Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-04-15NSA, CISA, FBI
@techreport{nsa:20210415:russian:9c18f60, author = {NSA and CISA and FBI}, title = {{Russian SVR Targets U.S. and Allied Networks}}, date = {2021-04-15}, institution = {}, url = {https://media.defense.gov/2021/Apr/15/2002621240/-1/-1/0/CSA_SVR_TARGETS_US_ALLIES_UOO13234021.PDF/CSA_SVR_TARGETS_US_ALLIES_UOO13234021.PDF_US_ALLIES_UOO13234021.PDF}, language = {English}, urldate = {2021-04-16} } Russian SVR Targets U.S. and Allied Networks
2021-04-15CISAUS-CERT
@online{uscert:20210415:malware:27f4af4, author = {US-CERT}, title = {{Malware Analysis Report (AR21-105A): SUNSHUTTLE}}, date = {2021-04-15}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-105a}, language = {English}, urldate = {2021-04-16} } Malware Analysis Report (AR21-105A): SUNSHUTTLE
GoldMax
2021-04-12CISAUS-CERT
@online{uscert:20210412:analysis:5c10e58, author = {US-CERT}, title = {{Analysis Report (AR21-102B): DearCry Ransomware}}, date = {2021-04-12}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-102b}, language = {English}, urldate = {2021-04-16} } Analysis Report (AR21-102B): DearCry Ransomware
dearcry
2021-04-06CISAUS-CERT
@online{uscert:20210406:malicious:8bc78d2, author = {US-CERT}, title = {{Malicious Cyber Activity Targeting Critical SAP Applications}}, date = {2021-04-06}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/current-activity/2021/04/06/malicious-cyber-activity-targeting-critical-sap-applications}, language = {English}, urldate = {2021-04-06} } Malicious Cyber Activity Targeting Critical SAP Applications
2021-04-02CISA, FBI
@techreport{cisa:20210402:joint:cc385f7, author = {CISA and FBI}, title = {{Joint CSA AA21-092A: APT Actors Exploit Vulnerabilitiesto Gain Initial Access for Future Attacks}}, date = {2021-04-02}, institution = {}, url = {https://www.ic3.gov/Media/News/2021/210402.pdf}, language = {English}, urldate = {2021-04-06} } Joint CSA AA21-092A: APT Actors Exploit Vulnerabilitiesto Gain Initial Access for Future Attacks
2021-03-18Github (cisagov)CISA
@online{cisa:20210318:cisa:49f510f, author = {CISA}, title = {{CISA Hunt and Incident Response Program (CHIRP)}}, date = {2021-03-18}, organization = {Github (cisagov)}, url = {https://github.com/cisagov/CHIRP}, language = {English}, urldate = {2021-03-19} } CISA Hunt and Incident Response Program (CHIRP)
SUNBURST
2021-03-18CISAUS-CERT
@online{uscert:20210318:alert:bff148c, author = {US-CERT}, title = {{Alert (AA21-077A): Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool}}, date = {2021-03-18}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-077a}, language = {English}, urldate = {2021-03-19} } Alert (AA21-077A): Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool
SUNBURST
2021-03-17CISAUS-CERT
@techreport{uscert:20210317:solarwinds:3d7860a, author = {US-CERT}, title = {{SolarWinds and Active Directory/M365 Compromise: Detecting Advanced Persistent Threat Activity from Known Tactics, Techniques, and Procedures}}, date = {2021-03-17}, institution = {CISA}, url = {https://us-cert.cisa.gov/sites/default/files/publications/SolarWinds_and_AD-M365_Compromise-Detecting_APT_Activity_from_Known_TTPs.pdf}, language = {English}, urldate = {2021-03-19} } SolarWinds and Active Directory/M365 Compromise: Detecting Advanced Persistent Threat Activity from Known Tactics, Techniques, and Procedures
SUNBURST
2021-03-17CISAUS-CERT
@online{uscert:20210317:alert:5d25361, author = {US-CERT}, title = {{Alert (AA21-076A): TrickBot Malware}}, date = {2021-03-17}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-076a}, language = {English}, urldate = {2021-03-19} } Alert (AA21-076A): TrickBot Malware
TrickBot
2021-03-16Department of Homeland SecurityDepartment of Justice, Department of Homeland Security, CISA
