Lucene search
+L

162 matches found

CISA
CISA
added 2022/10/04 12:0 a.m.14 views

Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization

CISA, the Federal Bureau of Investigation FBI, and the National Security Agency NSA have released a joint Cybersecurity Advisory CSA, Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization, highlighting advanced persistent threat APT activity...

1.6AI score
Exploits0References2
ICS
ICS
added 2022/09/08 12:0 p.m.118 views

#StopRansomware: Vice Society

Note: This joint Cybersecurity Advisory CSA is part of an ongoing StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These StopRansomware advisories include recently and historically observed tactics, techniques,...

9.3CVSS10AI score0.99759EPSS
Exploits75References56
ICS
ICS
added 2022/09/08 12:0 p.m.64 views

#StopRansomware: Vice Society

Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize and remediate known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce multifactor authentication. Note: This joint Cybersecurity Advisory CSA is part of an...

9.3CVSS10AI score0.99759EPSS
Exploits75References62
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/08/24 4:0 p.m.56 views

Looking for the ‘Sliver’ lining: Hunting for emerging command-and-control frameworks

Microsoft has observed the Sliver command-and-control C2 framework now being adopted and integrated in intrusion campaigns by nation-state threat actors, cybercrime groups directly supporting ransomware and extortion, and other threat actors to evade detection. We’ve seen these actors use Sliver...

0.1AI score
Exploits0
Trellix
Trellix
added 2022/08/24 12:0 a.m.65 views

Demystifying Qbot Malware

Demystifying Qbot Malware By Adithya Chandra and Sushant Kumar Arya · August 24, 2022 Executive summary The Trellix SecOps Team has observed an uptick in the Qbot malware infections in recent months. Qbot has been an active threat for over 14 years and continues to evolve, adopting new infection...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/16 2:45 p.m.21 views

CISA and FBI issue alert about Zeppelin ransomware

The Federal Bureau of Investigation FBI and the Cybersecurity and Infrastructure Security Agency CISA have released a joint Cybersecurity Advisory CSA about Zeppelin ransomware. The advisory contains indicators of compromise IOCs and tactics, techniques, and procedures TTPs associated with...

0.1AI score
Exploits0
hivepro
hivepro
added 2022/08/16 5:0 a.m.140 views

Vulnerabilities & Threats that Matter 08 – 14th Aug

Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 563 14 3 69 08 71 For a detailed threat digest, download the pdf file here Summary The second week of August 2022 witnessed the discovery of 563 vulnerabilities out of whi...

9.3CVSS1AI score0.9981EPSS
Exploits220
The Hacker News
The Hacker News
added 2022/08/11 10:21 a.m.466 views

Hackers Behind Cuba Ransomware Attacks Using New RAT Malware

Threat actors associated with the Cuba ransomware have been linked to previously undocumented tactics, techniques and procedures TTPs, including a new remote access trojan called ROMCOM RAT on compromised systems. The new findings come from Palo Alto Networks' Unit 42 threat intelligence team,...

10CVSS0.7AI score0.99512EPSS
Exploits77
hivepro
hivepro
added 2022/08/08 7:14 p.m.14 views

Vulnerabilities & Threats that Matter 01 – 07th Aug

Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 461 12 1 60 30 26 For a detailed threat digest, download the pdf file here Summary The first week of August 2022 witnessed the discovery of 461 vulnerabilities out of whic...

2.2AI score
Exploits0
hivepro
hivepro
added 2022/08/02 10:7 a.m.20 views

Vulnerabilities & Threats that Matter 25 – 31st July

Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 462 7 4 52 22 64 For a detailed threat digest, download the pdf file here Summary The Last week of July 2022 witnessed the discovery of 462 vulnerabilities out of which 7...

1.3AI score
Exploits0
hivepro
hivepro
added 2022/07/26 5:2 a.m.19 views

Vulnerabilities & Threats that Matter 18 – 24th July

Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 497 11 2 Worldwide 6 33 For a detailed threat digest, download the pdf file here Summary The third week of July 2022 witnessed the discovery of 497 vulnerabilities out of...

1.2AI score
Exploits0
hivepro
hivepro
added 2022/07/19 12:46 p.m.16 views

Vulnerabilities & Threats that Matter 11-17 July 2022

Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 580 37 2 World-wide 11 61 For a detailed threat digest, download the pdf file here Summary The second week of July 2022 witnessed the discovery of 580 vulnerabilities out ...

1.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/10 9:43 p.m.20 views

North Korean APT targets US healthcare sector with Maui ransomware

State-sponsored North Korean threat actors have been targeting the US Healthcare and Public Health HPH sector for the past year using the Maui ransomware, according to a joint cybersecurity advisory CSA from the FBI, Cybersecurity and Infrastructure Security Agency CISA, and the Department of the...

Exploits0
hivepro
hivepro
added 2022/06/29 6:58 a.m.5 views

Vulnerabilities & Threats that Matter 20 June – 26 June 2022

Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 413 14 4 121 19 33 For a detailed threat digest, download the pdf file here Summary The last week of June 2022 witnessed the discovery of 413 vulnerabilities out of which ...

1.6AI score
Exploits0
Securelist
Securelist
added 2022/06/23 10:0 a.m.19 views

The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs

These days ransomware analysis gets a lot of coverage in commercial and public reports, with vendors issuing dozens of ransomware-related publications each year. These reports provide analysis on specific malware families or new samples, describe the activities of a particular ransomware group,...

0.2AI score
Exploits0
hivepro
hivepro
added 2022/06/21 3:11 a.m.10 views

Vulnerabilities & Threats that Matter 13 June – 19 June 2022

Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 798 53 1 109 4 13 For a detailed threat digest, download the pdf file here Summary The first week of June 2022 witnessed the discovery of 798 vulnerabilities out of which ...

0.6AI score
Exploits0
Qualys Blog
Qualys Blog
added 2022/06/15 9:46 p.m.24 views

New Qualys Research Report: Inside a Redline InfoStealer Campaign

The Qualys Threat Research Team continues its efforts to identify and document previously unseen adversary activity to better understand their tactics, techniques, and procedures TTPs and defend against them. Recently we identified a new Redline InfoStealer campaign that spreads via fake cracked...

1.1AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/06/13 4:0 p.m.29 views

The many lives of BlackCat ransomware

The BlackCat ransomware, also known as ALPHV, is a prevalent threat and a prime example of the growing ransomware-as-a-service RaaS gig economy. It’s noteworthy due to its unconventional programming language Rust, multiple target devices and possible entry points, and affiliation with prolific...

0.8AI score
Exploits0
Trellix
Trellix
added 2022/06/06 12:0 a.m.11 views

Growling Bears Make Thunderous Noise

Growling Bears Make Thunderous Noise By Trellix · June 6, 2022 Per public attribution, Russian cybercriminal groups have always been active. Their tactics, techniques, and procedures TTPs have not significantly evolved over time, although some changes have been observed. Lately, the threat...

7.2AI score
Exploits0
ICS
ICS
added 2022/06/02 12:0 p.m.55 views

Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control

Summary Update June 2, 2022: This Cybersecurity Advisory CSA has been updated with additional indicators of compromise IOCs and detection signatures, as well as tactics, techniques, and procedures TTPs from trusted third parties. Update End The Cybersecurity and Infrastructure Security Agency CIS...

10CVSS10AI score0.99997EPSS
Exploits34References80
Rows per page
Query Builder