Announcements

The following announcements highlight recent cybersecurity news including alerts, threats, vulnerabilities, and malicious activity. They also include up-to-date information on available updates and patches for your operating systems.

Published Sep 14, 2020

On September 14, 2020, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) issued an advisory about Chinese Ministry of State Security (MSS)-affiliated cyber threat actors targeting U.S. government agencies. For more information, visit https://us-cert.cisa.gov/china.

Published Sep 01, 2020

On September 1, 2020, the Cybersecurity and Infrastructure Security Agency (CISA)—in collaboration with the cybersecurity authorities of Australia, Canada, New Zealand, and the United Kingdom—released a joint advisory on technical approaches to uncovering and remediating malicious activity. For more information, visit https://us-cert.cisa.gov/ncas/alerts/aa20-245a

Published Aug 26, 2020

On August 26, 2020, the Cybersecurity Security and Infrastructure Security Agency (CISA), the Department of the Treasury, the Federal Bureau of Investigation, and U.S. Cyber Command identified malware and other indicators of compromise used by the North Korean government in an ATM cash-out scheme—referred to by the U.S. Government as “FASTCash.” The U.S. Government refers to the group behind this activity as BeagleBoyz, a subset of HIDDEN COBRA.

Published Aug 19, 2020

On August 19, 2020, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released one new Malware Analysis Report (MAR) on malware used by North Korean actors. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information, visit https://www.us-cert.gov/NorthKorea.

Published Aug 03, 2020

On August 3, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD), released a new Malware Analysis Report (MAR) on malware used by the Chinese government. For more information, visit https://us-cert.cisa.gov/china.

Published May 12, 2020

On May 12, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD), released three new Malware Analysis Reports (MARs) on malware used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information, visit https://www.us-cert.gov/NorthKorea.

Published Apr 15, 2020

On April 15, 2020, the U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation released joint guidance on North Korea’s malicious cyber activities, including recommended steps to mitigate the threat.

Published Feb 14, 2020

On February 14, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD), released six new Malware Analysis Reports (MARs) and an updated MAR on malware used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information, visit https://www.us-cert.gov/northkorea.

Published Oct 31, 2019

On October 31, 2019, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD) identified a Trojan malware variant—referred to as HOPLIGHT—used by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information, visit https://www.us-cert.gov/HiddenCobra

Published Sep 09, 2019

On September 9, 2019, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) identified two malware variants—referred to as ELECTRICFISH and BADCALL—used by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information, visit https://www.us-cert.gov/HiddenCobra.