16 matches found
EUVD-2016-8290
Malware in sbrugna...
From Text to Actionable Intelligence: Automating STIX Entity and Relationship Extraction
Sharing methods of attack and their effectiveness is a cornerstone of building robust defensive systems. Threat analysis reports, produced by various individuals and organizations, play a critical role in supporting security operations and combating emerging threats. To enhance the timeliness and...
Exploitation of Pulse Connect Secure Vulnerabilities
Summary The Cybersecurity and Infrastructure Security Agency CISA is aware of compromises affecting a number of U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actor—or actors—beginning in June 2020 or earlier related to...
Malware Targeting Pulse Secure Devices
As part of CISA’s ongoing response to Pulse Secure compromises, CISA has analyzed 13 malware samples related to exploited Pulse Secure devices. CISA encourages users and administrators to review the following 13 malware analysis reports MARs for threat actor techniques, tactics, and procedures TT...
CISA Releases Analysis Reports on New FiveHands Ransomware
CISA is aware of a recent, successful cyberattack against an organization using a new ransomware variant, known as FiveHands, that has been used to successfully conduct a cyberattack against an organization. CISA has released AR21-126A: FiveHands Ransomware and MAR-10324784-1.v1: FiveHands...
AppleJeus: Analysis of North Korea’s Cryptocurrency Malware
Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This joint advisory is the result of analytic efforts among the Federal Bureau of Investigation FBI,...
Webshells Observed in Post-Compromised Exchange Servers
CISA has added two new Malware Analysis Reports MARs to Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities. Each new MAR AR21-084A and AR21-084B identifies a webshell observed in post-compromised Microsoft Exchange Servers. After successful exploiting a Microsoft Exchange Server...
North Korean Malicious Cyber Activity: AppleJeus
CISA, the Federal Bureau of Investigation, and the Department of the Treasury have released a Joint Cybersecurity Advisory and seven Malware Analysis Reports MARs on the North Korean government’s dissemination of malware that facilitates the theft of cryptocurrency—referred to by the U.S...
North Korea ATM Hack
The US Cybersecurity and Infrastructure Security Agency CISA published a long and technical alert describing a North Korea hacking scheme against ATMs in a bunch of countries worldwide: This joint advisory is the result of analytic efforts among the Cybersecurity and Infrastructure Security Agenc...
North Korean Malicious Cyber Activity: FASTCash
The Cybersecurity Security and Infrastructure Security Agency CISA, the Department of the Treasury, the Federal Bureau of Investigation, and U.S. Cyber Command have released a joint Technical Alert and three Malware Analysis Reports MARs on the North Korean government’s ATM cash-out scheme—referr...
Saferwall - A Hackable Malware Sandbox For The 21St Century
Saferwall is an open source malware analysis platform. It aims for the following goals: Provide a collaborative platform to share samples among malware researchers. Acts as a system expert, to help researchers generates an automated malware analysis report. Hunting platform to find new malwares...
North Korean Malicious Cyber Activity
The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Department of Defense DoD have identified three malware variants—COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH—used by the North Korean government. In addition, U.S. Cyber Command has released...
North Korean Malicious Cyber Activity
The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Department of Defense DoD have identified a Trojan malware variant—referred to as HOPLIGHT—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the...
Russian APT Map Reveals 22,000 Connections Between 2000 Malware Samples
Though Russia still has an undiversified and stagnant economy, it was one of the early countries in the world to realize the value of remotely conducted cyber intrusions. In recent years, many Russia hacking groups have emerged as one of the most sophisticated nation-state actors in cyberspace,...
Faraday v2.5 - Collaborative Penetration Test and Vulnerability Management Platform
Faraday is the Integrated Multiuser Risk Environment you were looking for! It maps and leverages all the knowledge you generate in real time, letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the impact and risk being assessed by the audit in real-time...
Release Notes for Veeam Management Pack 8.0 Update 4
Challenge Release Notes for Veeam Management Pack 8.0 Update 4. Cause Please confirm you are running Veeam Management Pack 8.0 prior to installing this update. You can check this in Operations Manager console under Administration | Management Packs, the build number should be 8.0.0.2218 or later...