US-CERT Archives - Securezoo

Emotet malware active threat drops IcedID Trojan

Leave a Comment / Cybersecurity Attacks, Malware / Frank Crast / November 17, 2018 / banking, Emotet, IcedID, malware, Symantec, Trickbot, Trojan, US-CERT, Zeus

Cyber criminals have been actively pushing Emotet malware to drop IcedID trojan since early November 2018.

Emotet malware active threat drops IcedID Trojan Read More »

Emotet malware threat reaches $1M per incident

Cybersecurity Attacks, Malware / Frank Crast / July 21, 2018 / DMARC, Emotet, malware, Trojan, US-CERT

US-CERT has published a joint Technical Alert (TA18-201A) warning of a cyber campaign involving Emotet Malware. Malicious activity was observed as recently as this month.

Emotet malware threat reaches $1M per incident Read More »

Joanap Backdoor Trojan and Brambul SMB Worm

Cybersecurity Attacks, Malware / Frank Crast / May 31, 2018 / anti-virus, Brambul, DHS, HIDDEN COBRA, Joanap, malware, RAT, SMB, Trojan, US-CERT

A new US-CERT Technical Alert (TA) warned cyber actors are using Joanap and Brambul malware to target multiple victims worldwide.

Joanap Backdoor Trojan and Brambul SMB Worm Read More »

Cyber attack on Cisco switches

Cybersecurity Attacks, Network Security / Frank Crast / April 9, 2018 / Cisco, iOS, Network, Smart Install Client, switches, US-CERT

A “massive attack” going on now against Cisco switches, which are used in data-centers worldwide.

Cyber attack on Cisco switches Read More »

GoScanSSH malware targets default and weak passwords

Cybersecurity Attacks, Malware, Password Management / Frank Crast / March 28, 2018 / C2, GoScanSSH, malware, Password, Proxy, SSH, US-CERT

Talos security researchers have spotted a new family of malware dubbed “GoScanSSH” that compromises internet-facing SSH servers. The malware targets default and weak passwords via a brute force attack on SSH systems that allow password-based SSH authentication.

GoScanSSH malware targets default and weak passwords Read More »

Russian cyber activity targets critical infrastructure and energy sectors

Leave a Comment / Cybercrime, Cybersecurity Attacks / Frank Crast / March 16, 2018 / Cyber Kill Chain, DHS, Dragonfly, energy, FBI, Infrastructure, Russia, SCADA, Symantec, US-CERT

Russian government cyber activity has targeted U.S Government entities, energy and other critical infrastructure sectors. The activity has been active since at least March 2016, according to a US-CERT Technical Alert (TA).

Russian cyber activity targets critical infrastructure and energy sectors Read More »

HARDRAIN and BADCALL malware

Leave a Comment / Cybercrime, Cybersecurity Attacks / Frank Crast / February 15, 2018 / Badcall, Hardrain, HIDDEN COBRA, malware, US-CERT

The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have identified Trojan malware variants, HARDRAIN and BADCALL, used by the North Korean government.

HARDRAIN and BADCALL malware Read More »

SNMP security guidance released

Leave a Comment / Network Security, Server Security / Frank Crast / June 6, 2017 / MIB, SNMP, SNMPv3, US-CERT, Whitelisting

US-CERT released good security guidance, Reducing the Risk of SNMP Abuse, in a recent alert.

SNMP security guidance released Read More »