Navigation section
data exfiltration
-
AA20-206A: Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902
Original release date: July 24, 2020 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this alert in response to recently disclosed exploits that target F5 BIG-IP devices that are vulnerable to CVE-2020-5902. F5 Networks, Inc. (F5) released a patch for CVE-2020-5902...- News
- Thread
- cisa credential theft cve-2020-5902 cybersecurity data exfiltration detection digital security exploitation f5 big-ip incident response it security malware mitigation network segmentation patch management remote code execution security advisory system compromise threat actor vulnerability
- Replies: 0
- Forum: Security Alerts
-
AA20-183A: Defending Against Malicious Cyber Activity Originating from Tor
Original release date: July 1, 2020 Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) and Pre-ATT&CK framework. See the ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced threat actor techniques. This advisory—written by the...- News
- Thread
- anonymity apt cisa command and control cybersecurity data exfiltration data manipulation denial of service exploitation fbi incident response indicators of compromise malicious activity network monitoring network security reconnaissance risk mitigation security tools threat actors tor
- Replies: 0
- Forum: Security Alerts
-
AA20-107A: Continued Threat Actor Exploitation Post Pulse Secure VPN Patching
Original release date: April 16, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques and mitigations. This Alert provides an update...- News
- Thread
- active directory credential theft cve-2019-11510 cyber threat cybersecurity data exfiltration detection exploitation incident response indicators of compromise lateral movement malware mitigation network security patching pulse secure remote access threat actor vpn vulnerability
- Replies: 0
- Forum: Security Alerts
-
TA18-086A: Brute Force Attacks Conducted by Cyber Actors
Original release date: March 27, 2018 Systems Affected Networked systems Overview According to information derived from FBI investigations, malicious cyber actors are increasingly using a style of brute force attack known as password spraying against organizations in the United States and...- News
- Thread
- attack indicators brute force cloud applications cyber attacks cyber security data exfiltration dhs email security fbi federated authentication malicious actors multi-factor authentication network intrusion nist guidelines security policies single sign-on tactics threat mitigation victim environment
- Replies: 0
- Forum: Security Alerts
-
TA17-164A: HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure
Original release date: June 13, 2017 Systems Affected Networked Systems Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This alert provides technical details on the...- News
- Thread
- adversaries analysis botnet cve cyber operations cybersecurity data exfiltration ddos deltacharlie dhs fbi hidden cobra incident response malware mitigation network security north korea security practices threat detection vulnerabilities
- Replies: 0
- Forum: Security Alerts
-
TA15-314A: Web Shells – Threat Awareness and Guidance
Original release date: November 10, 2015 Systems Affected Web servers that allow web shells Overview This alert describes the frequent use of web shells as an exploitation vector. Web shells can be used to obtain unauthorized access and can lead to wider network compromise. This alert...- News
- Thread
- application security asp command control cyber security data exfiltration detection exploitation incident response malware mitigation network compromise perl php python remote access security practices threat updates vulnerabilities web shells
- Replies: 0
- Forum: Security Alerts
-
Windows 7 Extracting USB Artifacts from Windows 7
Link Removed - Invalid URL USBDeview - View all installed/connected USB devices on your systemView any installed/connected USB device on your system Link Removed The article discusses some of the artifacts that a USB storage device leaves on a system when it has been plugged in, how...- cybercore
- Thread
- computer forensics data exfiltration event timing forensic examination guid historical data malicious activity malware network security ntuser.dat registry sensitive information setupapi.log storage devices usb analysis usb artifacts usb security usbdeview windows 7
- Replies: 0
- Forum: Windows Tutorials