Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-10-18CISAUS-CERT
@online{uscert:20211018:alert:5701532, author = {US-CERT}, title = {{Alert (AA21-291A): BlackMatter Ransomware}}, date = {2021-10-18}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-291a}, language = {English}, urldate = {2021-10-24} } Alert (AA21-291A): BlackMatter Ransomware
BlackMatter BlackMatter
2021-10-14CISAUS-CERT
@online{uscert:20211014:alert:56cfcda, author = {US-CERT}, title = {{Alert (AA21-287A) Ongoing Cyber Threats to U.S. Water and Wastewater Systems}}, date = {2021-10-14}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-287a}, language = {English}, urldate = {2021-10-25} } Alert (AA21-287A) Ongoing Cyber Threats to U.S. Water and Wastewater Systems
2021-09-22CISAUS-CERT
@online{uscert:20210922:alert:50b9d38, author = {US-CERT}, title = {{Alert (AA21-265A) Conti Ransomware}}, date = {2021-09-22}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-265a}, language = {English}, urldate = {2021-10-05} } Alert (AA21-265A) Conti Ransomware
Cobalt Strike Conti
2021-09-16CISAUS-CERT
@online{uscert:20210916:actors:ee20adf, author = {US-CERT}, title = {{APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus}}, date = {2021-09-16}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-259a}, language = {English}, urldate = {2021-09-19} } APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus
2021-07-21CISAUS-CERT
@online{uscert:20210721:malware:d7afb6d, author = {US-CERT}, title = {{Malware Targeting Pulse Secure Devices}}, date = {2021-07-21}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/current-activity/2021/07/21/malware-targeting-pulse-secure-devices}, language = {English}, urldate = {2021-07-22} } Malware Targeting Pulse Secure Devices
2021-07-20CISAUS-CERT
@online{uscert:20210720:alert:e6916fe, author = {US-CERT}, title = {{Alert (AA21-201A): Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013}}, date = {2021-07-20}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-201a}, language = {English}, urldate = {2021-07-26} } Alert (AA21-201A): Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013
2021-07-08CISAUS-CERT
@online{uscert:20210708:malware:5341e6c, author = {US-CERT}, title = {{Malware Analysis Report (AR21-189A): DarkSide Ransomware}}, date = {2021-07-08}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-189a}, language = {English}, urldate = {2021-07-19} } Malware Analysis Report (AR21-189A): DarkSide Ransomware
DarkSide
2021-07-04CISAUS-CERT
@online{uscert:20210704:cisafbi:1e199f1, author = {US-CERT}, title = {{CISA-FBI Guidance for MSPs and their Customers Affected by the Kaseya VSA Supply-Chain Ransomware Attack}}, date = {2021-07-04}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/current-activity/2021/07/04/cisa-fbi-guidance-msps-and-their-customers-affected-kaseya-vsa}, language = {English}, urldate = {2021-07-09} } CISA-FBI Guidance for MSPs and their Customers Affected by the Kaseya VSA Supply-Chain Ransomware Attack
REvil REvil
2021-06-19CISAUS-CERT
@online{uscert:20210619:alert:fae1a38, author = {US-CERT}, title = {{Alert (AA21-200A): Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department}}, date = {2021-06-19}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-200a}, language = {English}, urldate = {2021-07-26} } Alert (AA21-200A): Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department
Leviathan
2021-05-28CISAUS-CERT
@online{uscert:20210528:malware:0913332, author = {US-CERT}, title = {{Malware Analysis Report (AR21-148A): Cobalt Strike Beacon}}, date = {2021-05-28}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-148a}, language = {English}, urldate = {2021-07-19} } Malware Analysis Report (AR21-148A): Cobalt Strike Beacon
Cobalt Strike
2021-05-28CISAUS-CERT
@online{uscert:20210528:alert:be89c5f, author = {US-CERT}, title = {{Alert (AA21-148A): Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs}}, date = {2021-05-28}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-148a}, language = {English}, urldate = {2021-07-27} } Alert (AA21-148A): Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs
Cobalt Strike
2021-05-14CISAUS-CERT
@online{uscert:20210514:analysis:f0b767a, author = {US-CERT}, title = {{Analysis Report (AR21-134A): Eviction Guidance for Networks Affected by the SolarWinds and Active Directory/M365 Compromise}}, date = {2021-05-14}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-134a}, language = {English}, urldate = {2021-07-19} } Analysis Report (AR21-134A): Eviction Guidance for Networks Affected by the SolarWinds and Active Directory/M365 Compromise
SUNBURST
2021-05-11CISAUS-CERT
@online{uscert:20210511:alert:a9224cc, author = {US-CERT}, title = {{Alert (AA21-131A) DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks}}, date = {2021-05-11}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-131a}, language = {English}, urldate = {2021-05-13} } Alert (AA21-131A) DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks
DarkSide
2021-04-22CISAUS-CERT
@online{uscert:20210422:ar21112a:98e8675, author = {US-CERT}, title = {{AR21-112A: CISA Identifies SUPERNOVA Malware During Incident Response}}, date = {2021-04-22}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-112a}, language = {English}, urldate = {2021-04-28} } AR21-112A: CISA Identifies SUPERNOVA Malware During Incident Response
SUPERNOVA
2021-04-20CISAUS-CERT
@online{uscert:20210420:alert:26e1ecd, author = {US-CERT}, title = {{Alert (AA21-110A): Exploitation of Pulse Connect Secure Vulnerabilities}}, date = {2021-04-20}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-110a}, language = {English}, urldate = {2021-04-28} } Alert (AA21-110A): Exploitation of Pulse Connect Secure Vulnerabilities
2021-04-15CISAUS-CERT
@online{uscert:20210415:malware:27f4af4, author = {US-CERT}, title = {{Malware Analysis Report (AR21-105A): SUNSHUTTLE}}, date = {2021-04-15}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-105a}, language = {English}, urldate = {2021-04-16} } Malware Analysis Report (AR21-105A): SUNSHUTTLE
GoldMax
2021-04-12CISAUS-CERT
@online{uscert:20210412:analysis:5c10e58, author = {US-CERT}, title = {{Analysis Report (AR21-102B): DearCry Ransomware}}, date = {2021-04-12}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-102b}, language = {English}, urldate = {2021-04-16} } Analysis Report (AR21-102B): DearCry Ransomware
dearcry
2021-04-06CISAUS-CERT
@online{uscert:20210406:malicious:8bc78d2, author = {US-CERT}, title = {{Malicious Cyber Activity Targeting Critical SAP Applications}}, date = {2021-04-06}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/current-activity/2021/04/06/malicious-cyber-activity-targeting-critical-sap-applications}, language = {English}, urldate = {2021-04-06} } Malicious Cyber Activity Targeting Critical SAP Applications
2021-04CISAUS-CERT
@techreport{uscert:202104:defending:6e83626, author = {US-CERT}, title = {{Defending Against Software Supply Chain Attacks}}, date = {2021-04}, institution = {CISA}, url = {https://www.cisa.gov/sites/default/files/publications/defending_against_software_supply_chain_attacks_508.pdf}, language = {English}, urldate = {2021-05-03} } Defending Against Software Supply Chain Attacks
2021-03-18CISAUS-CERT
@online{uscert:20210318:alert:bff148c, author = {US-CERT}, title = {{Alert (AA21-077A): Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool}}, date = {2021-03-18}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-077a}, language = {English}, urldate = {2021-03-19} } Alert (AA21-077A): Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool
SUNBURST