- AA21-077A: Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool
- AA21-076A: TrickBot Malware
- AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities
- AA21-055A: Exploitation of Accellion File Transfer Appliance
- AA21-048A: AppleJeus: Analysis of North Korea’s Cryptocurrency Malware
- AA21-042A: Compromise of U.S. Water Treatment Facility
- AA21-008A: Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments
- AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations
- AA20-345A: Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data
- AA20-336A: Advanced Persistent Threat Actors Targeting U.S. Think Tanks
- AA20-304A: Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data