CERT Analysy -
Název
CERT
MAR-10459736.r1.v1 WHIRLPOOL Backdoor
USA
MAR-10454006.r4.v2 SEASPY and WHIRLPOOL Backdoors
MAR-10454006-r1.v2 SUBMARINE Backdoor
MAR-10454006-r2.v1 SEASPY Backdoor
MAR-10454006-r3.v1 Exploit Payload Backdoor
MAR-10445155-1.v1 Truebot Activity Infects U.S. and Canada Based Networks
MAR-10443863-1.v1 CVE-2017-9248 Exploitation in U.S. Government IIS Server
AR22-174B : MAR-10382580-1.v1 – Unidentified RAT
AR22-115B : MAR-10376640-1.v1 – IsaacWiper and HermeticWizard
AR22-115C : MAR-10376640-2.v1 – CaddyWiper
AR22-115A : MAR-10375867-1.v1 – HermeticWiper
AR22-055A : MAR–10369127–1.v1 – MuddyWater
AR21-236A : MAR-10336935-2.v1: Pulse Secure Connect
AR21-236B : MAR-10333243-3.v1: Pulse Secure Connect
AR21-236C : MAR-10338401-2.v1: Pulse Secure Connect
AR21-236D : MAR-10334057-3.v1: Pulse Secure Connect
AR21-236E : MAR-10339606-1.v1: Pulse Secure Connect
AR21-202C : MAR-10334057-1.v1: Pulse Secure Connect
AR21-202M : MAR-10338868-1.v1: Pulse Connect Secure
AR21-202I : MAR-10336935-1.v1: Pulse Connect Secure
AR21-202H : MAR-10336161-1.v1: Pulse Connect Secure
AR21-202E : MAR-10334587-1.v1: Pulse Connect Secure
AR21-202G : MAR-10335467-1.v1: Pulse Connect Secure
AR21-202J : MAR-10337580-1.v1: Pulse Connect Secure
AR21-202D : MAR-10334057-2.v1: Pulse Connect Secure
AR21-202F : MAR-10334587-2.v1: Pulse Connect Secure
AR21-202B : MAR-10333243-1.v1: Pulse Connect Secure
AR21-189A : MAR-10337802-1.v1: DarkSide Ransomware
AR21-148A : MAR 10339794-1.v1 – Cobalt Strike Beacon
AR21-134A : Eviction Guidance for Networks Affected by the SolarWinds and Active Directory/M365 Compromise
AR21-126B : MAR-10324784-1.v1: FiveHands Ransomware
AR21-126A : FiveHands Ransomware
AR21-112A : CISA Identifies SUPERNOVA Malware During Incident Response
AR21-105A : MAR-10327841-1.v1 – SUNSHUTTLE
AR21-102B : MAR-10330097-1.v1: DearCry Ransomware
AR21-102A : MAR-10331466-1.v1: China Chopper Webshell
AR21-084B : MAR-10329499-1.v1: China Chopper Webshell
AR21-084A : MAR-10329496-1.v1: China Chopper Webshell
AR21-072G : MAR-10329494-1.v1: China Chopper Webshell
AR21-072F : MAR-10329301-1.v1: China Chopper Webshell
AR21-072E : MAR-10329298-1.v1: China Chopper Webshell
AR21-072D : MAR-10329297-1.v1: China Chopper Webshell
AR21-072C : MAR-10329107-1.v1: China Chopper Webshell
AR21-072B : MAR-10328923-1.v1: China Chopper Webshell
AR21-072A : MAR-10328877-1.v1: China Chopper Webshell
AR21-055A : MAR-10325064-1.v1 - Accellion FTA
AR21-048B : MAR-10322463-2.v1 - AppleJeus: JMT Trading
AR21-048F : MAR-10322463-6.v1 - AppleJeus: Dorusio
AR21-048D : MAR-10322463-4.v1 - AppleJeus: Kupay Wallet
AR21-048G : MAR-10322463-7.v1 - AppleJeus: Ants2Whale
AR21-048E : MAR-10322463-5.v1 - AppleJeus: CoinGoTrade
AR21-048C : MAR-10322463-3.v1 - AppleJeus: Union Crypto
AR21-039A : MAR-10318845-1.v1 - SUNBURST
AR21-039B : MAR-10320115-1.v1 - TEARDROP
