Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-04-13CISAUS-CERT
@online{uscert:20220413:alert:e8e47a3, author = {US-CERT}, title = {{Alert (AA22-103A) APT Cyber Tools Targeting ICS/SCADA Devices}}, date = {2022-04-13}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-103a}, language = {English}, urldate = {2022-04-14} } Alert (AA22-103A) APT Cyber Tools Targeting ICS/SCADA Devices
2022-03-24CISAUS-CERT
@online{uscert:20220324:alert:03a7f21, author = {US-CERT}, title = {{Alert (AA22-083A) Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector}}, date = {2022-03-24}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-083a}, language = {English}, urldate = {2022-03-25} } Alert (AA22-083A) Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector
Havex RAT Triton
2022-03-17CISAUS-CERT
@techreport{uscert:20220317:alert:5cbab55, author = {US-CERT}, title = {{Alert (AA22-076A) Strengthening Cybersecurity of SATCOM Network Providers and Customers}}, date = {2022-03-17}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-076_Strengthening_Cybersecurity_of_SATCOM_Network_Providers_and_Customers.pdf}, language = {English}, urldate = {2022-04-07} } Alert (AA22-076A) Strengthening Cybersecurity of SATCOM Network Providers and Customers
2022-03-15CISAUS-CERT
@online{uscert:20220315:alert:2cd6a44, author = {US-CERT}, title = {{Alert (AA22-074A) Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability}}, date = {2022-03-15}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-074a}, language = {English}, urldate = {2022-03-17} } Alert (AA22-074A) Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability
2022-02-16CISAUS-CERT, NSA, FBI
@online{uscert:20220216:alert:8b4e4d2, author = {US-CERT and NSA and FBI}, title = {{Alert (AA22-047A) Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology}}, date = {2022-02-16}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-047a}, language = {English}, urldate = {2022-02-19} } Alert (AA22-047A) Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology
2021-12-02CISAUS-CERT
@online{uscert:20211202:alert:ac0edaf, author = {US-CERT}, title = {{Alert (AA21-336A): APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus}}, date = {2021-12-02}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-336a}, language = {English}, urldate = {2021-12-07} } Alert (AA21-336A): APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus
KDC Sponge NGLite
2021-10-18CISAUS-CERT
@online{uscert:20211018:alert:5701532, author = {US-CERT}, title = {{Alert (AA21-291A): BlackMatter Ransomware}}, date = {2021-10-18}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-291a}, language = {English}, urldate = {2021-10-24} } Alert (AA21-291A): BlackMatter Ransomware
BlackMatter BlackMatter
2021-10-14CISAUS-CERT
@online{uscert:20211014:alert:56cfcda, author = {US-CERT}, title = {{Alert (AA21-287A) Ongoing Cyber Threats to U.S. Water and Wastewater Systems}}, date = {2021-10-14}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-287a}, language = {English}, urldate = {2021-10-25} } Alert (AA21-287A) Ongoing Cyber Threats to U.S. Water and Wastewater Systems
2021-09-22CISAUS-CERT
@online{uscert:20210922:alert:50b9d38, author = {US-CERT}, title = {{Alert (AA21-265A) Conti Ransomware}}, date = {2021-09-22}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-265a}, language = {English}, urldate = {2021-10-05} } Alert (AA21-265A) Conti Ransomware
Cobalt Strike Conti
2021-09-16CISAUS-CERT
@online{uscert:20210916:actors:ee20adf, author = {US-CERT}, title = {{APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus}}, date = {2021-09-16}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-259a}, language = {English}, urldate = {2021-09-19} } APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus
2021-07-21CISAUS-CERT
@online{uscert:20210721:malware:d7afb6d, author = {US-CERT}, title = {{Malware Targeting Pulse Secure Devices}}, date = {2021-07-21}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/current-activity/2021/07/21/malware-targeting-pulse-secure-devices}, language = {English}, urldate = {2021-07-22} } Malware Targeting Pulse Secure Devices
2021-07-20CISAUS-CERT
@online{uscert:20210720:alert:e6916fe, author = {US-CERT}, title = {{Alert (AA21-201A): Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013}}, date = {2021-07-20}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-201a}, language = {English}, urldate = {2021-07-26} } Alert (AA21-201A): Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013
2021-07-08CISAUS-CERT
@online{uscert:20210708:malware:5341e6c, author = {US-CERT}, title = {{Malware Analysis Report (AR21-189A): DarkSide Ransomware}}, date = {2021-07-08}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-189a}, language = {English}, urldate = {2021-07-19} } Malware Analysis Report (AR21-189A): DarkSide Ransomware
DarkSide
2021-07-04CISAUS-CERT
@online{uscert:20210704:cisafbi:1e199f1, author = {US-CERT}, title = {{CISA-FBI Guidance for MSPs and their Customers Affected by the Kaseya VSA Supply-Chain Ransomware Attack}}, date = {2021-07-04}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/current-activity/2021/07/04/cisa-fbi-guidance-msps-and-their-customers-affected-kaseya-vsa}, language = {English}, urldate = {2021-07-09} } CISA-FBI Guidance for MSPs and their Customers Affected by the Kaseya VSA Supply-Chain Ransomware Attack
REvil REvil
2021-06-19CISAUS-CERT
@online{uscert:20210619:alert:fae1a38, author = {US-CERT}, title = {{Alert (AA21-200A): Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department}}, date = {2021-06-19}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-200a}, language = {English}, urldate = {2021-07-26} } Alert (AA21-200A): Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department
Leviathan
2021-05-28CISAUS-CERT
@online{uscert:20210528:alert:be89c5f, author = {US-CERT}, title = {{Alert (AA21-148A): Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs}}, date = {2021-05-28}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-148a}, language = {English}, urldate = {2021-07-27} } Alert (AA21-148A): Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs
Cobalt Strike
2021-05-28CISAUS-CERT
@online{uscert:20210528:malware:0913332, author = {US-CERT}, title = {{Malware Analysis Report (AR21-148A): Cobalt Strike Beacon}}, date = {2021-05-28}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-148a}, language = {English}, urldate = {2021-07-19} } Malware Analysis Report (AR21-148A): Cobalt Strike Beacon
Cobalt Strike
2021-05-14CISAUS-CERT
@online{uscert:20210514:analysis:f0b767a, author = {US-CERT}, title = {{Analysis Report (AR21-134A): Eviction Guidance for Networks Affected by the SolarWinds and Active Directory/M365 Compromise}}, date = {2021-05-14}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-134a}, language = {English}, urldate = {2021-07-19} } Analysis Report (AR21-134A): Eviction Guidance for Networks Affected by the SolarWinds and Active Directory/M365 Compromise
SUNBURST
2021-05-11CISAUS-CERT
@online{uscert:20210511:alert:a9224cc, author = {US-CERT}, title = {{Alert (AA21-131A) DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks}}, date = {2021-05-11}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/alerts/aa21-131a}, language = {English}, urldate = {2021-05-13} } Alert (AA21-131A) DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks
DarkSide
2021-04-22CISAUS-CERT
@online{uscert:20210422:ar21112a:98e8675, author = {US-CERT}, title = {{AR21-112A: CISA Identifies SUPERNOVA Malware During Incident Response}}, date = {2021-04-22}, organization = {CISA}, url = {https://us-cert.cisa.gov/ncas/analysis-reports/ar21-112a}, language = {English}, urldate = {2021-04-28} } AR21-112A: CISA Identifies SUPERNOVA Malware During Incident Response
SUPERNOVA