransomware Indicators of Compromise}}, date = {2022-04-19}, institution = {FBI}, url = {https://www.ic3.gov/Media/News/2022/220420.pdf}, language = {English}, urldate = {2022-05-04} } FBI Flash CU-000167-MW: BlackCat/ALPHV Ransomware Indicators of Compromise
BlackCat
2022-04-18CISACISA, U.S. Department of the Treasury, FBI
@techreport{cisa:20220418:aa22108a:a0a81c6, author = {CISA and U.S. Department of the Treasury and FBI}, title = {{AA22-108A: TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies (PDF)}}, date = {2022-04-18}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-108A-TraderTraitor-North_Korea_APT_Targets_Blockchain_Companies.pdf}, language = {English}, urldate = {2022-04-20} } AA22-108A: TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies (PDF)
FastCash Bankshot
2022-04-18CISACISA, FBI, U.S. Department of the Treasury
@online{cisa:20220418:alert:dcc72c0, author = {CISA and FBI and U.S. Department of the Treasury}, title = {{Alert (AA22-108A): TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies}}, date = {2022-04-18}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-108a}, language = {English}, urldate = {2022-04-25} } Alert (AA22-108A): TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies
Bankshot
2022-04-13Department of Energy (DOE), NSA, FBI, CISA
@techreport{doe:20220413:cyber:1dee54e, author = {Department of Energy (DOE) and NSA and FBI and CISA}, title = {{APT Cyber Tools Targeting ICS/SCADA Devices}}, date = {2022-04-13}, institution = {}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/Joint_Cybersecurity_Advisory_APT%20Cyber%20Tools%20Targeting%20ICS%20SCADA%20Devices.pdf}, language = {English}, urldate = {2022-04-15} } APT Cyber Tools Targeting ICS/SCADA Devices
2022-04-07BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20220407:threat:d5d3259, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: AvosLocker Prompts Advisory from FBI and FinCEN}}, date = {2022-04-07}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2022/04/threat-thursday-avoslocker-prompts-advisory-from-fbi-and-fincen}, language = {English}, urldate = {2022-04-15} } Threat Thursday: AvosLocker Prompts Advisory from FBI and FinCEN
Avoslocker AvosLocker
2022-03-24FBIFBI
@techreport{fbi:20220324:pin:d54bbb9, author = {FBI}, title = {{PIN Number 20220324-001 TRITON Malware Remains Threat to Global Critical Infrastructure Industrial Control Systems (ICS)}}, date = {2022-03-24}, institution = {FBI}, url = {https://www.ic3.gov/Media/News/2022/220325.pdf}, language = {English}, urldate = {2022-03-25} } PIN Number 20220324-001 TRITON Malware Remains Threat to Global Critical Infrastructure Industrial Control Systems (ICS)
Triton
2022-03-17IC3FINCEN, FBI, U.S. Department of the Treasury
@techreport{fincen:20220317:indicators:4c36c4d, author = {FINCEN and FBI and U.S. Department of the Treasury}, title = {{Indicators of Compromise Associated with AvosLocker Ransomware}}, date = {2022-03-17}, institution = {IC3}, url = {https://www.ic3.gov/Media/News/2022/220318.pdf}, language = {English}, urldate = {2022-03-22} } Indicators of Compromise Associated with AvosLocker Ransomware
Avoslocker AvosLocker
2022-03-09The RegisterJessica Lyons Hardcastle
@online{hardcastle:20220309:ragnar:0c09884, author = {Jessica Lyons Hardcastle}, title = {{Ragnar ransomware gang hit 52 critical US orgs, says FBI}}, date = {2022-03-09}, organization = {The Register}, url = {https://www.theregister.com/2022/03/09/fbi_says_ragnar_locker_ransomware/}, language = {English}, urldate = {2022-03-10} } Ragnar ransomware gang hit 52 critical US orgs, says FBI
RagnarLocker
2022-03-09CywareCyware
@online{cyware:20220309:ragnar:21beccd, author = {Cyware}, title = {{Ragnar Locker Breached 52 Organizations and Counting, FBI Warns}}, date = {2022-03-09}, organization = {Cyware}, url = {https://cyware.com/news/ragnar-locker-breached-52-organizations-and-counting-fbi-warns-0588d220/}, language = {English}, urldate = {2022-03-10} } Ragnar Locker Breached 52 Organizations and Counting, FBI Warns
RagnarLocker
2022-03-07Bleeping ComputerSergiu Gatlan
@online{gatlan:20220307:fbi:37b1274, author = {Sergiu Gatlan}, title = {{FBI: Ransomware gang breached 52 US critical infrastructure orgs}}, date = {2022-03-07}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/fbi-ransomware-gang-breached-52-us-critical-infrastructure-orgs/}, language = {English}, urldate = {2022-03-08} } FBI: Ransomware gang breached 52 US critical infrastructure orgs
RagnarLocker
2022-03-07FBIFBI
@techreport{fbi:20220307:fbi:c8c1b8f, author = {FBI}, title = {{FBI Flash CU-000163-MW: RagnarLocker Ransomware Indicators of Compromise}}, date = {2022-03-07}, institution = {FBI}, url = {https://www.ic3.gov/Media/News/2022/220307.pdf}, language = {English}, urldate = {2022-03-08} } FBI Flash CU-000163-MW: RagnarLocker Ransomware Indicators of Compromise
RagnarLocker
2022-02-26CISACISA, FBI
@techreport{cisa:20220226:destructive:be5862b, author = {CISA and FBI}, title = {{Destructive Malware Targeting Organizations in Ukraine}}, date = {2022-02-26}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-057A_Destructive_Malware_Targeting_Organizations_in_Ukraine.pdf}, language = {English}, urldate = {2022-03-01} } Destructive Malware Targeting Organizations in Ukraine
HermeticWiper WhisperGate
2022-02-24FBI, CISA, CNMF, NCSC UK
@online{fbi:20220224:alert:f9ae76b, author = {FBI and CISA and CNMF and NCSC UK}, title = {{Alert (AA22-055A) Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks}}, date = {2022-02-24}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-055a}, language = {English}, urldate = {2022-03-01} } Alert (AA22-055A) Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks
POWERSTATS PowGoop MoriAgent
2022-02-24FBI, CISA, CNMF, NCSC UK, NSA
@techreport{fbi:20220224:iranian:9117e42, author = {FBI and CISA and CNMF and NCSC UK and NSA}, title = {{Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks}}, date = {2022-02-24}, institution = {}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-055A_Iranian_Government-Sponsored_Actors_Conduct_Cyber_Operations.pdf}, language = {English}, urldate = {2022-03-01} } Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks
POWERSTATS PowGoop GRAMDOOR MoriAgent
2022-02-23CISA, NCSC UK, FBI, NSA
@techreport{cisa:20220223:advisory:56f6379, author = {CISA and NCSC UK and FBI and NSA}, title = {{Advisory: New Sandworm malware Cyclops Blink replaces VPNFilter}}, date = {2022-02-23}, institution = {}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-054A%20New%20Sandworm%20Malware%20Cyclops%20Blink%20Replaces%20VPN%20Filter.pdf}, language = {English}, urldate = {2022-02-26} } Advisory: New Sandworm malware Cyclops Blink replaces VPNFilter
VPNFilter