AR21-027A : MAR-10319053-1.v1 - Supernova
AR21-013A : Strengthening Security Configurations to Defend Against Attackers Targeting Cloud Services
AR20-303B : MAR-10310246-1.v1 – ZEBROCY Backdoor
AR20-303A : MAR-10310246-2.v1 – PowerShell Script: ComRAT
AR20-275A : MAR-10303705-1.v1 – Remote Access Trojan: SLOTHFULMEDIA
AR20-268A : Federal Agency Compromised by Malicious Cyber Actor
AR20-259A : MAR-10297887-1.v1 – Iranian Web Shells
AR20-239A : MAR-10301706-1.v1 - North Korean Remote Access Tool: ECCENTRICBANDWAGON
AR20-239C : MAR-10257062-1.v2 - North Korean Remote Access Tool: FASTCASH for Windows
AR20-239B : MAR-10301706-2.v1 - North Korean Remote Access Tool: VIVACIOUSGIFT
AR20-232A : MAR-10295134-1.v1 – North Korean Remote Access Trojan: BLINDINGCAN
AR20-216A : MAR-10292089-1.v1 – Chinese Remote Access Trojan: TAIDOOR
AR20-198C : MAR-10296782-3.v1 – WELLMAIL
AR20-198A : MAR-10296782-1.v1 – SOREFANG
AR20-198B : MAR-10296782-2.v1 – WELLMESS
AR20-133P : MIFR-10121050-1.v2
AR20-133O : MIFR-10079683-1.v2
AR20-133N : MIFR-10079682-1.v2
AR20-133M : MIFR-10077745-1.v2
AR20-133L : MIFR-10056799-1.v2
AR20-133K : MIFR-10050855-1.v2
AR20-133J : MIFR-10027371-1.v2
AR20-133I : MIFR-00435108-1.v2
AR20-133H : MAR-10285677-3.v1
AR20-133G : MAR-10285677-2.v1
AR20-133F : MAR-10238137-1.v2
AR20-133A : MAR-10288834-1.v1 – North Korean Remote Access Tool: COPPERHEDGE
AR20-133B : MAR-10288834-2.v1 – North Korean Trojan: TAINTEDSCRIBE
AR20-133C : MAR-10288834-3.v1 – North Korean Trojan: PEBBLEDASH
AR20-133E : MAR-10211350-1.v2
AR20-133D : MAR-10160323-1.v2
AR20-045G : MAR-10135536-8.v4 – North Korean Trojan: HOPLIGHT
AR20–045B : MAR-10265965-2.v1 – North Korean Trojan: SLICKSHOES
AR20-045C : MAR-10265965-3.v1 – North Korean Trojan: CROWDEDFLOUNDER
AR20-045D : MAR-10271944-1.v1 – North Korean Trojan: HOTCROISSANT
AR20-045A : MAR-10265965-1.v1 – North Korean Trojan: BISTROMATH
AR19-304A : MAR-10135536-8 – North Korean Trojan: HOPLIGHT
AR20-045E : MAR-10271944-2.v1 – North Korean Trojan: ARTFULPIE
AR20-045F : MAR-10271944-3.v1 – North Korean Trojan: BUFFETLINE
AR19-252A : MAR-10135536-10 – North Korean Trojan: BADCALL
AR19-252B : MAR-10135536-21 – North Korean Proxy Malware: ELECTRICFISH
AR19-133A : Microsoft Office 365 Security Observations
AR19-129A : MAR-10135536-21 – North Korean Tunneling Tool: ELECTRICFISH
AR19-100A : MAR-10135536-8 – North Korean Trojan: HOPLIGHT
AR18-352A : Quasar Open-Source Remote Administration Tool
AR18-337C : MAR-10158513.r1.v1 – SamSam3
AR18-337B : MAR-10166283.r1.v1 – SamSam2
AR18-337A : MAR-10219351.r1.v2 – SamSam1
AR18-337D : MAR-10164494.r1.v1 – SamSam4
AR18-312A : JexBoss – JBoss Verify and EXploitation Tool
AR18-275A : MAR-10201537 – HIDDEN COBRA FASTCash-Related Malware
MAR-10135536-17 – North Korean Trojan: KEYMARBLE
MAR-10135536-12 – North Korean Trojan: TYPEFRAME
MAR-10135536-3 - HIDDEN COBRA RAT/Worm