Navigation section
lateral movement
-
AA21-200B: Chinese State-Sponsored Cyber Operations: Observed TTPs
Original release date: July 19, 2021 Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9, and MITRE D3FEND™ framework, version 0.9.2-BETA-3. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques...- News
- Thread
- chinese cyber operations cisa credential access cyber intelligence cybersecurity data exfiltration exploitation fbi government advisory incident response information security lateral movement malware mitre att&ck national security network security tactics techniques threat actors vulnerabilities
- Replies: 0
- Forum: Security Alerts
-
AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department
Original release date: July 19, 2021 Summary This Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to provide information on a Chinese Advanced Persistent Threat (APT) group known in open-source...- News
- Thread
- apt40 china compromise compromised credentials credential access cyber threat cybersecurity exfiltration hainan indicators information security intellectual property lateral movement malware mitre network defense state security tactics threat actors vulnerabilities
- Replies: 0
- Forum: Security Alerts
-
AA20-280A: Emotet Malware
Original release date: October 6, 2020 Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. This product was written by the Cybersecurity and...- News
- Thread
- antivirus brute force cisa cybersecurity data exfiltration detection email security emotet lateral movement malicious software malware mitigation mitre network security payload phishing phishing email ransomware threat trojan
- Replies: 1
- Forum: Security Alerts
-
AA20-107A: Continued Threat Actor Exploitation Post Pulse Secure VPN Patching
Original release date: April 16, 2020 | Last revised: June 30, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques and mitigations...- News
- Thread
- active directory cisa credential dumping cve-2019-11510 cybersecurity detection exploitation incident response indicators of compromise iocs lateral movement mitigation network security pulse secure ransomware remote access remote services threat actor vpn vulnerability
- Replies: 0
- Forum: Security Alerts
-
AA20-107A: Continued Threat Actor Exploitation Post Pulse Secure VPN Patching
Original release date: April 16, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques and mitigations. This Alert provides an update...- News
- Thread
- active directory credential theft cve-2019-11510 cyber threat cybersecurity data exfiltration detection exploitation incident response indicators of compromise lateral movement malware mitigation network security patching pulse secure remote access threat actor vpn vulnerability
- Replies: 0
- Forum: Security Alerts
-
AA18-284A: Publicly Available Tools Seen in Cyber Incidents Worldwide
Original release date: October 11, 2018 Summary This report is a collaborative research effort by the cyber security authorities of five nations: Australia, Canada, New Zealand, the United Kingdom, and the United States.Link Removed[2][3][4]Link Removed In it we highlight the use of five...- News
- Thread
- china chopper command and control credential stealer cybersecurity exfiltration exploitation tools huc packet transmitter incident response jbifrost lateral movement malware mimikatz network defense network security powershell remote access trojan security practices threat detection vulnerabilities webshell
- Replies: 0
- Forum: Security Alerts