Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-07-21CISAUS-CERT
@online{uscert:20210721:malware:d7afb6d, author = {US-CERT}, title = {{Malware Targeting Pulse Secure Devices}}, date = {2021-07-21}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/current-activity/2021/07/21/malware-targeting-pulse-secure-devices}, language = {English}, urldate = {2021-07-22} } Malware Targeting Pulse Secure Devices
2021-07-20CISAUS-CERT
@online{uscert:20210720:alert:e6916fe, author = {US-CERT}, title = {{Alert (AA21-201A): Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013}}, date = {2021-07-20}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-201a}, language = {English}, urldate = {2021-07-26} } Alert (AA21-201A): Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013
2021-07-08CISAUS-CERT
@online{uscert:20210708:malware:5341e6c, author = {US-CERT}, title = {{Malware Analysis Report (AR21-189A): DarkSide Ransomware}}, date = {2021-07-08}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-189a}, language = {English}, urldate = {2021-07-19} } Malware Analysis Report (AR21-189A): DarkSide Ransomware
DarkSide
2021-07-04CISAUS-CERT
@online{uscert:20210704:cisafbi:1e199f1, author = {US-CERT}, title = {{CISA-FBI Guidance for MSPs and their Customers Affected by the Kaseya VSA Supply-Chain Ransomware Attack}}, date = {2021-07-04}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/current-activity/2021/07/04/cisa-fbi-guidance-msps-and-their-customers-affected-kaseya-vsa}, language = {English}, urldate = {2021-07-09} } CISA-FBI Guidance for MSPs and their Customers Affected by the Kaseya VSA Supply-Chain Ransomware Attack
REvil REvil
2021-06-19CISAUS-CERT
@online{uscert:20210619:alert:fae1a38, author = {US-CERT}, title = {{Alert (AA21-200A): Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department}}, date = {2021-06-19}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-200a}, language = {English}, urldate = {2021-07-26} } Alert (AA21-200A): Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department
Leviathan
2021-05-28CISAUS-CERT
@online{uscert:20210528:malware:0913332, author = {US-CERT}, title = {{Malware Analysis Report (AR21-148A): Cobalt Strike Beacon}}, date = {2021-05-28}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-148a}, language = {English}, urldate = {2021-07-19} } Malware Analysis Report (AR21-148A): Cobalt Strike Beacon
Cobalt Strike
2021-05-28CISAUS-CERT
@online{uscert:20210528:alert:be89c5f, author = {US-CERT}, title = {{Alert (AA21-148A): Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs}}, date = {2021-05-28}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-148a}, language = {English}, urldate = {2021-07-27} } Alert (AA21-148A): Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs
Cobalt Strike
2021-05-14CISAUS-CERT
@online{uscert:20210514:analysis:f0b767a, author = {US-CERT}, title = {{Analysis Report (AR21-134A): Eviction Guidance for Networks Affected by the SolarWinds and Active Directory/M365 Compromise}}, date = {2021-05-14}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-134a}, language = {English}, urldate = {2021-07-19} } Analysis Report (AR21-134A): Eviction Guidance for Networks Affected by the SolarWinds and Active Directory/M365 Compromise
SUNBURST
2021-05-11CISAUS-CERT
@online{uscert:20210511:alert:a9224cc, author = {US-CERT}, title = {{Alert (AA21-131A) DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks}}, date = {2021-05-11}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-131a}, language = {English}, urldate = {2021-05-13} } Alert (AA21-131A) DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks
DarkSide
2021-04-22CISAUS-CERT
@online{uscert:20210422:ar21112a:98e8675, author = {US-CERT}, title = {{AR21-112A: CISA Identifies SUPERNOVA Malware During Incident Response}}, date = {2021-04-22}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-112a}, language = {English}, urldate = {2021-04-28} } AR21-112A: CISA Identifies SUPERNOVA Malware During Incident Response
