10/04/2022 | Press release | Distributed by Public on 10/04/2022 11:40
FORT MEADE, Md. - The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the FBI released a Cybersecurity Advisory today that details the tactics, techniques and procedures (TTPs) that likely multiple advanced persistent threat (APT) groups recently used to steal sensitive information from a Defense Industrial Base organization. The advisory, "Impacket, Custom Exfiltration Tools Used to Steal Sensitive Information from Defense Industrial Base Organization," provides indicators of compromise and TTPs used by the groups and shares guidance to detect and prevent related activity.
During a hunt on the organization's network, CISA and a third-party incident response organization discovered the following malicious activity:
They recommend that Defense Industrial Base sector and other critical infrastructure organizations implement the mitigations in the advisory to ensure they are managing and reducing threats to their networks.
Read the full report here.
Visit our full library for more cybersecurity information and technical guidance.