Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-02-23CISA, NCSC UK, FBI, NSA
@techreport{cisa:20220223:advisory:56f6379, author = {CISA and NCSC UK and FBI and NSA}, title = {{Advisory: New Sandworm malware Cyclops Blink replaces VPNFilter}}, date = {2022-02-23}, institution = {}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-054A%20New%20Sandworm%20Malware%20Cyclops%20Blink%20Replaces%20VPN%20Filter.pdf}, language = {English}, urldate = {2022-02-26} } Advisory: New Sandworm malware Cyclops Blink replaces VPNFilter
VPNFilter
2022-02-23CISACISA
@online{cisa:20220223:alert:3e2924e, author = {CISA}, title = {{Alert (AA22-054A) New Sandworm Malware Cyclops Blink Replaces VPNFilter}}, date = {2022-02-23}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-054a}, language = {English}, urldate = {2022-02-26} } Alert (AA22-054A) New Sandworm Malware Cyclops Blink Replaces VPNFilter
CyclopsBlink VPNFilter
2022-02-16CISAUS-CERT, NSA, FBI
@online{uscert:20220216:alert:8b4e4d2, author = {US-CERT and NSA and FBI}, title = {{Alert (AA22-047A) Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology}}, date = {2022-02-16}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-047a}, language = {English}, urldate = {2022-02-19} } Alert (AA22-047A) Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology
2022-02-09CISACISA, FBI, NSA, Australian Cyber Security Centre (ACSC), NCSC UK
@techreport{cisa:20220209:alert:be2567f, author = {CISA and FBI and NSA and Australian Cyber Security Centre (ACSC) and NCSC UK}, title = {{Alert (AA22-040A) 2021 Trends Show Increased Globalized Threat of Ransomware}}, date = {2022-02-09}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-040A_2021_Trends_Show_Increased_Globalized_Threat_of_Ransomware_508.pdf}, language = {English}, urldate = {2022-04-07} } Alert (AA22-040A) 2021 Trends Show Increased Globalized Threat of Ransomware
2022-02-09FBI, NSA, CISA, Australian Cyber Security Centre (ACSC), United Kingdom’s National Cyber Security Centre (NCSC-UK)
@techreport{fbi:20220209:2021:df515ea, author = {FBI and NSA and CISA and Australian Cyber Security Centre (ACSC) and United Kingdom’s National Cyber Security Centre (NCSC-UK)}, title = {{2021 Trends Show Increased Globalized Threat of Ransomware}}, date = {2022-02-09}, institution = {}, url = {https://www.ncsc.gov.uk/files/2021%20Trends%20show%20increased%20globalised%20threat%20of%20ransomware.pdf}, language = {English}, urldate = {2022-04-05} } 2021 Trends Show Increased Globalized Threat of Ransomware
2022-01-31CrowdStrikeSarang Sonawane, Liviu Arsene
@online{sonawane:20220131:crowdstrike:1fd4945, author = {Sarang Sonawane and Liviu Arsene}, title = {{CrowdStrike Falcon Proactively Protects Against Wiper Malware as CISA Warns U.S. Companies of Potential Attacks}}, date = {2022-01-31}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-crowdstrike-protects-against-data-wiping-malware/}, language = {English}, urldate = {2022-02-02} } CrowdStrike Falcon Proactively Protects Against Wiper Malware as CISA Warns U.S. Companies of Potential Attacks
WhisperGate
2022-01-11CISACISA, FBI, NSA
@techreport{cisa:20220111:understanding:aae8b36, author = {CISA and FBI and NSA}, title = {{Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure}}, date = {2022-01-11}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-011A_Joint_CSA_Understanding_and_Mitigating%20_Russian_Cyber_Threats_to_US_Critical_Infrastructure_TLP-WHITE_01-10-22_v1.pdf}, language = {English}, urldate = {2022-04-07} } Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
2022-01-11CISA, FBI, NSA
@techreport{cisa:20220111:understanding:07bbdcf, author = {CISA and FBI and NSA}, title = {{Understanding and Mitigating Russian State- Sponsored Cyber Threats to U.S. Critical Infrastructure}}, date = {2022-01-11}, institution = {}, url = {https://media.defense.gov/2022/Jan/11/2002919950/-1/-1/1/JOINT_CSA_UNDERSTANDING_MITIGATING_RUSSIAN_CYBER_THREATS_TO_US_CRITICAL_INFRASTRUCTURE_20220111.PDF}, language = {English}, urldate = {2022-01-18} } Understanding and Mitigating Russian State- Sponsored Cyber Threats to U.S. Critical Infrastructure
2021-12-22CISACISA, FBI, NSA, Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), Computer Emergency Response Team New Zealand (CERT NZ), New Zealand National Cyber Security Centre (NZ NCSC), United Kingdom’s National Cyber Security Centre (NCSC-UK)
