Podcasts News Tech News CyberWire Daily CISA Alert AA23-108A APT28 exploits known vulnerability to carry out reconnaissance and deploy malware on Cisco routers.

CISA Alert AA23-108A APT28 exploits known vulnerability to carry out reconnaissance and deploy malware on Cisco routers.

Published: April 20, 2023, 1:33 p.m.

The UK National Cyber Security Centre (NCSC), NSA, CISA, and FBI are releasing this joint advisory to provide TTPs associated with APT28\u2019s exploitation of Cisco routers in 2021.\nAA23-108A Alert, Technical Details, and Mitigations\nMalware Analysis Report\nResource to mitigate a ransomware attack: CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide.\nNo-cost cyber hygiene services: Cyber Hygiene Services and Ransomware Readiness Assessment.\nSee CISA Insights Mitigations and Hardening Guidance for MSPs and Small- and Mid-sized Businesses for guidance on hardening MSP and customer infrastructure.\nU.S. DIB sector organizations may consider signing up for the NSA Cybersecurity Collaboration Center\u2019s DIB Cybersecurity Service Offerings, including Protective Domain Name System services, vulnerability scanning, and threat intelligence collaboration for eligible organizations. For more information on how to enroll in these services, email dib_defense@cyber.nsa.gov\xa0\nTo report incidents and anomalous activity or to request incident response resources or technical assistance related to these threats, contact CISA at report@cisa.gov, or call (888) 282-0870, or report incidents to your local FBI field office.\nLearn more about your ad choices. Visit megaphone.fm/adchoices