Government
April 19, 2025
FBI Warns of Scammers Impersonating the IC3 Full Text
Abstract
The FBI has issued a warning about a persistent fraud scheme in which scammers impersonate employees of the Internet Crime Complaint Center (IC3) to deceive and revictimize individuals, particularly those who have already suffered financial fraud.IC3
April 17, 2025
CISA warns of increased breach risks following Oracle Cloud leak Full Text
Abstract
On Wednesday, CISA warned of heightened breach risks after the compromise of legacy Oracle Cloud servers earlier this year and highlighted the significant threat to enterprise networks.Bleeping Computer
April 4, 2025
CISA, FBI, nations warn of fast flux DNS threat Full Text
Abstract
CISA, on Thursday urged organizations, internet service providers, and security firms to strengthen defenses against so-called fast flux attacks. Malicious cyber actors use fast flux to obfuscate the locations of malicious servers.The Register
March 29, 2025
CISA Warns of RESURGE Malware Exploiting Ivanti Vulnerability Full Text
Abstract
This new malware exhibits capabilities similar to the SPAWNCHIMERA variant, notably its ability to survive system reboots. However, RESURGE distinguishes itself through unique commands that enable it to alter its behavior.Security Online
March 29, 2025
CHOCO TEI WATCHER mini Devices Found Vulnerable to Critical Remote Exploits, CISA Warns Full Text
Abstract
The CISA has issued an advisory alerting organizations to multiple critical vulnerabilities affecting the CHOCO TEI WATCHER mini (IB-MCT001)—a device manufactured by Inaba Denki Sangyo Co., Ltd. for use in industrial and manufacturing environments.Security Online
March 20, 2025
CISA Warns of Three Actively Exploited Security Vulnerabilities in IoT, Backup, and Enterprise Systems Full Text
Abstract
CISA reported three actively exploited vulnerabilities: a critical Edimax IP camera flaw (CVE-2025-1316) enabling botnet attacks, a NAKIVO backup issue (CVE-2024-48248) exposing data, and an SAP NetWeaver flaw (CVE-2017-12637) allowing file access.Security Online
March 19, 2025
CISA Warns of Critical Vulnerabilities in Sungrow iSolarCloud App and WiNet Firmware Full Text
Abstract
Sungrow has released updated firmware (WINET-SV200.001.00.P028 or higher) and advises all users to update the iSolarCloud Android App to the latest version immediately via their device’s app store.Security Online
March 18, 2025
FBI Issues Warning Over Free Online File Converters That Actually Install Malware Full Text
Abstract
Instead of converting files, the tools actually load malware onto victims’ computers. The FBI warned specifically that the malware infection can also lead to ransomware attacks.Malware Bytes
March 12, 2025
Switzerland Mandates Cyber Reporting for Critical Infrastructure Full Text
Abstract
Switzerland’s NCSC will require critical infrastructure organizations to report cyberattacks within 24 hours. The new policy related to security breach notification is introduced as a response to the increasing number of cyber incidents.Infosecurity Magazine
February 26, 2025
CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation Full Text
Abstract
The CISA on Tuesday placed two security flaws impacting Microsoft Partner Center and Synacor Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The Hacker News
February 21, 2025
CISA and FBI Warn of Ghost Ransomware Which has Breached Organizations in 70 Countries Full Text
Abstract
Names linked to this group include Ghost, Cring, Crypt3r, Phantom, Strike, Hello, Wickrme, HsHarada, and Rapture, with ransomware samples used in their attacks including Cring.exe, Ghost.exe, ElysiumO.exe, and Locker.exe.Bleeping Computer
February 19, 2025
CISA Issues Two New ICS Advisories Addressing Exploits and Vulnerabilities Full Text
Abstract
These advisories flagged under ICSA-24-191-01 (Update A) and ICSA-25-035-02 (Update A), address high-severity flaws that could enable remote code execution and denial-of-service attacks across industrial environments.GBHackers
February 19, 2025
CERT-In Warns of High-Severity Vulnerabilities in Mozilla Firefox and Thunderbird Full Text
Abstract
Mozilla has responded swiftly to these vulnerabilities, releasing a series of security fixes in updated versions, including Firefox 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 135, and Thunderbird ESR 128.7.The Cyber Express
February 18, 2025
South Korea Suspends Downloads of AI Chatbot DeepSeek Full Text
Abstract
The Personal Information Protection Commission (PIPC) of South Korea announced the suspension on February 15, citing deficiencies in the app’s communication features and data processing practices.Infosecurity Magazine
February 13, 2025
CISA Adds Microsoft Windows, Zyxel Device Dlaws to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
