.png "back to home page")
.@CISAgov says fed agency was compromised: hackers planted sophisticated multi-stage malware that evaded anti-malware protection "and gained persistent access through two reverse Socket Secure proxies that exploited weaknesses in agency’s firewall." https://t.co/qx9fOzeDsL
— Kim Zetter (@KimZetter) September 24, 2020
This is interesting: CISA has released a report about a hack into an unnamed federal agency.
— Eric Geller (@ericgeller) September 24, 2020
The hacker stole email & domain admin creds, did network recon, established persistence, and stole local and network-hosted data with sneaky malware.https://t.co/u6ix0Gbdfk pic.twitter.com/LqQuoDe02I
Cybersecurity and Infrastructure Security Agency (CISA) revealed that a hacker breached a US federal agency and exfiltrated data.#Security #cybernews #CyberSecurity #cybersec #infosec #informationsecurity #privacy #CyberAttack https://t.co/FOJpIw4uNt
— DeadShpere (@iamTdivyesh) September 25, 2020
??? Hacker Accessed Network of U.S. Agency and Downloaded Data.
— W.L. Lewis (@ArtMusicLife) September 24, 2020
An unnamed U.S. federal agency was hit with a cyber-attack after a hacker used valid access credentials.https://t.co/itu2zhG7JJ#Tech #Cybersecurity #Hacking
Hacker Accessed Network of U.S. Agency and Downloaded Data #CyberSecurity #osint #infosec #cyberthreats #hackers #darkweb #privacy #databreaches #cyberattacks #cybercrime #cybersec #ThreatIntel #dataprivacy #cyberintelligence https://t.co/Y6Nd43FtFe
— Jiniba (@JinibaBD) September 25, 2020
CISA says a hacker breached a federal agency #databreach #Hacked #CyberSecurity https://t.co/u1DQNora7U
— Paula Piccard ?? ?? (@Paula_Piccard) September 24, 2020
CISA says a hacker breached a federal agency https://t.co/iyZpbsDAHQ #cybersecurity #CyberSec pic.twitter.com/q06lI0AuWu
— Moix Security (@moixsec) September 25, 2020
CISA says a hacker breached a federal agency
— Catalin Cimpanu (@campuscodi) September 24, 2020
-didn't name the agency
-didn't date the hack
-didn't attribute/link the attack to any grouphttps://t.co/JmgZMgCvRO pic.twitter.com/vyjGeeOUX2
CISA says a hacker breached a federal agency #Databreach #cybersecurity #security https://t.co/K6sdN9EpIz
— Paula Piccard ?? ?? (@Paula_Piccard) September 25, 2020
CISA didn't name the attacker but it published an in-depth incident report detailing the hacker's every step. CISA says a hacker breached a federal agency... via @zdnet #infosec #tech #FridayFeeling https://t.co/1KyPXIA9Y5
— AJ Durling (@Gurgling_MrD) September 25, 2020
CISA says a hacker breached a federal agency https://t.co/A0HPKhIbFs #Cyberattacks #Cybercrime pic.twitter.com/V4bHsnpqtD
— Aghiath chbib (@AghiathChbib) September 25, 2020
CISA says a hacker breached a federal agency #Databreach #cybersecurity #security via https://t.co/KN3irU5cZw https://t.co/OoUw40xruU
— Prateek Sinha (@prateekpsinha) September 25, 2020
Feds Hit with Successful Cyberattack, Data Stolen
— Fabrizio Bustamante (@Fabriziobustama) September 25, 2020
Bu @threatpost https://t.co/FLMA5ADVuS#CyberSecurity #Malware #VPN #Bigdata #Cyberattacks
Cc: @TheCyberSecHub @avrohomg @mclynd @archonsec @gvalan @DrJDrooghaag @todddlyle @AshokNellikar @RitupaGhosh @PVynckier @Dahl_Consult pic.twitter.com/qy8S8B5Ray
Feds Hit with Successful Cyberattack, Data Stolen #Infosec #cyberattack #cybersecurity https://t.co/0qRK3SHL5N
— Paula Piccard ?? ?? (@Paula_Piccard) September 24, 2020
Feds Hit with Successful Cyberattack, Data Stolen. It is possible the cyber-actor obtained the credentials from an unpatched agency VPN server by exploiting a known vulnerability: CVE-2019-11510 https://t.co/LONwbFMKfk
— Paolo Passeri (@paulsparrows) September 25, 2020
⚡️#Feds Hit with Successful #Cyberattack, #Data #Stolen#DHS #CISA #cybersecurity #Hacked #Malware #SSH
— Mark Quinn (@MarkQuinn_VO) September 24, 2020
MT @Paula_Piccard, @threatpost @antgrasso @AkwyZ @HeinzVHoenen @Victoryabro @Nicochan33 @ReedAbend@TamaraMcCleary @rwang0 @kuriharan @RagusoSergiohttps://t.co/DqpayxOK9w
Learn how a cyber threat actor compromised a federal agency's network to exfiltrate sensitive data by reading our latest Analysis Report at https://t.co/AGi0ALE8uU. Be sure to check out the #IOCs to protect your system and data! #Cyber #Cybersecurity #InfoSec
— US-CERT (@USCERT_gov) September 24, 2020
.@CISAgov says fed agency was compromised: hackers planted sophisticated multi-stage malware that evaded anti-malware protection "and gained persistent access through two reverse Socket Secure proxies that exploited weaknesses in agency’s firewall." https://t.co/qx9fOzeDsL
— Kim Zetter (@KimZetter) September 24, 2020
US @CISAgov Analysis Report (AR20-268A) - Federal Agency Compromised by Malicious Cyber Actor (Sep 24) https://t.co/3eQq4hio6t
— Matthijs R. Koot (@mrkoot) September 24, 2020
Detected via @USCERT_gov's EINSTEIN intrusion detection system that helps protect US federal civilian networks (https://t.co/VwxP8U8gCZ).
/c @thegrugq pic.twitter.com/hr2Lc6nNwq
US-CERT Analysis Report Posted: AR20-268A: Federal Agency Compromised by Malicious Cyber Actor https://t.co/kajBfHoKXp
— Recon InfoSec (@Recon_InfoSec) September 24, 2020
"It is possible the cyber actor obtained the credentials from an unpatched agency VPN server by exploiting a known vulnerability – CVE-2019-11510 – in Pulse Secure"https://t.co/FCKqeNvvnN
— Bad Packets (@bad_packets) September 24, 2020
⚠️アメリカ連邦政府機関??にサイバー攻撃
— Kenichi Terashita, CISSP (@kterashita) September 25, 2020
CISAがその攻撃手法と対策をレポートで公開
- Microsoft 365アカウントへの侵害
- VPNの既知の脆弱性を悪用
- Active Directoryへの侵害
- SMB/SSH/Reverse SOCK5 Proxy等を使ったLateral MovementとBackdoorhttps://t.co/FUEe9Pckvm#サイバー攻撃 pic.twitter.com/oG9exfCs4d
Lots of IOCs, though: https://t.co/uuk4WrTlN0 pic.twitter.com/Aw4TGz9sq5
— Catalin Cimpanu (@campuscodi) September 24, 2020