Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-08-29FBIFBI
@online{fbi:20230829:fbi:808169e, author = {FBI}, title = {{FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown}}, date = {2023-08-29}, organization = {FBI}, url = {https://www.fbi.gov/news/stories/fbi-partners-dismantle-qakbot-infrastructure-in-multinational-cyber-takedown}, language = {English}, urldate = {2023-08-30} } FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown
QakBot
2023-08-22FBIFBI
@online{fbi:20230822:fbi:d2626af, author = {FBI}, title = {{FBI Identifies Cryptocurrency Funds Stolen by DPRK}}, date = {2023-08-22}, organization = {FBI}, url = {https://www.fbi.gov/news/press-releases/fbi-identifies-cryptocurrency-funds-stolen-by-dprk}, language = {English}, urldate = {2023-08-25} } FBI Identifies Cryptocurrency Funds Stolen by DPRK
2023-06-14CISAFBI, MS-ISAC, Australian Cyber Security Centre (ACSC), Bundesamt für Sicherheit in der Informationstechnik (BSI), NCSC UK, Canadian Centre for Cyber Security (CCCS), ANSSI, CERT NZ, New Zealand National Cyber Security Centre (NZ NCSC)
@techreport{fbi:20230614:understanding:05abf47, author = {FBI and MS-ISAC and Australian Cyber Security Centre (ACSC) and Bundesamt für Sicherheit in der Informationstechnik (BSI) and NCSC UK and Canadian Centre for Cyber Security (CCCS) and ANSSI and CERT NZ and New Zealand National Cyber Security Centre (NZ NCSC)}, title = {{Understanding Ransomware Threat Actors: Lockbit}}, date = {2023-06-14}, institution = {CISA}, url = {https://www.cisa.gov/sites/default/files/2023-06/aa23-165a_understanding_TA_LockBit_0.pdf}, language = {English}, urldate = {2023-06-19} } Understanding Ransomware Threat Actors: Lockbit
LockBit
2023-04-18NCSC UKNCSC UK, CISA, FBI, NSA
@techreport{uk:20230418:apt28:f50b70e, author = {NCSC UK and CISA and FBI and NSA}, title = {{APT28 exploits known vulnerability to carry out reconnaissance and deploy malware on Cisco routers}}, date = {2023-04-18}, institution = {NCSC UK}, url = {https://www.ncsc.gov.uk/files/Advisory_APT28-exploits-known-vulnerability.pdf}, language = {English}, urldate = {2023-04-22} } APT28 exploits known vulnerability to carry out reconnaissance and deploy malware on Cisco routers
2023-03-16IntegoJoshua Long
@online{long:20230316:fbi:71dd0c3, author = {Joshua Long}, title = {{FBI shuts down 11-year-old NetWire RAT malware}}, date = {2023-03-16}, organization = {Intego}, url = {https://www.intego.com/mac-security-blog/fbi-shuts-down-11-year-old-netwire-rat-malware/}, language = {English}, urldate = {2023-07-24} } FBI shuts down 11-year-old NetWire RAT malware
NetWire
2023-03-10The RegisterJessica Lyons Hardcastle
@online{hardcastle:20230310:fbi:f026768, author = {Jessica Lyons Hardcastle}, title = {{FBI and international cops catch a NetWire RAT}}, date = {2023-03-10}, organization = {The Register}, url = {https://www.theregister.com/2023/03/10/fbi_netwire_seizure/}, language = {English}, urldate = {2023-03-13} } FBI and international cops catch a NetWire RAT
NetWire RC
2023-02-09NSA, FBI, CISA, HHS, ROK, DSA
@techreport{nsa:20230209:stopransomware:87d3a94, author = {NSA and FBI and CISA and HHS and ROK and DSA}, title = {{#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities}}, date = {2023-02-09}, institution = {}, url = {https://media.defense.gov/2023/Feb/09/2003159161/-1/-1/0/CSA_RANSOMWARE_ATTACKS_ON_CI_FUND_DPRK_ACTIVITIES.PDF}, language = {English}, urldate = {2023-08-25} } #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Dtrack MagicRAT Maui Ransomware SiennaBlue SiennaPurple Tiger RAT YamaBot
2023-01-23FBIFBI National Press Office
@online{office:20230123:fbi:172d0d8, author = {FBI National Press Office}, title = {{FBI Confirms Lazarus Group Cyber Actors Responsible for Harmony's Horizon Bridge Currency Theft}}, date = {2023-01-23}, organization = {FBI}, url = {https://www.fbi.gov/news/press-releases/fbi-confirms-lazarus-group-apt38-cyber-actors-responsible-for-harmonys-horizon-bridge-currency-theft}, language = {English}, urldate = {2023-01-25} } FBI Confirms Lazarus Group Cyber Actors Responsible for Harmony's Horizon Bridge Currency Theft
2022-10-21CISAUS-CERT, HHS, FBI
@online{uscert:20221021:alert:6acb015, author = {US-CERT and HHS and FBI}, title = {{Alert (AA22-294A) #StopRansomware: Daixin Team}}, date = {2022-10-21}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-294a}, language = {English}, urldate = {2022-10-24} } Alert (AA22-294A) #StopRansomware: Daixin Team
2022-10-06CISAUS-CERT, NSA, FBI
@online{uscert:20221006:alert:07aeb24, author = {US-CERT and NSA and FBI}, title = {{Alert (AA22-279A) Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors}}, date = {2022-10-06}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-279a}, language = {English}, urldate = {2022-10-19} } Alert (AA22-279A) Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors
2022-09-21CISAFBI, CISA
@techreport{fbi:20220921:aa22264a:9ac5793, author = {FBI and CISA}, title = {{AA22-264A: Iranian State Actors Conduct Cyber Operations Against the Government of Albania (PDF)}}, date = {2022-09-21}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/aa22-264a-iranian-cyber-actors-conduct-cyber-operations-against-the-government-of-albania.pdf}, language = {English}, urldate = {2022-09-26} } AA22-264A: Iranian State Actors Conduct Cyber Operations Against the Government of Albania (PDF)
Unidentified 095 (Iranian Wiper)
2022-09-21CISAFBI, CISA
@online{fbi:20220921:alert:215e4f3, author = {FBI and CISA}, title = {{Alert (AA22-264A) Iranian State Actors Conduct Cyber Operations Against the Government of Albania}}, date = {2022-09-21}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-264a}, language = {English}, urldate = {2022-09-26} } Alert (AA22-264A) Iranian State Actors Conduct Cyber Operations Against the Government of Albania
Unidentified 095 (Iranian Wiper)
2022-09-14CISAFBI, US-CERT, NSA, U.S. Cyber Command, U.S. Department of the Treasury, Australian Cyber Security Centre (ACSC), CSE Canada, NCSC UK
@online{fbi:20220914:alert:c9a3789, author = {FBI and US-CERT and NSA and U.S. Cyber Command and U.S. Department of the Treasury and Australian Cyber Security Centre (ACSC) and CSE Canada and NCSC UK}, title = {{Alert (AA22-257A): Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations}}, date = {2022-09-14}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-257a}, language = {English}, urldate = {2022-09-20} } Alert (AA22-257A): Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations
2022-09-06CISAUS-CERT, FBI, CISA, MS-ISAC
@online{uscert:20220906:alert:4058a6d, author = {US-CERT and FBI and CISA and MS-ISAC}, title = {{Alert (AA22-249A) #StopRansomware: Vice Society}}, date = {2022-09-06}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-249a}, language = {English}, urldate = {2022-09-16} } Alert (AA22-249A) #StopRansomware: Vice Society
Cobalt Strike Empire Downloader FiveHands HelloKitty SystemBC Zeppelin
2022-08-11CISACISA, FBI
@online{cisa:20220811:alert:d9f4fc0, author = {CISA and FBI}, title = {{Alert (AA22-223A) #StopRansomware: Zeppelin Ransomware}}, date = {2022-08-11}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-223a}, language = {English}, urldate = {2022-08-12} } Alert (AA22-223A) #StopRansomware: Zeppelin Ransomware
Zeppelin
2022-08-11CISAFBI, CISA
@techreport{fbi:20220811:stopransomware:d37ee96, author = {FBI and CISA}, title = {{#StopRansomware: Zeppelin Ransomware (PDF)}}, date = {2022-08-11}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-223A_Zeppelin_CSA.pdf}, language = {English}, urldate = {2022-08-15} } #StopRansomware: Zeppelin Ransomware (PDF)
Zeppelin
2022-07-06CISAFBI, CISA, Department of the Treasury (Treasury)
@techreport{fbi:20220706:csa:fcffb49, author = {FBI and CISA and Department of the Treasury (Treasury)}, title = {{CSA AA22-187A: North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector (PDF)}}, date = {2022-07-06}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/aa22-187a-north-korean%20state-sponsored-cyber-actors-use-maui-ransomware-to-target-the-hph-sector.pdf}, language = {English}, urldate = {2022-07-13} } CSA AA22-187A: North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector (PDF)
Maui Ransomware
2022-07-06CISAFBI, CISA, Department of the Treasury (Treasury)
@online{fbi:20220706:alert:4231af8, author = {FBI and CISA and Department of the Treasury (Treasury)}, title = {{Alert (AA22-187A): North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector}}, date = {2022-07-06}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-187a}, language = {English}, urldate = {2022-07-13} } Alert (AA22-187A): North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector
Maui Ransomware
2022-07-01CISACISA, FBI, Department of the Treasury (Treasury), FINCEN
@online{cisa:20220701:alert:12e80c1, author = {CISA and FBI and Department of the Treasury (Treasury) and FINCEN}, title = {{Alert (AA22-181A): #StopRansomware: MedusaLocker}}, date = {2022-07-01}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-181a}, language = {English}, urldate = {2022-07-05} } Alert (AA22-181A): #StopRansomware: MedusaLocker
MedusaLocker
2022-06-30CISACISA, FBI, Department of the Treasury (Treasury), FINCEN
@techreport{cisa:20220630:csa:59d0928, author = {CISA and FBI and Department of the Treasury (Treasury) and FINCEN}, title = {{CSA (AA22-181A): #StopRansomware: MedusaLocker}}, date = {2022-06-30}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-181A_stopransomware_medusalocker.pdf}, language = {English}, urldate = {2022-07-05} } CSA (AA22-181A): #StopRansomware: MedusaLocker
MedusaLocker