The CISA added four vulnerabilities to its KEV catalog, including OS command injection flaws in Zyxel CPE Series devices (CVE-2024-40891 and CVE-2024-40890) and two Windows flaws (CVE-2025-21418 and CVE-2025-21391).Security Affairs
February 11, 2025
CISA Warns of Critical Elber Flaws – PoC Available, No Patch Full Text
Abstract
Elber has stated that they do not plan to mitigate these vulnerabilities as the affected equipment is either end-of-life or almost end-of-life. CISA recommends that users of affected devices take defensive measures to minimize the risks.Security Online
February 10, 2025
CISA Orders Agencies to Patch Linux Kernel Bug Exploited in Attacks Full Text
Abstract
Tracked as CVE-2024-53104, the security bug was first introduced in kernel version 2.6.26 and was patched by Google for Android users on Monday. The February 2025 Android security bulletin warns that it may be under limited, targeted exploitation.Bleeping Computer
February 8, 2025
CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks Full Text
Abstract
The US Cybersecurity & Infrastructure Security Agency (CISA) has added four vulnerabilities to its Known Exploited Vulnerabilities catalog, urging federal agencies and large organizations to apply the available security updates as soon as possible.Bleeping Computer
February 6, 2025
Five Eyes Cyber Agencies Share Security Guidance for Network Edge Devices Full Text
Abstract
Edge devices are often targeted and compromised because they don't support Endpoint Detection and Response (EDR) solutions, allowing threat actors to gain initial access to the targets' internal enterprise networks.Bleeping Computer
February 5, 2025
CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by February 25 Full Text
Abstract
These include forced browsing in Apache OFBiz (CVE-2024-45195), information disclosure in Microsoft .NET Framework (CVE-2024-29059), and OS command injection and local file inclusion in Paessler PRTG Network Monitor (CVE-2018-9276, CVE-2018-19410).The Hacker News
January 20, 2025
EU To Launch Support Centre by 2026 to Boost Healthcare Cybersecurity Full Text
Abstract
The action plan was made public on January 15, 2025, after being first mentioned in July 2024 in the EU Commission's Political Guidelines 2024-2029 document. It aims to help healthcare entities mitigate the rapidly increasing cyber threats they face.Infosecurity Magazine
January 14, 2025
CISA orders agencies to patch BeyondTrust bug exploited in attacks Full Text
Abstract
CISA has tagged a command injection vulnerability (CVE-2024-12686) in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks.Bleeping Computer
December 24, 2024
CISA Adds Acclaim Systems USAHERDS Flaw to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
The vulnerability, tracked as CVE-2021-44207, was exploited by the Chinese cyber-espionage group APT41 to breach multiple U.S. state government networks. The flaw stems from the use of hard-coded credentials.Security Affairs
December 18, 2024
FBI Spots HiatusRAT Malware Attacks Targeting Web Cameras, DVRs Full Text
Abstract
As a private industry notification (PIN) published on Monday explains, the attackers focus their attacks on Chinese-branded devices that are still waiting for security patches or have already reached the end of life.Bleeping Computer
December 17, 2024
CISA Says Windows Kernel Flaw Exploited in Attacks to Gain SYSTEM Privileges Full Text
Abstract
Tracked as CVE-2024-35250, this security flaw is due to an untrusted pointer dereference weakness that allows local attackers to gain SYSTEM privileges in low-complexity attacks that don't require user interaction.Bleeping Computer
December 5, 2024
EU’s First Ever Report on the State of Cybersecurity in the Union Full Text
Abstract
In its first-ever Report on the State of Cybersecurity in the Union, published on December 3, ENISA said the cyber threat level to the EU between July 2023 and June 2024 was substantial.ENISA
December 5, 2024
Critical CyberPanel Flaw Under Active Attack, CISA Warns Full Text
Abstract
The flaw in CyberPanel, tracked as CVE-2024-51378, is being actively exploited by attackers to deploy ransomware, including strains like PSAUX, C3RB3R, and a variant of Babuk.Security Online
December 5, 2024
US, Canada, Australia, and New Zealand Warn of China-Backed Cyber Espionage Campaign Targeting Telecom Networks Full Text
Abstract
The U.S. CISA, NSA, FBI, Australia's ACSC, Canada's CCCS, and New Zealand’s NCSC warned that China-affiliated threat actors compromised networks of major global telecommunications providers to conduct a broad and significant cyber espionage campaign.The Hacker News
December 4, 2024
CISA Adds ProjectSend, North Grid Proself, and Zyxel Firewall Bugs to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
