HC3 Sector Alert TLP White - CISA Top 3 Malware Detections for May 2020, July 10, 2020

Top malware detections for the month of May 2020 by the EINSTEIN national IDS included NetSupport Manager RAT, Kovter, and XMRig. According to CISA, these three threats accounted for more than 90% of active signatures. Both NetSupport Manager RAT and XMRig have links to threat actor(s) which have previously targeted the United States healthcare and public health (HPH) sector and Kovter continues to be a top malware used by threat actors. General mitigations, indicators of compromise (IOCs), techniques (TTPs), and Snort rules are provided.

Key Resources

Related Resources

Advisory
Hospitals That Are Oracle Customers Urged to Take Immediate Action to Address Security Vulnerability
Public
Issue Landing Page
Cybersecurity and Risk Advisory Service
Guides/Reports
Cybersecurity and Risk Advisory Services
Standards/Guidelines
Become an AHA Preferred Cybersecurity and Risk Provider
Public
Issue Landing Page
AHA Preferred Cybersecurity & Risk Provider Program
Issue Landing Page
Support for Your Cybersecurity Program