Navigation section
credential access
-
AA21-291A: BlackMatter Ransomware
Original release date: October 18, 2021 Summary Actions You Can Take Now to Protect Against BlackMatter Ransomware • Implement and enforce backup and restoration policies and procedures. • Use Link Removed. • Use Link Removed. • Implement network segmentation and traversal monitoring. Note...- News
- Thread
- active directory backups blackmatter cisa credential access critical infrastructure cybersecurity data protection encryption fbi incident response mitigations monitoring network security nsa ransomware system security tactics techniques threat detection
- Replies: 0
- Forum: Security Alerts
-
VIDEO AA21-265A: Conti Ransomware
Original release date: September 22, 2021 Summary Immediate Actions You Can Take Now to Protect Against Conti Ransomware • Use Link Removed. • Segment and segregate networks and functions. • Update your operating system and software. Note: This Alert uses the MITRE Adversarial Tactics...- News
- Thread
- attack techniques cisa conti credential access cybersecurity data protection exploit fbi incident response malware mitigation multi-factor authentication network security phishing privilege escalation ransomware security updates threat intelligence vulnerabilities windows
- Replies: 0
- Forum: Security Alerts
-
AA21-200B: Chinese State-Sponsored Cyber Operations: Observed TTPs
Original release date: July 19, 2021 Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9, and MITRE D3FEND™ framework, version 0.9.2-BETA-3. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques...- News
- Thread
- chinese cyber operations cisa credential access cyber intelligence cybersecurity data exfiltration exploitation fbi government advisory incident response information security lateral movement malware mitre att&ck national security network security tactics techniques threat actors vulnerabilities
- Replies: 0
- Forum: Security Alerts
-
AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department
Original release date: July 19, 2021 Summary This Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to provide information on a Chinese Advanced Persistent Threat (APT) group known in open-source...- News
- Thread
- apt40 china compromise compromised credentials credential access cyber threat cybersecurity exfiltration hainan indicators information security intellectual property lateral movement malware mitre network defense state security tactics threat actors vulnerabilities
- Replies: 0
- Forum: Security Alerts