US CERT

U.S. CISA and Australia's ACSC Release List of 2021’s Top Malware Strains

As per the advisory, the top malware strains of 2021 include Agent Tesla, AZORult, Formbook, Ursnif, LokiBot, MOUSEISLAND, NanoCore, Qakbot, Remcos, TrickBot and GootLoader.

North Korean Cyber Actors Using Maui Ransomware to Target the Healthcare and Public Health Sector

This joint advisory provides information—including tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs)—on Maui ransomware obtained from FBI incident response activities and industry analysis of a Maui sample.

List of Top 25 Most Dangerous Software Weaknesses for 2022 Published

CISA encourages users and administrators to review the 2022 CWE Top 25 Most Dangerous Software Weaknesses and evaluate recommended mitigations to determine those most suitable to adopt.

Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems

APT actors have continued to exploit CVE-2021-44228 (Log4Shell) in VMware Horizon and Unified Access Gateway (UAG) servers to obtain initial access to organizations that did not apply available patches or workarounds.

US Agencies Warn of Chinese State-backed Hackers Exploiting Telcos to Snoop on Network Traffic

Entities can mitigate the vulnerabilities listed in the advisory by applying the available patches to their systems, replacing end-of-life infrastructure, and implementing a centralized patch management program.

FBI, CISA, Treasury, and FinCEN Warn Against Paying Ransom to Karakurt Extortion Group

The threat actors behind Karakurt have contacted victims’ employees, business partners, and clients with harassing emails and phone calls to pressure the victims to cooperate.

Five Eyes Agencies Warns of Weak Security Controls and Practices Routinely Exploited for Initial Access

Malicious actors commonly use various techniques, including exploits of public-facing applications, external remote services, phishing, trusted relationship, and valid accounts, to gain initial access to victim networks.

Five Eyes Cybersecurity Agencies Reveal Top 15 Most Exploited Vulnerabilities of 2021

In partnership with the NSA and the FBI, cybersecurity authorities worldwide have released today a list of the top 15 vulnerabilities routinely exploited by threat actors during 2021.

US and Allies Warn of Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure

This malicious cyber activity may occur as a response to the unprecedented economic costs imposed on Russia as well as material support provided by the United States, its allies, and partners.

US Federal Agencies Warn of North Korean State-Sponsored APT Targeting Blockchain Companies

Intrusions begin with a large number of spearphishing messages sent to employees of cryptocurrency companies—often working in system administration or software development/IT operations (DevOps)—on a variety of communication platforms.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags