Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-09-14CISAFBI, US-CERT, NSA, U.S. Cyber Command, U.S. Department of the Treasury, Australian Cyber Security Centre (ACSC), CSE Canada, NCSC UK
@online{fbi:20220914:alert:c9a3789, author = {FBI and US-CERT and NSA and U.S. Cyber Command and U.S. Department of the Treasury and Australian Cyber Security Centre (ACSC) and CSE Canada and NCSC UK}, title = {{Alert (AA22-257A): Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations}}, date = {2022-09-14}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-257a}, language = {English}, urldate = {2022-09-20} } Alert (AA22-257A): Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations
2022-09-06CISAUS-CERT, FBI, CISA, MS-ISAC
@online{uscert:20220906:alert:4058a6d, author = {US-CERT and FBI and CISA and MS-ISAC}, title = {{Alert (AA22-249A) #StopRansomware: Vice Society}}, date = {2022-09-06}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-249a}, language = {English}, urldate = {2022-09-16} } Alert (AA22-249A) #StopRansomware: Vice Society
Cobalt Strike Empire Downloader FiveHands HelloKitty SystemBC Zeppelin
2022-04-13CISAUS-CERT
@online{uscert:20220413:alert:e8e47a3, author = {US-CERT}, title = {{Alert (AA22-103A) APT Cyber Tools Targeting ICS/SCADA Devices}}, date = {2022-04-13}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-103a}, language = {English}, urldate = {2022-04-14} } Alert (AA22-103A) APT Cyber Tools Targeting ICS/SCADA Devices
2022-03-24CISAUS-CERT
@online{uscert:20220324:alert:03a7f21, author = {US-CERT}, title = {{Alert (AA22-083A) Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector}}, date = {2022-03-24}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-083a}, language = {English}, urldate = {2022-03-25} } Alert (AA22-083A) Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector
Havex RAT Triton
2022-03-17CISAUS-CERT
@techreport{uscert:20220317:alert:5cbab55, author = {US-CERT}, title = {{Alert (AA22-076A) Strengthening Cybersecurity of SATCOM Network Providers and Customers}}, date = {2022-03-17}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-076_Strengthening_Cybersecurity_of_SATCOM_Network_Providers_and_Customers.pdf}, language = {English}, urldate = {2022-04-07} } Alert (AA22-076A) Strengthening Cybersecurity of SATCOM Network Providers and Customers
2022-03-15CISAUS-CERT
@online{uscert:20220315:alert:2cd6a44, author = {US-CERT}, title = {{Alert (AA22-074A) Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability}}, date = {2022-03-15}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-074a}, language = {English}, urldate = {2022-03-17} } Alert (AA22-074A) Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability
2022-02-24CISAUS-CERT
@online{uscert:20220224:malware:dc7c47b, author = {US-CERT}, title = {{Malware Analysis Report (AR22-055A) MuddyWater}}, date = {2022-02-24}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/analysis-reports/ar22-055a}, language = {English}, urldate = {2022-06-27} } Malware Analysis Report (AR22-055A) MuddyWater
2022-02-16CISAUS-CERT, NSA, FBI
@online{uscert:20220216:alert:8b4e4d2, author = {US-CERT and NSA and FBI}, title = {{Alert (AA22-047A) Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology}}, date = {2022-02-16}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-047a}, language = {English}, urldate = {2022-02-19} } Alert (AA22-047A) Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology
2021-12-02CISAUS-CERT
@online{uscert:20211202:alert:ac0edaf, author = {US-CERT}, title = {{Alert (AA21-336A): APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus}}, date = {2021-12-02}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-336a}, language = {English}, urldate = {2021-12-07} } Alert (AA21-336A): APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus
KDC Sponge NGLite
2021-10-18CISAUS-CERT
@online{uscert:20211018:alert:5701532, author = {US-CERT}, title = {{Alert (AA21-291A): BlackMatter Ransomware}}, date = {2021-10-18}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-291a}, language = {English}, urldate = {2021-10-24} } Alert (AA21-291A): BlackMatter Ransomware
BlackMatter BlackMatter
2021-10-14CISAUS-CERT
@online{uscert:20211014:alert:56cfcda, author = {US-CERT}, title = {{Alert (AA21-287A) Ongoing Cyber Threats to U.S. Water and Wastewater Systems}}, date = {2021-10-14}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-287a}, language = {English}, urldate = {2021-10-25} } Alert (AA21-287A) Ongoing Cyber Threats to U.S. Water and Wastewater Systems
2021-09-22CISAUS-CERT
@online{uscert:20210922:alert:50b9d38, author = {US-CERT}, title = {{Alert (AA21-265A) Conti Ransomware}}, date = {2021-09-22}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-265a}, language = {English}, urldate = {2021-10-05} } Alert (AA21-265A) Conti Ransomware
Cobalt Strike Conti
2021-09-16CISAUS-CERT
@online{uscert:20210916:actors:ee20adf, author = {US-CERT}, title = {{APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus}}, date = {2021-09-16}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-259a}, language = {English}, urldate = {2021-09-19} } APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus
2021-07-21CISAUS-CERT
@online{uscert:20210721:malware:d7afb6d, author = {US-CERT}, title = {{Malware Targeting Pulse Secure Devices}}, date = {2021-07-21}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/current-activity/2021/07/21/malware-targeting-pulse-secure-devices}, language = {English}, urldate = {2021-07-22} } Malware Targeting Pulse Secure Devices
2021-07-20CISAUS-CERT
@online{uscert:20210720:alert:e6916fe, author = {US-CERT}, title = {{Alert (AA21-201A): Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013}}, date = {2021-07-20}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-201a}, language = {English}, urldate = {2021-07-26} } Alert (AA21-201A): Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013
2021-07-08CISAUS-CERT
@online{uscert:20210708:malware:5341e6c, author = {US-CERT}, title = {{Malware Analysis Report (AR21-189A): DarkSide Ransomware}}, date = {2021-07-08}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-189a}, language = {English}, urldate = {2021-07-19} } Malware Analysis Report (AR21-189A): DarkSide Ransomware
DarkSide
2021-07-04CISAUS-CERT
@online{uscert:20210704:cisafbi:1e199f1, author = {US-CERT}, title = {{CISA-FBI Guidance for MSPs and their Customers Affected by the Kaseya VSA Supply-Chain Ransomware Attack}}, date = {2021-07-04}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/current-activity/2021/07/04/cisa-fbi-guidance-msps-and-their-customers-affected-kaseya-vsa}, language = {English}, urldate = {2021-07-09} } CISA-FBI Guidance for MSPs and their Customers Affected by the Kaseya VSA Supply-Chain Ransomware Attack
REvil REvil
2021-06-19CISAUS-CERT
@online{uscert:20210619:alert:fae1a38, author = {US-CERT}, title = {{Alert (AA21-200A): Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department}}, date = {2021-06-19}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-200a}, language = {English}, urldate = {2021-07-26} } Alert (AA21-200A): Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department
APT40
2021-05-28CISAUS-CERT
@online{uscert:20210528:alert:be89c5f, author = {US-CERT}, title = {{Alert (AA21-148A): Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs}}, date = {2021-05-28}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-148a}, language = {English}, urldate = {2021-07-27} } Alert (AA21-148A): Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs
Cobalt Strike
2021-05-28CISAUS-CERT
@online{uscert:20210528:malware:0913332, author = {US-CERT}, title = {{Malware Analysis Report (AR21-148A): Cobalt Strike Beacon}}, date = {2021-05-28}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-148a}, language = {English}, urldate = {2021-07-19} } Malware Analysis Report (AR21-148A): Cobalt Strike Beacon
Cobalt Strike