Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-07CISACISA
@techreport{cisa:20230907:multiple:e867413, author = {CISA}, title = {{Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475}}, date = {2023-09-07}, institution = {CISA}, url = {https://www.cisa.gov/sites/default/files/2023-09/aa23-250a-apt-actors-exploit-cve-2022-47966-and-cve-2022-42475.pdf}, language = {English}, urldate = {2023-09-11} } Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475
Meterpreter MimiKatz
2023-09-07CISACISA
@online{cisa:20230907:mar10454006r5v1:3dce99f, author = {CISA}, title = {{MAR-10454006.r5.v1 SUBMARINE, SKIPJACK, SEASPRAY, WHIRLPOOL, and SALTWATER Backdoors}}, date = {2023-09-07}, organization = {CISA}, url = {https://www.cisa.gov/news-events/analysis-reports/ar23-250a-0}, language = {English}, urldate = {2023-09-08} } MAR-10454006.r5.v1 SUBMARINE, SKIPJACK, SEASPRAY, WHIRLPOOL, and SALTWATER Backdoors
WHIRLPOOL
2023-07-28CISACISA
@online{cisa:20230728:cisa:6c1a592, author = {CISA}, title = {{CISA Releases Malware Analysis Reports on Barracuda Backdoors}}, date = {2023-07-28}, organization = {CISA}, url = {https://www.cisa.gov/news-events/alerts/2023/07/28/cisa-releases-malware-analysis-reports-barracuda-backdoors}, language = {English}, urldate = {2023-07-31} } CISA Releases Malware Analysis Reports on Barracuda Backdoors
SEASPY
2023-07-28CISACISA
@online{cisa:20230728:mar10454006r2v1:eac60db, author = {CISA}, title = {{MAR-10454006-r2.v1 SEASPY Backdoor}}, date = {2023-07-28}, organization = {CISA}, url = {https://www.cisa.gov/news-events/analysis-reports/ar23-209b}, language = {English}, urldate = {2023-07-31} } MAR-10454006-r2.v1 SEASPY Backdoor
SEASPY
2023-07-28CISA
@online{cisa:20230728:mar10454006r1v2:4a6a9c8, author = {CISA}, title = {{MAR-10454006-r1.v2 SUBMARINE Backdoor}}, date = {2023-07-28}, url = {https://www.cisa.gov/news-events/analysis-reports/ar23-209a}, language = {English}, urldate = {2023-07-31} } MAR-10454006-r1.v2 SUBMARINE Backdoor
2023-07-06CISACISA
@online{cisa:20230706:increased:7ff9690, author = {CISA}, title = {{Increased Truebot Activity Infects U.S. and Canada Based Networks}}, date = {2023-07-06}, organization = {CISA}, url = {https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-187a}, language = {English}, urldate = {2023-07-08} } Increased Truebot Activity Infects U.S. and Canada Based Networks
Silence
2023-06-14CISAFBI, MS-ISAC, Australian Cyber Security Centre (ACSC), Bundesamt für Sicherheit in der Informationstechnik (BSI), NCSC UK, Canadian Centre for Cyber Security (CCCS), ANSSI, CERT NZ, New Zealand National Cyber Security Centre (NZ NCSC)
@techreport{fbi:20230614:understanding:05abf47, author = {FBI and MS-ISAC and Australian Cyber Security Centre (ACSC) and Bundesamt für Sicherheit in der Informationstechnik (BSI) and NCSC UK and Canadian Centre for Cyber Security (CCCS) and ANSSI and CERT NZ and New Zealand National Cyber Security Centre (NZ NCSC)}, title = {{Understanding Ransomware Threat Actors: Lockbit}}, date = {2023-06-14}, institution = {CISA}, url = {https://www.cisa.gov/sites/default/files/2023-06/aa23-165a_understanding_TA_LockBit_0.pdf}, language = {English}, urldate = {2023-06-19} } Understanding Ransomware Threat Actors: Lockbit
LockBit
2023-05-24CISACISA
@online{cisa:20230524:aa23144a:ea45fbb, author = {CISA}, title = {{AA23-144a: People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection}}, date = {2023-05-24}, organization = {CISA}, url = {https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-144a}, language = {English}, urldate = {2023-05-26} } AA23-144a: People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection
2023-05-09CISACISA
@online{cisa:20230509:hunting:eee110d, author = {CISA}, title = {{Hunting Russian Intelligence “Snake” Malware}}, date = {2023-05-09}, organization = {CISA}, url = {https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-129a}, language = {English}, urldate = {2023-05-10} } Hunting Russian Intelligence “Snake” Malware
Agent.BTZ Cobra Carbon System Uroburos
2023-04-18NCSC UKNCSC UK, CISA, FBI, NSA
@techreport{uk:20230418:apt28:f50b70e, author = {NCSC UK and CISA and FBI and NSA}, title = {{APT28 exploits known vulnerability to carry out reconnaissance and deploy malware on Cisco routers}}, date = {2023-04-18}, institution = {NCSC UK}, url = {https://www.ncsc.gov.uk/files/Advisory_APT28-exploits-known-vulnerability.pdf}, language = {English}, urldate = {2023-04-22} } APT28 exploits known vulnerability to carry out reconnaissance and deploy malware on Cisco routers
