TA18-141A: Side-Channel Vulnerability Variants 3a and 4

Posted on Monday May 21, 2018

On May 21, 2018, new variants of the side-channel central processing unit (CPU) hardware vulnerabilities known as Spectre and Meltdown were publicly disclosed. These variants—known as 3A and 4—can allow an attacker to obtain access to sensitive information on affected systems.

 

TA18-106A: Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices

Posted on Monday April 16, 2018

Update: On April 19, 2018, an industry partner notified NCCIC and the FBI of malicious cyber activity that aligns with the techniques, tactics, and procedures (TTPs) and network indicators listed in this Alert. Specifically, the industry partner reported the actors redirected DNS queries to their own infrastructure by creating GRE tunnels and obtained sensitive information, which include the configuration files of networked devices.

 

TA18-086A: Brute Force Attacks Conducted by Cyber Actors

Posted on Tuesday March 27, 2018

According to information derived from FBI investigations, malicious cyber actors are increasingly using a style of brute force attack known as password spraying against organizations in the United States and abroad.

 

TA18-074A: Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors

Posted on Thursday March 15, 2018

This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This alert provides information on Russian government actions targeting U.S. Government entities as well as organizations in the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors. It also contains indicators of compromise (IOCs) and technical details on the tactics, techniques, and procedures (TTPs) used by Russian government cyber actors on compromised victim networks. DHS and FBI produced this alert to educate network defenders to enhance their ability to identify and reduce exposure to malicious activity.

 

Page:   12

Celebrating 30 Years

Off-Site Cloud Backups

Contact Us

Comodo SSL