Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.
Posted: August 12, 2020, 1:49 pm
Original release date: August 12, 2020
The Cybersecurity and Infrastructure Security Agency (CISA) is currently tracking an unknown malicious cyber actor who is spoofing the Small Business Administration (SBA) COVID-19 loan relief webpage via phishing emails. These emails include a malicious link to the spoofed SBA website that the cyber actor is using for malicious re-directs and credential stealing.
For a downloadable copy of IOCs, see STIX file.
CISA analysts observ...Read More
Posted: July 27, 2020, 12:20 pm
Original release date: July 27, 2020 | Last revised: August 6, 2020
This is a joint alert from the United States Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC).
CISA and NCSC are investigating a strain of malware known as QSnatch, which attackers used in late 2019 to target Network Attached Storage (NAS) devices manufactured by the firm QNAP.
All QNAP NAS devices are potentially vulnerable to QSnatch malware if ...Read More
Posted: July 24, 2020, 10:59 am
Original release date: July 24, 2020
The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this alert in response to recently disclosed exploits that target F5 BIG-IP devices that are vulnerable to CVE-2020-5902. F5 Networks, Inc. (F5) released a patch for CVE-2020-5902 on June 30, 2020. Unpatched F5 BIG-IP devices are an attractive target for malicious actors. Affected organizations that have not applied the patch to fix this critical remote code execution (RCE) vul...Read More
Posted: July 23, 2020, 2:29 pm
Original release date: July 23, 2020
Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise and ATT&CK for Industrial Control Systems frameworks for all referenced threat actor techniques and mitigations.
Over recent months, cyber actors have demonstrated their continued willingness to conduct malicious cyber activity against critical infrastructure (CI) by exploiting internet-accessible operati...Read More
Posted: July 16, 2020, 12:09 pm
Original release date: July 16, 2020
This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) and Pre-ATT&CK frameworks. See the MITRE ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced threat actor techniques.
Attributing malicious cyber activity that uses network tunneling and spoofing techniques to a specific threat actor is difficult. Attribution requires analysis of multiple variables, including location. Because threat actors ...Read More