Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-08-31NCSC UKNCSC UK
@techreport{uk:20230831:infamous:1abb67d, author = {NCSC UK}, title = {{Infamous Chisel - Malware Analysis Report}}, date = {2023-08-31}, institution = {NCSC UK}, url = {https://www.ncsc.gov.uk/static-assets/documents/malware-analysis-reports/infamous-chisel/NCSC-MAR-Infamous-Chisel.pdf}, language = {English}, urldate = {2023-09-01} } Infamous Chisel - Malware Analysis Report
2023-06-14CISAFBI, MS-ISAC, Australian Cyber Security Centre (ACSC), Bundesamt für Sicherheit in der Informationstechnik (BSI), NCSC UK, Canadian Centre for Cyber Security (CCCS), ANSSI, CERT NZ, New Zealand National Cyber Security Centre (NZ NCSC)
@techreport{fbi:20230614:understanding:05abf47, author = {FBI and MS-ISAC and Australian Cyber Security Centre (ACSC) and Bundesamt für Sicherheit in der Informationstechnik (BSI) and NCSC UK and Canadian Centre for Cyber Security (CCCS) and ANSSI and CERT NZ and New Zealand National Cyber Security Centre (NZ NCSC)}, title = {{Understanding Ransomware Threat Actors: Lockbit}}, date = {2023-06-14}, institution = {CISA}, url = {https://www.cisa.gov/sites/default/files/2023-06/aa23-165a_understanding_TA_LockBit_0.pdf}, language = {English}, urldate = {2023-06-19} } Understanding Ransomware Threat Actors: Lockbit
LockBit
2023-04-18NCSC UKNCSC UK, CISA, FBI, NSA
@techreport{uk:20230418:apt28:f50b70e, author = {NCSC UK and CISA and FBI and NSA}, title = {{APT28 exploits known vulnerability to carry out reconnaissance and deploy malware on Cisco routers}}, date = {2023-04-18}, institution = {NCSC UK}, url = {https://www.ncsc.gov.uk/files/Advisory_APT28-exploits-known-vulnerability.pdf}, language = {English}, urldate = {2023-04-22} } APT28 exploits known vulnerability to carry out reconnaissance and deploy malware on Cisco routers
2023-04-18NCSC UKUnited Kingdom’s National Cyber Security Centre (NCSC-UK)
@techreport{ncscuk:20230418:jaguar:421e6fb, author = {United Kingdom’s National Cyber Security Centre (NCSC-UK)}, title = {{Jaguar Tooth - Cisco IOS malware that collects device information and enables backdoor access}}, date = {2023-04-18}, institution = {NCSC UK}, url = {https://www.ncsc.gov.uk/static-assets/documents/malware-analysis-reports/jaguar-tooth/NCSC-MAR-Jaguar-Tooth.pdf}, language = {English}, urldate = {2023-04-22} } Jaguar Tooth - Cisco IOS malware that collects device information and enables backdoor access
2023-01-26NCSC UKNCSC UK
@online{uk:20230126:seaborgium:ae8f581, author = {NCSC UK}, title = {{SEABORGIUM and TA453 continue their respective spear-phishing campaigns against targets of interest}}, date = {2023-01-26}, organization = {NCSC UK}, url = {https://www.ncsc.gov.uk/news/spear-phishing-campaigns-targets-of-interest}, language = {English}, urldate = {2023-01-27} } SEABORGIUM and TA453 continue their respective spear-phishing campaigns against targets of interest
2022-11-01NCSC UKNCSC UK
@online{uk:20221101:ncsc:1ed9540, author = {NCSC UK}, title = {{NCSC Annual Review 2022}}, date = {2022-11-01}, organization = {NCSC UK}, url = {https://www.ncsc.gov.uk/collection/annual-review-2022}, language = {English}, urldate = {2022-11-03} } NCSC Annual Review 2022
2022-09-14CISAFBI, US-CERT, NSA, U.S. Cyber Command, U.S. Department of the Treasury, Australian Cyber Security Centre (ACSC), CSE Canada, NCSC UK
