Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-04-27CISACISA, NSA, FBI, Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), New Zealand National Cyber Security Centre (NZ NCSC), United Kingdom’s National Cyber Security Centre (NCSC-UK)
@online{cisa:20220427:alert:e02c831, author = {CISA and NSA and FBI and Australian Cyber Security Centre (ACSC) and Canadian Centre for Cyber Security (CCCS) and New Zealand National Cyber Security Centre (NZ NCSC) and United Kingdom’s National Cyber Security Centre (NCSC-UK)}, title = {{Alert (AA22-117A) 2021 Top Routinely Exploited Vulnerabilities}}, date = {2022-04-27}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-117a}, language = {English}, urldate = {2022-04-29} } Alert (AA22-117A) 2021 Top Routinely Exploited Vulnerabilities
2022-04-20CISACISA, NSA, FBI, Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), Government Communications Security Bureau, NCSC UK, National Crime Agency (NCA)
@techreport{cisa:20220420:aa22110a:4fde5d6, author = {CISA and NSA and FBI and Australian Cyber Security Centre (ACSC) and Canadian Centre for Cyber Security (CCCS) and Government Communications Security Bureau and NCSC UK and National Crime Agency (NCA)}, title = {{AA22-110A Joint CSA: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure}}, date = {2022-04-20}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-110A_Joint_CSA_Russian_State-Sponsored_and_Criminal_Cyber_Threats_to_Critical_Infrastructure_4_20_22_Final.pdf}, language = {English}, urldate = {2022-04-25} } AA22-110A Joint CSA: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
VPNFilter BlackEnergy DanaBot DoppelDridex Emotet EternalPetya GoldMax Industroyer Sality SmokeLoader TrickBot Triton Zloader
2022-04-13Department of Energy (DOE), NSA, FBI, CISA
@techreport{doe:20220413:cyber:1dee54e, author = {Department of Energy (DOE) and NSA and FBI and CISA}, title = {{APT Cyber Tools Targeting ICS/SCADA Devices}}, date = {2022-04-13}, institution = {}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/Joint_Cybersecurity_Advisory_APT%20Cyber%20Tools%20Targeting%20ICS%20SCADA%20Devices.pdf}, language = {English}, urldate = {2022-04-15} } APT Cyber Tools Targeting ICS/SCADA Devices
2022-03-03NSANSA
@techreport{nsa:20220303:network:c5b4b09, author = {NSA}, title = {{Network Infrastructure Security Guidance}}, date = {2022-03-03}, institution = {NSA}, url = {https://media.defense.gov/2022/Mar/01/2002947139/-1/-1/0/CTR_NSA_NETWORK_INFRASTRUCTURE_SECURITY_GUIDANCE_20220301.PDF}, language = {English}, urldate = {2022-03-07} } Network Infrastructure Security Guidance
2022-02-24FBI, CISA, CNMF, NCSC UK, NSA
@techreport{fbi:20220224:iranian:9117e42, author = {FBI and CISA and CNMF and NCSC UK and NSA}, title = {{Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks}}, date = {2022-02-24}, institution = {}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-055A_Iranian_Government-Sponsored_Actors_Conduct_Cyber_Operations.pdf}, language = {English}, urldate = {2022-03-01} } Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks
POWERSTATS PowGoop GRAMDOOR MoriAgent
2022-02-23Bleeping ComputerIonut Ilascu
@online{ilascu:20220223:nsalinked:556c453, author = {Ionut Ilascu}, title = {{NSA-linked Bvp47 Linux backdoor widely undetected for 10 years}}, date = {2022-02-23}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/nsa-linked-bvp47-linux-backdoor-widely-undetected-for-10-years/}, language = {English}, urldate = {2022-03-01} } NSA-linked Bvp47 Linux backdoor widely undetected for 10 years
Bvp47
2022-02-23CISA, NCSC UK, FBI, NSA
