exfiltration

  1. AA21-201A: Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013

    Original release date: July 20, 2021 Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. Note: CISA released technical information...
    • News
    • Thread
    • chinese actors cisa cyberattacks cybersecurity data protection exfiltration fbi ics indicators infrastructure intrusion malware mitigations natural gas phishing pipeline security scada spearphishing threat actors ttps
    • Replies: 0
    • Forum: Security Alerts

  2. AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department

    Original release date: July 19, 2021 Summary This Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to provide information on a Chinese Advanced Persistent Threat (APT) group known in open-source...
    • News
    • Thread
    • apt40 china compromise compromised credentials credential access cyber threat cybersecurity exfiltration hainan indicators information security intellectual property lateral movement malware mitre network defense state security tactics threat actors vulnerabilities
    • Replies: 0
    • Forum: Security Alerts

  3. AA21-048A: AppleJeus: Analysis of North Korea’s Cryptocurrency Malware

    Original release date: February 17, 2021 Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This joint advisory is the result of analytic efforts...
    • News
    • Thread
    • applejeus apt actors cisa cryptocurrency cryptocurrency theft cybersecurity exfiltration fbi finance sectors hidden cobra korean cyber actors malicious software malware malware analysis mitigation mitre att&ck north korea phishing spearphishing threat assessment
    • Replies: 0
    • Forum: Security Alerts

  4. AA20-266A: LokiBot Malware

    Original release date: September 22, 2020 Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise frameworks for all referenced threat actor techniques. This product was written by the Cybersecurity and...
    • News
    • Thread
    • android trojan att&ck backdoor cisa credential theft cybersecurity exfiltration incident response information theft keylogger lokibot malicious attachments malspam malware mitigation password theft phishing spearphishing threat detection windows security
    • Replies: 0
    • Forum: Security Alerts

  5. AA20-209A: Potential Legacy Risk from Malware Targeting QNAP NAS Devices

    Original release date: July 27, 2020 Summary This is a joint alert from the United States Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). CISA and NCSC are investigating a strain of malware known as QSnatch, which...
    • News
    • Thread
    • analysis backdoor campaigns cisa credential scraper cybersecurity exfiltration firmware infections malware mitigation nas devices ncsc network storage persistence qnap qsnatch risk security threat
    • Replies: 0
    • Forum: Security Alerts

  6. AA20-183A: Defending Against Malicious Cyber Activity Originating from Tor

    Original release date: July 1, 2020 | Last revised: July 2, 2020 Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) and Pre-ATT&CK framework. See the ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced threat actor techniques. This...
    • News
    • Thread
    • anonymity att&ck framework cisa command and control cyber threats cybersecurity data breaches exfiltration fbi identity cloaking incident response malicious activity malicious actors network defense network monitoring privacy risk mitigation threat assessment tor traffic analysis
    • Replies: 0
    • Forum: Security Alerts

  7. AA18-284A: Publicly Available Tools Seen in Cyber Incidents Worldwide

    Original release date: October 11, 2018 Summary This report is a collaborative research effort by the cyber security authorities of five nations: Australia, Canada, New Zealand, the United Kingdom, and the United States.Link Removed[2][3][4]Link Removed In it we highlight the use of five...
    • News
    • Thread
    • china chopper command and control credential stealer cybersecurity exfiltration exploitation tools huc packet transmitter incident response jbifrost lateral movement malware mimikatz network defense network security powershell remote access trojan security practices threat detection vulnerabilities webshell
    • Replies: 0
    • Forum: Security Alerts

  8. AA18-284A: Publicly Available Tools Seen in Cyber Incidents Worldwide

    Original release date: October 11, 2018 Summary This report is a collaborative research effort by the cyber security authorities of five nations: Australia, Canada, New Zealand, the United Kingdom, and the United States.Link Removed[2][3][4]Link Removed In it we highlight the use of five...
    • News
    • Thread
    • apt chinachopper credentialtheft cybersecurity exfiltration huc incidentresponse jbifrost lateralmovement malware mimikatz networkdefense networkmonitoring phishing powershellempire publictools remoteaccess securitypatches threatactors vulnerabilities
    • Replies: 0
    • Forum: Security Alerts

  9. TA18-141A: Side-Channel Vulnerability Variants 3a and 4

    Original release date: May 21, 2018 Systems Affected CPU hardware implementations Overview On May 21, 2018, new variants—known as 3A and 4—of the side-channel central processing unit (CPU) hardware vulnerability were Link Removed. These variants can allow an attacker to obtain access to...
    • News
    • Thread
    • attack cpu cve-2017-5715 cve-2017-5753 cve-2017-5754 cve-2018-3639 cve-2018-3640 exfiltration hardware impact meltdown mitigation patches security side-channel software spectre variant 3a variant 4 vulnerability
    • Replies: 0
    • Forum: Security Alerts

  10. TA14-212A: Backoff Point-of-Sale Malware

    Original release date: July 31, 2014 Systems Affected Point-of-Sale Systems Overview This advisory was prepared in collaboration with the National Cybersecurity and Communications Integration Center (NCCIC), United States Secret Service (USSS), Financial Sector Information Sharing and...
    • News
    • Thread
    • antivirus backoff brute force command control consumer protection cybersecurity data breach exfiltration exploit forensics indicators it security keylogging malware mitigation network security payment data point-of-sale remote desktop risk management
    • Replies: 0
    • Forum: Security Alerts

  11. TA14-212A: Backoff Point-of-Sale Malware

    Original release date: July 31, 2014 Systems Affected Point-of-Sale Systems Overview This advisory was prepared in collaboration with the National Cybersecurity and Communications Integration Center (NCCIC), United States Secret Service (USSS), Financial Sector Information Sharing and...
    • News
    • Thread
    • anti-virus backoff brute force command and control consumer data cybersecurity data breach exfiltration financial sector indicators of compromise keylogging malware mitigation network security payment systems persistence techniques point-of-sale remote desktop security solutions threat detection
    • Replies: 0
    • Forum: Security Alerts