@online{fbi:20220914:alert:c9a3789, author = {FBI and US-CERT and NSA and U.S. Cyber Command and U.S. Department of the Treasury and Australian Cyber Security Centre (ACSC) and CSE Canada and NCSC UK}, title = {{Alert (AA22-257A): Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations}}, date = {2022-09-14}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-257a}, language = {English}, urldate = {2022-09-20} } Alert (AA22-257A): Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations
2022-04-20CISACISA, NSA, FBI, Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), Government Communications Security Bureau, NCSC UK, National Crime Agency (NCA)
@techreport{cisa:20220420:aa22110a:4fde5d6, author = {CISA and NSA and FBI and Australian Cyber Security Centre (ACSC) and Canadian Centre for Cyber Security (CCCS) and Government Communications Security Bureau and NCSC UK and National Crime Agency (NCA)}, title = {{AA22-110A Joint CSA: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure}}, date = {2022-04-20}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-110A_Joint_CSA_Russian_State-Sponsored_and_Criminal_Cyber_Threats_to_Critical_Infrastructure_4_20_22_Final.pdf}, language = {English}, urldate = {2022-04-25} } AA22-110A Joint CSA: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
VPNFilter BlackEnergy DanaBot DoppelDridex Emotet EternalPetya GoldMax Industroyer Sality SmokeLoader TrickBot Triton Zloader
2022-02-28NCSC UKNCSC UK
@techreport{uk:20220228:malware:0cbf8c2, author = {NCSC UK}, title = {{Malware Analysis Report: SparrowDoor}}, date = {2022-02-28}, institution = {NCSC UK}, url = {https://www.ncsc.gov.uk/files/NCSC-MAR-SparrowDoor.pdf}, language = {English}, urldate = {2022-05-17} } Malware Analysis Report: SparrowDoor
SparrowDoor
2022-02-24FBI, CISA, CNMF, NCSC UK
@online{fbi:20220224:alert:f9ae76b, author = {FBI and CISA and CNMF and NCSC UK}, title = {{Alert (AA22-055A) Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks}}, date = {2022-02-24}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-055a}, language = {English}, urldate = {2022-03-01} } Alert (AA22-055A) Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks
POWERSTATS PowGoop MoriAgent
2022-02-24FBI, CISA, CNMF, NCSC UK, NSA
@techreport{fbi:20220224:iranian:9117e42, author = {FBI and CISA and CNMF and NCSC UK and NSA}, title = {{Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks}}, date = {2022-02-24}, institution = {}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-055A_Iranian_Government-Sponsored_Actors_Conduct_Cyber_Operations.pdf}, language = {English}, urldate = {2022-03-01} } Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks
POWERSTATS PowGoop GRAMDOOR MoriAgent
2022-02-23NCSC UKNCSC UK
@online{uk:20220223:new:53a7c46, author = {NCSC UK}, title = {{New Sandworm malware Cyclops Blink replaces VPNFilter}}, date = {2022-02-23}, organization = {NCSC UK}, url = {https://www.ncsc.gov.uk/news/joint-advisory-shows-new-sandworm-malware-cyclops-blink-replaces-vpnfilter}, language = {English}, urldate = {2022-02-26} } New Sandworm malware Cyclops Blink replaces VPNFilter
VPNFilter
2022-02-23NCSC UKNCSC UK
@techreport{uk:20220223:cyclops:f4290ae, author = {NCSC UK}, title = {{Cyclops Blink - Malware Analysis Report}}, date = {2022-02-23}, institution = {NCSC UK}, url = {https://www.ncsc.gov.uk/files/Cyclops-Blink-Malware-Analysis-Report.pdf}, language = {English}, urldate = {2022-02-26} } Cyclops Blink - Malware Analysis Report
2022-02-23CISA, NCSC UK, FBI, NSA