2023-03-09VulnCheckJacob Baines
@online{baines:20230309:vulncheck:55f2b21, author = {Jacob Baines}, title = {{The VulnCheck 2022 Exploited Vulnerability Report - Missing CISA KEV Catalog Entries}}, date = {2023-03-09}, organization = {VulnCheck}, url = {https://vulncheck.com/blog/2022-missing-kev-report}, language = {English}, urldate = {2023-03-13} } The VulnCheck 2022 Exploited Vulnerability Report - Missing CISA KEV Catalog Entries
2023-03-02CISACISA
@online{cisa:20230302:stopransomware:09958a9, author = {CISA}, title = {{#StopRansomware: Royal Ransomware}}, date = {2023-03-02}, organization = {CISA}, url = {https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-061a}, language = {English}, urldate = {2023-03-04} } #StopRansomware: Royal Ransomware
Royal Ransom Royal Ransom
2023-02-09NSA, FBI, CISA, HHS, ROK, DSA
@techreport{nsa:20230209:stopransomware:87d3a94, author = {NSA and FBI and CISA and HHS and ROK and DSA}, title = {{#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities}}, date = {2023-02-09}, institution = {}, url = {https://media.defense.gov/2023/Feb/09/2003159161/-1/-1/0/CSA_RANSOMWARE_ATTACKS_ON_CI_FUND_DPRK_ACTIVITIES.PDF}, language = {English}, urldate = {2023-08-25} } #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Dtrack MagicRAT Maui Ransomware SiennaBlue SiennaPurple Tiger RAT YamaBot
2022-12-01CISACISA
@techreport{cisa:20221201:stopransomware:de73b79, author = {CISA}, title = {{#StopRansomware: Cuba Ransomware}}, date = {2022-12-01}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/aa22-335a-stopransomware-cuba-ransomware.pdf}, language = {English}, urldate = {2022-12-02} } #StopRansomware: Cuba Ransomware
Cuba
2022-10-21CISAUS-CERT, HHS, FBI
@online{uscert:20221021:alert:6acb015, author = {US-CERT and HHS and FBI}, title = {{Alert (AA22-294A) #StopRansomware: Daixin Team}}, date = {2022-10-21}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-294a}, language = {English}, urldate = {2022-10-24} } Alert (AA22-294A) #StopRansomware: Daixin Team
2022-10-06CISAUS-CERT, NSA, FBI
@online{uscert:20221006:alert:07aeb24, author = {US-CERT and NSA and FBI}, title = {{Alert (AA22-279A) Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors}}, date = {2022-10-06}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-279a}, language = {English}, urldate = {2022-10-19} } Alert (AA22-279A) Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors
2022-10-04CISAUS-CERT
@online{uscert:20221004:alert:0011858, author = {US-CERT}, title = {{Alert (AA22-277A) Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization}}, date = {2022-10-04}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-277a}, language = {English}, urldate = {2022-10-19} } Alert (AA22-277A) Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization
2022-09-22CISAUS-CERT, NSA
@online{uscert:20220922:alert:8d8a111, author = {US-CERT and NSA}, title = {{Alert (AA22-265A) Control System Defense: Know the Opponent}}, date = {2022-09-22}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-265a}, language = {English}, urldate = {2022-10-19} } Alert (AA22-265A) Control System Defense: Know the Opponent
2022-09-21CISAFBI, CISA
@techreport{fbi:20220921:aa22264a:9ac5793, author = {FBI and CISA}, title = {{AA22-264A: Iranian State Actors Conduct Cyber Operations Against the Government of Albania (PDF)}}, date = {2022-09-21}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/aa22-264a-iranian-cyber-actors-conduct-cyber-operations-against-the-government-of-albania.pdf}, language = {English}, urldate = {2022-09-26} } AA22-264A: Iranian State Actors Conduct Cyber Operations Against the Government of Albania (PDF)
Unidentified 095 (Iranian Wiper)
2022-09-21CISAFBI, CISA
@online{fbi:20220921:alert:215e4f3, author = {FBI and CISA}, title = {{Alert (AA22-264A) Iranian State Actors Conduct Cyber Operations Against the Government of Albania}}, date = {2022-09-21}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-264a}, language = {English}, urldate = {2022-09-26} } Alert (AA22-264A) Iranian State Actors Conduct Cyber Operations Against the Government of Albania
Unidentified 095 (Iranian Wiper)