SUPERNOVA
2021-04-20CISAUS-CERT
@online{uscert:20210420:alert:26e1ecd, author = {US-CERT}, title = {{Alert (AA21-110A): Exploitation of Pulse Connect Secure Vulnerabilities}}, date = {2021-04-20}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-110a}, language = {English}, urldate = {2021-04-28} } Alert (AA21-110A): Exploitation of Pulse Connect Secure Vulnerabilities
2021-04-15CISAUS-CERT
@online{uscert:20210415:malware:27f4af4, author = {US-CERT}, title = {{Malware Analysis Report (AR21-105A): SUNSHUTTLE}}, date = {2021-04-15}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-105a}, language = {English}, urldate = {2021-04-16} } Malware Analysis Report (AR21-105A): SUNSHUTTLE
GoldMax
2021-04-12CISAUS-CERT
@online{uscert:20210412:analysis:5c10e58, author = {US-CERT}, title = {{Analysis Report (AR21-102B): DearCry Ransomware}}, date = {2021-04-12}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-102b}, language = {English}, urldate = {2021-04-16} } Analysis Report (AR21-102B): DearCry Ransomware
dearcry
2021-04-06CISAUS-CERT
@online{uscert:20210406:malicious:8bc78d2, author = {US-CERT}, title = {{Malicious Cyber Activity Targeting Critical SAP Applications}}, date = {2021-04-06}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/current-activity/2021/04/06/malicious-cyber-activity-targeting-critical-sap-applications}, language = {English}, urldate = {2021-04-06} } Malicious Cyber Activity Targeting Critical SAP Applications
2021-04CISAUS-CERT
@techreport{uscert:202104:defending:6e83626, author = {US-CERT}, title = {{Defending Against Software Supply Chain Attacks}}, date = {2021-04}, institution = {CISA}, url = {https://www.cisa.gov/sites/default/files/publications/defending_against_software_supply_chain_attacks_508.pdf}, language = {English}, urldate = {2021-05-03} } Defending Against Software Supply Chain Attacks
2021-03-18CISAUS-CERT
@online{uscert:20210318:alert:bff148c, author = {US-CERT}, title = {{Alert (AA21-077A): Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool}}, date = {2021-03-18}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-077a}, language = {English}, urldate = {2021-03-19} } Alert (AA21-077A): Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool
SUNBURST
2021-03-17CISAUS-CERT
@techreport{uscert:20210317:solarwinds:3d7860a, author = {US-CERT}, title = {{SolarWinds and Active Directory/M365 Compromise: Detecting Advanced Persistent Threat Activity from Known Tactics, Techniques, and Procedures (Dead Link)}}, date = {2021-03-17}, institution = {CISA}, url = {https://us-cert.cisa.gov/sites/default/files/publications/SolarWinds_and_AD-M365_Compromise-Detecting_APT_Activity_from_Known_TTPs.pdf}, language = {English}, urldate = {2021-08-02} } SolarWinds and Active Directory/M365 Compromise: Detecting Advanced Persistent Threat Activity from Known Tactics, Techniques, and Procedures (Dead Link)
SUNBURST
2021-03-17CISAUS-CERT
@online{uscert:20210317:alert:5d25361, author = {US-CERT}, title = {{Alert (AA21-076A): TrickBot Malware}}, date = {2021-03-17}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-076a}, language = {English}, urldate = {2021-03-19} } Alert (AA21-076A): TrickBot Malware
TrickBot
2021-03-10US-CERTCISA
@online{cisa:20210310:remediating:23bf74d, author = {CISA}, title = {{Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise}}, date = {2021-03-10}, organization = {US-CERT}, url = {https://us-cert.cisa.gov/remediating-apt-compromised-networks}, language = {English}, urldate = {2021-03-12} } Remediating Networks Affected by the SolarWinds and Active Directory/M365 Compromise
SUNBURST
2021-03-03CISAUS-CERT
@online{uscert:20210303:mitigate:556c160, author = {US-CERT}, title = {{Mitigate Microsoft Exchange On-Premises Product Vulnerabilities}}, date = {2021-03-03}, organization = {CISA}, url = {https://www.cisa.gov/ed2102}, language = {English}, urldate = {2021-03-19} } Mitigate Microsoft Exchange On-Premises Product Vulnerabilities