Home / Tag Archives: US-Cert

Tag Archives: US-Cert

Side-Channel Vulnerability Variants 3a and 4 – Spectre and Meltdown

Advanced Persistent Threat Activity Exploiting Managed Service Providers

On May 21, 2018, new variants of the side-channel central processing unit (CPU) hardware vulnerabilities known as Spectre and Meltdown were publicly disclosed. These variants—known as 3A and 4—can allow an attacker to obtain access to sensitive information on affected systems. Systems Affected CPU hardware implementations Description Common CPU hardware …

Read More »

Brute Force Attacks Conducted by Cyber Actors

Advanced Persistent Threat Activity Exploiting Managed Service Providers

In a traditional brute-force attack, a malicious actor attempts to gain unauthorized access to a single account by guessing the password. This can quickly result in a targeted account getting locked-out, as commonly used account-lockout policies allow three to five bad attempts during a set period of time. During a …

Read More »

Cyber Actors Target Home and Office Routers and Networked Devices Worldwide

Cyber Actors Target Home and Office Routers and Networked Devices Worldwide - blackMORE Ops

DHS and FBI recommend that all SOHO router owners power cycle (reboot) their devices to temporarily disrupt the malware. Network device management interfaces—such as Telnet, SSH, Winbox, and HTTP—should be turned off for wide-area network (WAN) interfaces, and, when enabled, secured with strong passwords and encryption. Network devices should be upgraded …

Read More »

HIDDEN COBRA – FASTCash Campaign targeting banks

This graphic illustrates the way HIDDEN COBRA actors use compromised switch application servers to approve financial transactions

Since at least late 2016, HIDDEN COBRA actors have used FASTCash tactics to target banks in Africa and Asia. At the time of this TA’s publication, the U.S. Government has not confirmed any FASTCash incidents affecting institutions within the United States. FASTCash schemes remotely compromise payment switch application servers within …

Read More »

Emotet Malware – one of the most destructive malware right now

Emotet Malware | US-CERT

Emotet continues to be among the most costly and destructive malware affecting SLTT governments. Its worm-like features result in rapidly spreading network-wide infection, which are difficult to combat. Emotet infections have cost SLTT governments up to $1 million per incident to remediate. Emotet continues to be among the most costly …

Read More »

Privacy Policy on Cookies Usage

Some services used in this site uses cookies to tailor user experience or to show ads.