CISA Alert AA23-108A – APT28 exploits known vulnerability to carry out reconnaissance and deploy malware on Cisco routers.

The UK National Cyber Security Centre (NCSC), NSA, CISA, and FBI are releasing this joint advisory to provide TTPs associated with APT28’s exploitation of Cisco routers in 2021.
AA23-108A Alert, Technical Details, and Mitigations
Malware Analysis Report
Resource to mitigate a ransomware attack: CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide.
No-cost cyber hygiene services: Cyber Hygiene Services and Ransomware Readiness Assessment.
See CISA Insights Mitigations and Hardening Guidance for MSPs and Small- and Mid-sized Businesses for guidance …

advisory alert analysis apt28 assessment attack businesses center cisa cisa alert cisa insights cisco cisco routers cost cyber cyber hygiene cyber security exploitation exploits fbi guidance guide hardening information information sharing insights isac known vulnerability malware malware analysis mitigations ms-isac msps national national cyber security centre ncsc nsa ransomware ransomware attack reconnaissance report routers security services sharing state technical ttps vulnerability