@techreport{cisa:20220223:advisory:56f6379, author = {CISA and NCSC UK and FBI and NSA}, title = {{Advisory: New Sandworm malware Cyclops Blink replaces VPNFilter}}, date = {2022-02-23}, institution = {}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-054A%20New%20Sandworm%20Malware%20Cyclops%20Blink%20Replaces%20VPN%20Filter.pdf}, language = {English}, urldate = {2022-02-26} } Advisory: New Sandworm malware Cyclops Blink replaces VPNFilter
VPNFilter
2022-02-09CISACISA, FBI, NSA, Australian Cyber Security Centre (ACSC), NCSC UK
@techreport{cisa:20220209:alert:be2567f, author = {CISA and FBI and NSA and Australian Cyber Security Centre (ACSC) and NCSC UK}, title = {{Alert (AA22-040A) 2021 Trends Show Increased Globalized Threat of Ransomware}}, date = {2022-02-09}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-040A_2021_Trends_Show_Increased_Globalized_Threat_of_Ransomware_508.pdf}, language = {English}, urldate = {2022-04-07} } Alert (AA22-040A) 2021 Trends Show Increased Globalized Threat of Ransomware
2021-12-15NCSC UKNCSC UK
@online{uk:20211215:jolly:bd0859a, author = {NCSC UK}, title = {{Jolly Jellyfish}}, date = {2021-12-15}, organization = {NCSC UK}, url = {https://media-exp1.licdn.com/dms/document/C561FAQHhWFRcWmdCPw/feedshare-document-pdf-analyzed/0/1639591145314?e=1658966400&v=beta&t=_uCcyEVg6b_VDiBTvWQIXtBOdQ1GQAAydqGyq62KA3E}, language = {English}, urldate = {2022-07-25} } Jolly Jellyfish
FishMaster Earth Lusca
2021-11-17CISAFBI, CISA, Australian Cyber Security Centre (ACSC), NCSC UK
@techreport{fbi:20211117:alert:e4ba10a, author = {FBI and CISA and Australian Cyber Security Centre (ACSC) and NCSC UK}, title = {{Alert (AA21-321A): Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities}}, date = {2021-11-17}, institution = {CISA}, url = {https://us-cert.cisa.gov/sites/default/files/publications/AA21-321A-Iranian%20Government-Sponsored%20APT%20Actors%20Exploiting%20Microsoft%20Exchange%20and%20Fortinet%20Vulnerabilities.pdf}, language = {English}, urldate = {2022-01-03} } Alert (AA21-321A): Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
2021-07-28CISACISA, Australian Cyber Security Centre (ACSC), NCSC UK, FBI
@online{cisa:20210728:top:78a1031, author = {CISA and Australian Cyber Security Centre (ACSC) and NCSC UK and FBI}, title = {{Top Routinely Exploited Vulnerabilities}}, date = {2021-07-28}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-209a}, language = {English}, urldate = {2021-07-29} } Top Routinely Exploited Vulnerabilities
2021-07-19GOV.UKNCSC UK, Dominic Raab
@online{uk:20210719:uk:9674820, author = {NCSC UK and Dominic Raab}, title = {{UK and allies hold Chinese state responsible for a pervasive pattern of hacking}}, date = {2021-07-19}, organization = {GOV.UK}, url = {https://www.gov.uk/government/news/uk-and-allies-hold-chinese-state-responsible-for-a-pervasive-pattern-of-hacking}, language = {English}, urldate = {2021-07-22} } UK and allies hold Chinese state responsible for a pervasive pattern of hacking
APT31 APT40 HAFNIUM
2021-07-19NCSC UKNCSC UK
@online{uk:20210719:uk:8ecd954, author = {NCSC UK}, title = {{UK and allies hold Chinese state responsible for pervasive pattern of hacking}}, date = {2021-07-19}, organization = {NCSC UK}, url = {https://www.ncsc.gov.uk/news/uk-allies-hold-chinese-state-responsible-for-pervasive-pattern-of-hacking}, language = {English}, urldate = {2021-07-22} } UK and allies hold Chinese state responsible for pervasive pattern of hacking
APT31 APT40