If you’re going to be phished, you might as well be courted by some of Russia’s digital finest—at least that’s what a fresh report from Volexity would lead you to believe, as Ukraine-linked NGOs have found themselves starring in an unexpected cyber-espionage romcom, with the Russian hacking...
Microsoft 365 users—especially those with links to Ukraine or human rights circles—have recently been finding themselves the unwitting stars in an international cyber-thriller: Russian-linked hackers are back, and this time, they've upgraded from phishing Netflix logins to abusing Microsoft's...
Original release date: November 17, 2021
Summary
Actions to Take Today to Protect Against Iranian State-Sponsored Malicious Cyber Activity
• Immediately patch software affected by the following vulnerabilities: CVE-2021-34473, 2018-13379, 2020-12812, and 2019-5591.
• Implement Link Removed.
•...
Original release date: September 16, 2021
Summary
This Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 8. See the ATT&CK for Enterprise for referenced threat actor tactics and for techniques.
This joint advisory is...
Original release date: July 19, 2021
Summary
This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9, and MITRE D3FEND™ framework, version 0.9.2-BETA-3. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques...
Original release date: March 17, 2021
Summary
This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques.
The Cybersecurity and Infrastructure Security Agency...
Original release date: December 17, 2020
Summary
This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 8 framework. See the ATT&CK for Enterprise version 8 for all referenced threat actor tactics and techniques.
The Cybersecurity and Infrastructure...
Original release date: December 1, 2020<br/><h3>Summary</h3><p class="tip-intro" style="font-size: 15px;"><em>This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the <a href="Techniques - Enterprise | MITRE ATT&CK®">ATT&CK for...
Original release date: October 30, 2020
Summary
This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques.
This joint cybersecurity advisory...
Original release date: October 27, 2020
Summary
This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques.
This joint cybersecurity advisory...
Original release date: October 22, 2020
Summary
This joint cybersecurity advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor tactics and techniques
This joint cybersecurity...
Original release date: October 6, 2020
Summary
This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.
This product was written by the Cybersecurity and...
Original release date: September 15, 2020
Summary
This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.
This product was written by the Cybersecurity and...
Original release date: September 1, 2020
Summary
This joint advisory is the result of a collaborative research effort by the cybersecurity authorities of five nations: Australia,[Link Removed] Canada,[2] New Zealand,[3][4] the United Kingdom,[5] and the United States.[Link Removed] It...
Original release date: August 14, 2020
Summary
This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.
The Cybersecurity and Infrastructure Security Agency (CISA)...
Original release date: July 24, 2020
Summary
The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this alert in response to recently disclosed exploits that target F5 BIG-IP devices that are vulnerable to CVE-2020-5902. F5 Networks, Inc. (F5) released a patch for CVE-2020-5902...
Original release date: July 1, 2020
Summary
This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) and Pre-ATT&CK framework. See the ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced threat actor techniques.
This advisory—written by the...
Original release date: April 16, 2020
Summary
Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques and mitigations.
This Alert provides an update...
Original release date: March 27, 2018
Systems Affected
Networked systems
Overview
According to information derived from FBI investigations, malicious cyber actors are increasingly using a style of brute force attack known as password spraying against organizations in the United States and...
Original release date: April 27, 2017 | Last revised: May 14, 2017
Systems Affected
Networked Systems
Overview
The National Cybersecurity and Communications Integration Center (NCCIC) has become aware of an emerging sophisticated campaign, occurring since at least May 2016, that uses...