@techreport{justice:20210316:foreign:fe59715, author = {Department of Justice and Department of Homeland Security and CISA}, title = {{Foreign Interference Targeting Election Infrastructure or Political Organization, Campaign, or Candidate InfrastructureRelated to the 2020 US Related to the 2020 US Federal Elections}}, date = {2021-03-16}, institution = {Department of Homeland Security}, url = {https://www.dhs.gov/sites/default/files/publications/21_0311_key-findings-and-recommendations-related-to-2020-elections_0.pdf}, language = {English}, urldate = {2021-03-19} } Foreign Interference Targeting Election Infrastructure or Political Organization, Campaign, or Candidate InfrastructureRelated to the 2020 US Related to the 2020 US Federal Elections
2021-03-10FBIFBI, CISA
@techreport{fbi:20210310:compromise:8ad3a9c, author = {FBI and CISA}, title = {{Compromise of Microsoft Exchange Server}}, date = {2021-03-10}, institution = {FBI}, url = {https://www.ic3.gov/Media/News/2021/210310.pdf}, language = {English}, urldate = {2021-03-12} } Compromise of Microsoft Exchange Server
2021-03-10US-CERTCISA
@online{cisa:20210310:remediating:23bf74d, author = {CISA}, title = {{Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise}}, date = {2021-03-10}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/remediating-apt-compromised-networks}, language = {English}, urldate = {2021-03-12} } Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise
SUNBURST
2021-03-03CISAUS-CERT
@online{uscert:20210303:mitigate:556c160, author = {US-CERT}, title = {{Mitigate Microsoft Exchange On-Premises Product Vulnerabilities}}, date = {2021-03-03}, organization = {CISA}, url = {https://www.cisa.gov/ed2102}, language = {English}, urldate = {2021-03-19} } Mitigate Microsoft Exchange On-Premises Product Vulnerabilities
2021-03-03CISACISA
@online{cisa:20210303:alert:c05160a, author = {CISA}, title = {{Alert (AA21-062A): Mitigate Microsoft Exchange Server Vulnerabilities}}, date = {2021-03-03}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-062a}, language = {English}, urldate = {2021-03-10} } Alert (AA21-062A): Mitigate Microsoft Exchange Server Vulnerabilities
HAFNIUM
2021-02-24US-CERTUS-CERT, CISA
@online{uscert:20210224:malware:a4ab797, author = {US-CERT and CISA}, title = {{Malware Analysis Report (AR21-055A): Accellion FTA}}, date = {2021-02-24}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-055a}, language = {English}, urldate = {2021-02-25} } Malware Analysis Report (AR21-055A): Accellion FTA
DEWMODE
2021-02-24US-CERTUS-CERT, CISA
@online{uscert:20210224:alert:2a6aea5, author = {US-CERT and CISA}, title = {{Alert (AA21-055A): Exploitation of Accellion File Transfer Appliance}}, date = {2021-02-24}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-055a}, language = {English}, urldate = {2021-02-25} } Alert (AA21-055A): Exploitation of Accellion File Transfer Appliance
2021-02-17US-CERTCISA
@online{cisa:20210217:malware:5fa5db6, author = {CISA}, title = {{Malware Analysis Report (AR21-048C): AppleJeus: Union Crypto}}, date = {2021-02-17}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-048c}, language = {English}, urldate = {2021-02-20} } Malware Analysis Report (AR21-048C): AppleJeus: Union Crypto
AppleJeus AppleJeus
2021-02-17US-CERTCISA
@online{cisa:20210217:malware:47648b1, author = {CISA}, title = {{Malware Analysis Report (AR21-048G): AppleJeus: Ants2Whale}}, date = {2021-02-17}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-048g}, language = {English}, urldate = {2021-02-20} } Malware Analysis Report (AR21-048G): AppleJeus: Ants2Whale
AppleJeus AppleJeus
2021-02-17US-CERTCISA
@online{cisa:20210217:malware:59e2d5d, author = {CISA}, title = {{Malware Analysis Report (AR21-048D): AppleJeus: Kupay Wallet}}, date = {2021-02-17}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-048d}, language = {English}, urldate = {2021-02-20} } Malware Analysis Report (AR21-048D): AppleJeus: Kupay Wallet
AppleJeus AppleJeus
2021-02-17US-CERTCISA
@online{cisa:20210217:malware:5113e30, author = {CISA}, title = {{Malware Analysis Report (AR21-048E): AppleJeus: CoinGoTrade}}, date = {2021-02-17}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-048e}, language = {English}, urldate = {2021-02-20} } Malware Analysis Report (AR21-048E): AppleJeus: CoinGoTrade
AppleJeus AppleJeus