Alerts

Alerts

TA18-149A: HIDDEN COBRA – Joanap Backdoor Trojan and Brambul Server Message Block Worm

Original release date: May 29, 2018 Systems Affected Network systems Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal ...

Alerts

TA18-145A: Cyber Actors Target Home and Office Routers and Networked Devices Worldwide

Original release date: May 25, 2018 Systems Affected Small office/home office (SOHO) routers Networked devices Network-attached storage (NAS) devices Overview Cybersecurity researchers have identified that fo...

Alerts

TA18-141A: Side-Channel Vulnerability Variants 3a and 4

Original release date: May 21, 2018 Systems Affected CPU hardware implementations Overview On May 21, 2018, new variants—known as 3A and 4—of the side-channel central processing unit (CPU) hardware vulnerabilit...

Alerts

TA18-106A: Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices

Original release date: April 16, 2018 Systems Affected Generic Routing Encapsulation (GRE) Enabled Devices Cisco Smart Install (SMI) Enabled Devices Simple Network Management Protocol (SNMP) Enabled Network De...

Alerts

TA18-086A: Brute Force Attacks Conducted by Cyber Actors

Original release date: March 27, 2018 Systems Affected Networked systems Overview According to information derived from FBI investigations, malicious cyber actors are increasingly using a style of brute force a...

Alerts

TA17-156A: Reducing the Risk of SNMP Abuse

Original release date: June 05, 2017Systems Affected SNMP enabled devices Overview The Simple Network Management Protocol (SNMP) may be abused to gain unauthorized access to network devices. SNMP provides a sta...

Alerts

TA17-318A: HIDDEN COBRA – North Korean Remote Administration Tool: FALLCHILL

Original release date: November 14, 2017 | Last revised: November 22, 2017Systems Affected Network systems Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Ho...

Alerts

TA17-318B: HIDDEN COBRA – North Korean Trojan: Volgmer

Original release date: November 14, 2017 | Last revised: November 22, 2017Systems Affected Network systems Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Ho...

Alerts

TA18-074A: Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors

Original release date: March 15, 2018 | Last revised: March 16, 2018Systems Affected Domain ControllersFile ServersEmail ServersOverview This joint Technical Alert (TA) is the result of analytic efforts between...

Alerts

TA17-181A: Petya Ransomware

Original release date: July 01, 2017 | Last revised: February 15, 2018Systems Affected Microsoft Windows operating systems Overview This Alert has been updated to reflect the U.S. Government’s public attr...