@techreport{cisa:20220223:advisory:56f6379, author = {CISA and NCSC UK and FBI and NSA}, title = {{Advisory: New Sandworm malware Cyclops Blink replaces VPNFilter}}, date = {2022-02-23}, institution = {}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-054A%20New%20Sandworm%20Malware%20Cyclops%20Blink%20Replaces%20VPN%20Filter.pdf}, language = {English}, urldate = {2022-02-26} } Advisory: New Sandworm malware Cyclops Blink replaces VPNFilter
VPNFilter
2022-02-23Pangu LabPangu Lab
@online{lab:20220223:bvp47:c8f2a2f, author = {Pangu Lab}, title = {{The Bvp47 - a Top-tier Backdoor of US NSA Equation Group}}, date = {2022-02-23}, organization = {Pangu Lab}, url = {https://www.pangulab.cn/en/post/the_bvp47_a_top-tier_backdoor_of_us_nsa_equation_group/}, language = {English}, urldate = {2022-03-01} } The Bvp47 - a Top-tier Backdoor of US NSA Equation Group
Bvp47
2022-02-22Pangu LabPangu Lab
@techreport{lab:20220222:bvp47:0b9392d, author = {Pangu Lab}, title = {{Bvp47 - Top-tier Backdoor of US NSA Equation Group}}, date = {2022-02-22}, institution = {Pangu Lab}, url = {https://www.pangulab.cn/files/The_Bvp47_a_top-tier_backdoor_of_us_nsa_equation_group.en.pdf}, language = {English}, urldate = {2022-03-01} } Bvp47 - Top-tier Backdoor of US NSA Equation Group
Bvp47
2022-02-16CISAUS-CERT, NSA, FBI
@online{uscert:20220216:alert:8b4e4d2, author = {US-CERT and NSA and FBI}, title = {{Alert (AA22-047A) Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology}}, date = {2022-02-16}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-047a}, language = {English}, urldate = {2022-02-19} } Alert (AA22-047A) Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology
2022-02-09FBI, NSA, CISA, Australian Cyber Security Centre (ACSC), United Kingdom’s National Cyber Security Centre (NCSC-UK)
@techreport{fbi:20220209:2021:df515ea, author = {FBI and NSA and CISA and Australian Cyber Security Centre (ACSC) and United Kingdom’s National Cyber Security Centre (NCSC-UK)}, title = {{2021 Trends Show Increased Globalized Threat of Ransomware}}, date = {2022-02-09}, institution = {}, url = {https://www.ncsc.gov.uk/files/2021%20Trends%20show%20increased%20globalised%20threat%20of%20ransomware.pdf}, language = {English}, urldate = {2022-04-05} } 2021 Trends Show Increased Globalized Threat of Ransomware
2022-02-09CISACISA, FBI, NSA, Australian Cyber Security Centre (ACSC), NCSC UK
@techreport{cisa:20220209:alert:be2567f, author = {CISA and FBI and NSA and Australian Cyber Security Centre (ACSC) and NCSC UK}, title = {{Alert (AA22-040A) 2021 Trends Show Increased Globalized Threat of Ransomware}}, date = {2022-02-09}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-040A_2021_Trends_Show_Increased_Globalized_Threat_of_Ransomware_508.pdf}, language = {English}, urldate = {2022-04-07} } Alert (AA22-040A) 2021 Trends Show Increased Globalized Threat of Ransomware
2022-01-11CISACISA, FBI, NSA
@techreport{cisa:20220111:understanding:aae8b36, author = {CISA and FBI and NSA}, title = {{Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure}}, date = {2022-01-11}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-011A_Joint_CSA_Understanding_and_Mitigating%20_Russian_Cyber_Threats_to_US_Critical_Infrastructure_TLP-WHITE_01-10-22_v1.pdf}, language = {English}, urldate = {2022-04-07} } Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
2022-01-11CISA, FBI, NSA
@techreport{cisa:20220111:understanding:07bbdcf, author = {CISA and FBI and NSA}, title = {{Understanding and Mitigating Russian State- Sponsored Cyber Threats to U.S. Critical Infrastructure}}, date = {2022-01-11}, institution = {}, url = {https://media.defense.gov/2022/Jan/11/2002919950/-1/-1/1/JOINT_CSA_UNDERSTANDING_MITIGATING_RUSSIAN_CYBER_THREATS_TO_US_CRITICAL_INFRASTRUCTURE_20220111.PDF}, language = {English}, urldate = {2022-01-18} } Understanding and Mitigating Russian State- Sponsored Cyber Threats to U.S. Critical Infrastructure