@online{cisa:20211222:alert:635c59b, author = {CISA and FBI and NSA and Australian Cyber Security Centre (ACSC) and Canadian Centre for Cyber Security (CCCS) and Computer Emergency Response Team New Zealand (CERT NZ) and New Zealand National Cyber Security Centre (NZ NCSC) and United Kingdom’s National Cyber Security Centre (NCSC-UK)}, title = {{Alert (AA21-356A) Mitigating Log4Shell and Other Log4j-Related Vulnerabilities}}, date = {2021-12-22}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa21-356a}, language = {English}, urldate = {2021-12-23} } Alert (AA21-356A) Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
2021-12-02CISAUS-CERT
@online{uscert:20211202:alert:ac0edaf, author = {US-CERT}, title = {{Alert (AA21-336A): APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus}}, date = {2021-12-02}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-336a}, language = {English}, urldate = {2021-12-07} } Alert (AA21-336A): APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus
KDC Sponge NGLite
2021-11-17CISAFBI, CISA, Australian Cyber Security Centre (ACSC), NCSC UK
@techreport{fbi:20211117:alert:e4ba10a, author = {FBI and CISA and Australian Cyber Security Centre (ACSC) and NCSC UK}, title = {{Alert (AA21-321A): Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities}}, date = {2021-11-17}, institution = {CISA}, url = {https://us-cert.cisa.gov/sites/default/files/publications/AA21-321A-Iranian%20Government-Sponsored%20APT%20Actors%20Exploiting%20Microsoft%20Exchange%20and%20Fortinet%20Vulnerabilities.pdf}, language = {English}, urldate = {2022-01-03} } Alert (AA21-321A): Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
2021-11-17CISACISA
@techreport{cisa:20211117:cybersecurity:28e0ecc, author = {CISA}, title = {{Cybersecurity Incident & Vulnerability Response Playbooks}}, date = {2021-11-17}, institution = {CISA}, url = {https://www.cisa.gov/sites/default/files/publications/Federal_Government_Cybersecurity_Incident_and_Vulnerability_Response_Playbooks_508C.pdf}, language = {English}, urldate = {2021-11-19} } Cybersecurity Incident & Vulnerability Response Playbooks
2021-10-18CISAUS-CERT
@online{uscert:20211018:alert:5701532, author = {US-CERT}, title = {{Alert (AA21-291A): BlackMatter Ransomware}}, date = {2021-10-18}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-291a}, language = {English}, urldate = {2021-10-24} } Alert (AA21-291A): BlackMatter Ransomware
BlackMatter BlackMatter
2021-10-14CISAUS-CERT
@online{uscert:20211014:alert:56cfcda, author = {US-CERT}, title = {{Alert (AA21-287A) Ongoing Cyber Threats to U.S. Water and Wastewater Systems}}, date = {2021-10-14}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-287a}, language = {English}, urldate = {2021-10-25} } Alert (AA21-287A) Ongoing Cyber Threats to U.S. Water and Wastewater Systems
2021-09-22CISAUS-CERT
@online{uscert:20210922:alert:50b9d38, author = {US-CERT}, title = {{Alert (AA21-265A) Conti Ransomware}}, date = {2021-09-22}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-265a}, language = {English}, urldate = {2021-10-05} } Alert (AA21-265A) Conti Ransomware
Cobalt Strike Conti
2021-09-16CISAUS-CERT
@online{uscert:20210916:actors:ee20adf, author = {US-CERT}, title = {{APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus}}, date = {2021-09-16}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-259a}, language = {English}, urldate = {2021-09-19} } APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus
2021-07-28CISACISA, Australian Cyber Security Centre (ACSC), NCSC UK, FBI
@online{cisa:20210728:top:78a1031, author = {CISA and Australian Cyber Security Centre (ACSC) and NCSC UK and FBI}, title = {{Top Routinely Exploited Vulnerabilities}}, date = {2021-07-28}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-209a}, language = {English}, urldate = {2021-07-29} } Top Routinely Exploited Vulnerabilities
2021-07-21CISAUS-CERT
@online{uscert:20210721:malware:d7afb6d, author = {US-CERT}, title = {{Malware Targeting Pulse Secure Devices}}, date = {2021-07-21}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/current-activity/2021/07/21/malware-targeting-pulse-secure-devices}, language = {English}, urldate = {2021-07-22} } Malware Targeting Pulse Secure Devices
2021-07-20CISAUS-CERT
@online{uscert:20210720:alert:e6916fe, author = {US-CERT}, title = {{Alert (AA21-201A): Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013}}, date = {2021-07-20}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-201a}, language = {English}, urldate = {2021-07-26} } Alert (AA21-201A): Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013
2021-07-19CISACISA
@online{cisa:20210719:alert:bc070a7, author = {CISA}, title = {{Alert (AA21-200B): Chinese State-Sponsored Cyber Operations: Observed TTPs}}, date = {2021-07-19}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-200b}, language = {English}, urldate = {2021-07-22} } Alert (AA21-200B): Chinese State-Sponsored Cyber Operations: Observed TTPs
APT40