all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CISA Alert AA22-277A – Impacket and exfiltration tool used to steal sensitive information from defense industrial base organization.

Add to bookmarks
Oct. 4, 2022, 8:35 p.m. | N2K Networks

CyberWire Daily thecyberwire.com

From November 2021 through January 2022, the CISA responded to APT activity against a Defense Industrial Base organization’s enterprise network. During incident response activities, CISA discovered that multiple APT groups compromised the organization’s network, and some APT actors had long-term access to the environment. APT actors used an open-source toolkit called Impacket to gain their foothold within the environment and further compromise the network, and also used a custom data exfiltration tool, CovalentStealer, to steal the victim’s sensitive data.
AA22-277A …

access alert apt base cisa cisa alert compromised defense defense industrial base enterprise exfiltration impacket incident incident response industrial information january network november organization response sensitive information steal tool

Visit resource

More from thecyberwire.com / CyberWire Daily

Geopolitical tensions rise with China. [Research Saturday] 18 hours ago | thecyberwire.com
adam apt apt31 apt groups +23
Ransomware attack turns legal attack. 1 day, 2 hours ago | thecyberwire.com
android android developers attack clear +25
Dropbox sign breach exposes secrets. 2 days, 3 hours ago | thecyberwire.com
as-a-service breach cisa critical +29
Retirement plan breach shakes financial giant. 3 days, 3 hours ago | thecyberwire.com
biden breach called cornell +24
Ransomware is just a prescription for chaos. 4 days, 3 hours ago | thecyberwire.com
addresses benefits breach carriers +27
An unprecedented surge in credential stuffing. 5 days, 3 hours ago | thecyberwire.com
as-a-service bank botnet ceo +33
Encore: Jack Rhysider: Get your experience points in everything. [Media] [Career Notes] 6 days, 16 hours ago | thecyberwire.com
career computer darknet darknet diaries +19
Cerber ransomware strikes Linux. [Research Saturday] 1 week ago | thecyberwire.com
application cado security cerber cerber ransomware +16
Kaiser Permanente's privacy predicament. 1 week, 1 day ago | thecyberwire.com
breaches cisa cobalt cobalt strike +35

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Cybersecurity Consultant

@ Devoteam | Cité Mahrajène, Tunisia
View on infosec-jobs.com

GTI Manager of Cybersecurity Operations

@ Grant Thornton | Phoenix, AZ, United States
View on infosec-jobs.com

(Senior) Director of Information Governance, Risk, and Compliance

@ SIXT | Munich, Germany
View on infosec-jobs.com

Information System Security Engineer

@ Space Dynamics Laboratory | North Logan, UT
View on infosec-jobs.com

Intelligence Specialist (Threat/DCO) - Level 3

@ Constellation Technologies | Fort Meade, MD
View on infosec-jobs.com

Cybersecurity GRC Specialist (On-site)

@ EnerSys | Reading, PA, US, 19605
View on infosec-jobs.com
View more jobs