CISA Alert AA22-277A – Impacket and exfiltration tool used to steal sensitive information from defense industrial base organization. | allinfosecnews.com

Oct. 4, 2022, 8:35 p.m. | CyberWire, Inc.

CyberWire Daily thecyberwire.com

From November 2021 through January 2022, the CISA responded to APT activity against a Defense Industrial Base organization’s enterprise network. During incident response activities, CISA discovered that multiple APT groups compromised the organization’s network, and some APT actors had long-term access to the environment. APT actors used an open-source toolkit called Impacket to gain their foothold within the environment and further compromise the network, and also used a custom data exfiltration tool, CovalentStealer, to steal the victim’s sensitive data.
AA22-277A …

alert base cisa cisa alert defense exfiltration impacket industrial information sensitive information tool

More from thecyberwire.com / CyberWire Daily

The shadowy adversary in Cisco's crosshairs. 6 hours ago | thecyberwire.com

adaptive security adversary amazon amazon ring +35

Iran's covert cyber operations exposed. 1 day, 6 hours ago | thecyberwire.com

ban bcrypt brute charges +35

Visa crackdown against spyware swindlers. 2 days, 6 hours ago | thecyberwire.com

apps apt28 breach crackdown +29

Renewed surveillance sparks controversy. 3 days, 6 hours ago | thecyberwire.com

actively exploited apps attention breach +29

Encore: Kiersten Todt: problem solving and building solutions. [Policy] [Career Notes] 4 days, 19 hours ago | thecyberwire.com

building businesses career cyber +19

Cloud Architect vs Detection Engineer: Mutual benefit. [CyberWire-X] 4 days, 21 hours ago | thecyberwire.com

architect benefits brian cloud +15

The art of information gathering. [Research Saturday] 5 days, 19 hours ago | thecyberwire.com

abuse art conversation discuss +23

Swift responses to cyberattacks. 6 days, 5 hours ago | thecyberwire.com

akira akira ransomware auto businesses +25

Cyber Talent Insights: Charting your path in cybersecurity. (Part 2 of 3) [Special Edition] 6 days, 21 hours ago | thecyberwire.com

changing cyber cybersecurity cybersecurity landscape +14

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Regional Leader, Cyber Crisis Communications

@ Google | United Kingdom

View on infosec-jobs.com

Regional Intelligence Manager, Compliance, Safety and Risk Management

@ Google | London, UK

View on infosec-jobs.com

Senior Analyst, Endpoint Security

@ Scotiabank | Toronto, ON, CA, M1K5L1

View on infosec-jobs.com

Software Engineer, Security/Privacy, Google Cloud

@ Google | Bengaluru, Karnataka, India

View on infosec-jobs.com

Senior Security Engineer

@ Coinbase | Remote - USA

View on infosec-jobs.com