Slándáil Research:
Feeds
Feeds
Search
Search Engine
Feed: US-CERT Alerts
Link
#StopRansomware: Akira Ransomware
#StopRansomware: Phobos Ransomware
SVR Cyber Actors Adapt Tactics for Initial Cloud Access
Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways
Threat Actor Leverages Compromised Account of Former Employee to Access State Government Organization
PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure
Known Indicators of Compromise Associated with Androxgh0st Malware
#StopRansomware: ALPHV Blackcat
Enhancing Cyber Resilience: Insights from the CISA Healthcare and Public Health Sector Risk and Vulnerability Assessment
Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally
#StopRansomware: Play Ransomware
Russian FSB Cyber Actor Star Blizzard Continues Worldwide Spear-phishing Campaigns
Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers
IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities
#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability
Scattered Spider
#StopRansomware: Rhysida Ransomware
Threat Actors Exploit Atlassian Confluence CVE-2023-22515 for Initial Access to Networks
#StopRansomware: AvosLocker Ransomware (Update)
NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations
People's Republic of China-Linked Cyber Actors Hide in Router Firmware
#StopRansomware: Snatch Ransomware
Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475
Identification and Disruption of QakBot Infrastructure
2022 Top Routinely Exploited Vulnerabilities
Threat Actors Exploiting Ivanti EPMM Vulnerabilities
Preventing Web Application Access Control Abuse
Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells
Enhanced Monitoring to Detect APT Activity Targeting Outlook Online
Increased Truebot Activity Infects U.S. and Canada Based Networks
Understanding Ransomware Threat Actors: LockBit
#StopRansomware: CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability
People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection
#StopRansomware: BianLian Ransomware Group
Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG
Hunting Russian Intelligence “Snake” Malware
APT28 Exploits Known Vulnerability to Carry Out Reconnaissance and Deploy Malware on Cisco Routers
<a href="https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-075a" hreflang="en">#StopRansomware: LockBit 3.0</a>
#StopRansomware: LockBit 3.0
<a href="https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-074a" hreflang="en">Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server</a>
Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server
Threat Actors Exploit Progress Telerik Vulnerabilities in Multiple U.S. Government IIS Servers
<a href="https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-059a" hreflang="en">CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks</a>
CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks
<a href="https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-061a" hreflang="en">#StopRansomware: Royal Ransomware</a>
#StopRansomware: Royal Ransomware
<a href="https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-040a" hreflang="en">#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities</a>
#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
<a href="https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-039a" hreflang="en">ESXiArgs Ransomware Virtual Machine Recovery Guidance</a>
ESXiArgs Ransomware Virtual Machine Recovery Guidance
AA23-040A: #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
AA23-039A: ESXiArgs Ransomware Virtual Machine Recovery Guidance
<a href="https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-277a" hreflang="en">Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization</a>
<a href="https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-279a" hreflang="en">Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors</a>
<a href="https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-294a" hreflang="en">#StopRansomware: Daixin Team</a>
<a href="https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-320a" hreflang="en">Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester</a>
<a href="https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-321a" hreflang="en">#StopRansomware: Hive Ransomware</a>
<a href="https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-335a" hreflang="en">#StopRansomware: Cuba Ransomware</a>
<a href="https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-025a" hreflang="en">Protecting Against Malicious Use of Remote Monitoring and Management Software</a>
Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester
#StopRansomware: Hive Ransomware
#StopRansomware: Cuba Ransomware
Protecting Against Malicious Use of Remote Monitoring and Management Software
AA23-025A: Protecting Against Malicious Use of Remote Monitoring and Management Software
AA22-335A: #StopRansomware: Cuba Ransomware
AA22-321A: #StopRansomware: Hive Ransomware
AA22-320A: Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester
AA22-294A: #StopRansomware: Daixin Team
AA22-279A: Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors
AA22-277A: Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization
AA22-265A: Control System Defense: Know the Opponent
A22-264A: Iranian State Actors Conduct Cyber Operations Against the Government of Albania
AA22-264A: Iranian State Actors Conduct Cyber Operations Against the Government of Albania
AA22-257A: Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations
AA22-249A: #StopRansomware: Vice Society
AA22-228A: Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite
AA22-223A: #StopRansomware: Zeppelin Ransomware
AA22-216A: 2021 Top Malware Strains
AA22-187A: North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector
AA22-181A: #StopRansomware: MedusaLocker
AA22-174A: Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems
AA22-158A: People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices
AA22-152A: Karakurt Data Extortion Group
AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control
AA22-138A: Threat Actors Exploiting F5 BIG-IP CVE-2022-1388
AA22-137A: Weak Security Controls and Practices Routinely Exploited for Initial Access
AA22-131A: Protecting Against Cyber Threats to Managed Service Providers and their Customers
AA22-117A: 2021 Top Routinely Exploited Vulnerabilities
AA22-110A: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
AA22-108A: TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies
AA22-103A: APT Cyber Tools Targeting ICS/SCADA Devices
AA22-083A: Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector
AA22-076A: Strengthening Cybersecurity of SATCOM Network Providers and Customers
AA22-074A: Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability
AA22-057A: Destructive Malware Targeting Organizations in Ukraine
AA22-057A: Update: Destructive Malware Targeting Organizations in Ukraine
AA22-055A : Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks
AA22-054A: New Sandworm Malware Cyclops Blink Replaces VPNFilter
AA22-047A: Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology
AA22-040A: 2021 Trends Show Increased Globalized Threat of Ransomware
AA22-011A: Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
AA21-356A: Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
AA21-336A: APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus
AA21-321A: Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
AA21-291A: BlackMatter Ransomware
AA21-287A: Ongoing Cyber Threats to U.S. Water and Wastewater Systems
AA21-265A: Conti Ransomware
AA21-259A: APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus
AA21-243A: Ransomware Awareness for Holidays and Weekends
AA21-229A: BadAlloc Vulnerability Affecting BlackBerry QNX RTOS
AA21-209A: Top Routinely Exploited Vulnerabilities
AA21-201A: Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013
AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department
AA21-200B: Chinese State-Sponsored Cyber Operations: Observed TTPs
AA21-148A: Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs
AA21-131A: DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks
AA21-116A: Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders
AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities
AA21-077A: Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool
AA21-076A: TrickBot Malware
AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities
AA21-055A: Exploitation of Accellion File Transfer Appliance
AA21-048A: AppleJeus: Analysis of North Korea’s Cryptocurrency Malware
AA21-042A: Compromise of U.S. Water Treatment Facility
![securit.ie Logo by clatrickparke[@]gmail.com](/static/slandail-logo.png){kind=logo}
Slándáil Research: Feeds