2021-12-22CISACISA, FBI, NSA, Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), Computer Emergency Response Team New Zealand (CERT NZ), New Zealand National Cyber Security Centre (NZ NCSC), United Kingdom’s National Cyber Security Centre (NCSC-UK)
@online{cisa:20211222:alert:635c59b, author = {CISA and FBI and NSA and Australian Cyber Security Centre (ACSC) and Canadian Centre for Cyber Security (CCCS) and Computer Emergency Response Team New Zealand (CERT NZ) and New Zealand National Cyber Security Centre (NZ NCSC) and United Kingdom’s National Cyber Security Centre (NCSC-UK)}, title = {{Alert (AA21-356A) Mitigating Log4Shell and Other Log4j-Related Vulnerabilities}}, date = {2021-12-22}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa21-356a}, language = {English}, urldate = {2021-12-23} } Alert (AA21-356A) Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
2021-12-16Check Point ResearchAlexey Bukhteyev
@online{bukhteyev:20211216:phorpiex:cef1b8e, author = {Alexey Bukhteyev}, title = {{Phorpiex botnet is back with a new Twizt: Hijacking Hundreds of crypto transactions}}, date = {2021-12-16}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2021/phorpiex-botnet-is-back-with-a-new-twizt-hijacking-hundreds-of-crypto-transactions/}, language = {English}, urldate = {2021-12-17} } Phorpiex botnet is back with a new Twizt: Hijacking Hundreds of crypto transactions
Phorpiex
2021-12-14Cado SecurityMatt Muir
@online{muir:20211214:analysis:fb34f1a, author = {Matt Muir}, title = {{Analysis of Novel Khonsari Ransomware Deployed by the Log4Shell Vulnerability}}, date = {2021-12-14}, organization = {Cado Security}, url = {https://www.cadosecurity.com/analysis-of-novel-khonsari-ransomware-deployed-by-the-log4shell-vulnerability/}, language = {English}, urldate = {2022-01-18} } Analysis of Novel Khonsari Ransomware Deployed by the Log4Shell Vulnerability
Khonsari
2021-09-09Medium s2wlabS2W TALON
@online{talon:20210909:case:fdbe983, author = {S2W TALON}, title = {{Case Analysis of Suncrypt Ransomware Negotiation and Bitcoin Transaction}}, date = {2021-09-09}, organization = {Medium s2wlab}, url = {https://medium.com/s2wlab/case-analysis-of-suncrypt-ransomware-negotiation-and-bitcoin-transaction-43a2194ac0bc}, language = {English}, urldate = {2021-09-12} } Case Analysis of Suncrypt Ransomware Negotiation and Bitcoin Transaction
SunCrypt
2021-09-03FireEyeAdrian Sanchez Hernandez, Govand Sinjari, Joshua Goddard, Brendan McKeague, John Wolfram, Alex Pennino, Andrew Rector, Harris Ansari, Yash Gupta
@online{hernandez:20210903:pst:a8de902, author = {Adrian Sanchez Hernandez and Govand Sinjari and Joshua Goddard and Brendan McKeague and John Wolfram and Alex Pennino and Andrew Rector and Harris Ansari and Yash Gupta}, title = {{PST, Want a Shell? ProxyShell Exploiting Microsoft Exchange Servers}}, date = {2021-09-03}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2021/09/proxyshell-exploiting-microsoft-exchange-servers.html}, language = {English}, urldate = {2021-09-06} } PST, Want a Shell? ProxyShell Exploiting Microsoft Exchange Servers
CHINACHOPPER HTran
2021-08-06ESET ResearchZuzana Hromcová
@online{hromcov:20210806:iistealer:d9957ab, author = {Zuzana Hromcová}, title = {{IIStealer: A server‑side threat to e‑commerce transactions}}, date = {2021-08-06}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/08/06/iistealer-server-side-threat-ecommerce-transactions/}, language = {English}, urldate = {2021-08-09} } IIStealer: A server‑side threat to e‑commerce transactions