Remote, unauthenticated attackers can exploit this flaw by sending crafted HTTP requests to options.php, enabling unauthorized modification of the application’s configuration.Security Affairs
November 28, 2024
US National Security Officials Brief Telecom Executives Full Text
Abstract
The White House hosted a meeting with executives of the U.S. telecommunications sector to share intelligence pertaining to China's "significant cyberespionage campaign targeting the sector."Bank Infosecurity
November 26, 2024
CISA Urges Agencies to Patch Critical “Array Networks” Flaw Amid Active Attacks Full Text
Abstract
The vulnerability, tracked as CVE-2023-28461 (CVSS score: 9.8), concerns a case of missing authentication that could be exploited to achieve arbitrary code execution remotely. Fixes were released in version 9.4.0.484 in March 2023.The Hacker News
November 19, 2024
CISA Warns of Actively Exploited Vulnerabilities in Kemp LoadMaster and Palo Alto Networks PAN-OS Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about three actively exploited vulnerabilities affecting popular networking and security products.Security Online
November 13, 2024
CISA, FBI, and NSA Reveal Top Routinely Exploited Vulnerabilities of 2023 Full Text
Abstract
Twelve out of the top 15 vulnerabilities were addressed last year, highlighting the importance of patching security flaws before they are exploited. The list included vulnerabilities in products from companies like Citrix, Cisco, Fortinet, and more.CISA
November 9, 2024
NCSC Issues Security Guidance to Help Banish Malicious Adverts and Drive a Secure Advertising Ecosystem Full Text
Abstract
Brands are advised by the National Cyber Security Centre (NCSC) to ensure that their digital advertising partners prioritize cybersecurity, collaboration, and transparency to reduce the risk of malvertising on their websites.NCSC
November 2, 2024
US and Israel Warn of Iranian Threat Actor’s New Tradecraft Full Text
Abstract
The advisory highlighted new tactics used by Cotton Sandstorm, including new infrastructure tradecraft, harvesting open-source information, and incorporating generative AI in its operations.Infosecurity Magazine
November 1, 2024
CISA Releases Its First Ever International Strategic Plan Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) has released its first international strategic plan to enhance collaboration in combating cyber threats to critical infrastructure.CISA
October 29, 2024
U.S. Government Issues New TLP Guidance for Cross-Sector Threat Intelligence Sharing Full Text
Abstract
The U.S. government follows Traffic Light Protocol (TLP) markings voluntarily on cybersecurity information to build trust in data handling for collaboration with partners.The Hacker News
October 23, 2024
CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack Full Text
Abstract
The vulnerability, known as CVE-2024-9537, allows remote code execution due to a bug in a third-party component. Versions 12.1.3, 12.2.3, and 12.3 have been patched, along with versions 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x.The Hacker News
October 17, 2024
UK Government Launches AI Safety Scheme to Tackle Deepfakes Full Text
Abstract
The AI Safety Institute’s Systemic Safety Grants Programme will provide researchers with up to £200,000 to investigate AI threats and potential solutions, particularly in sectors like healthcare and financial services.Infosecurity Magazine
October 16, 2024
CISA Adds Three Vulnerabilities in Windows Kernel, Mozilla Firefox, and SolarWinds Web Help Desk to KEV Catalog Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding three critical security vulnerabilities affecting various software, including Microsoft Windows, Mozilla Firefox, and SolarWinds Web Help Desk.CISA
October 14, 2024
Cyber Security Bill 2024: Australia’s Strategic Leap Toward a Resilient Digital Ecosystem Full Text
Abstract
Notable features of the law include mandatory cybersecurity standards for Internet of Things (IoT) devices and mandatory ransomware reporting for critical infrastructure entities.The Cyber Express
October 14, 2024
EU Adopts Cyber Resilience Act for Connected Devices Full Text
Abstract
The European Union Council has approved the Cyber Resilience Act (CRA) to establish cybersecurity requirements for products with digital components. This regulation will cover a wide range of connected devices.Infosecurity Magazine
October 12, 2024
CISA Warns of F5 BIG-IP Cookie Exploitation Full Text
Abstract
The CISA has issued an urgent alert warning organizations about a vulnerability involving unencrypted persistent cookies in the F5 BIG-IP Local Traffic Manager (LTM) module, which could be exploited by cyber threat actors.Security Online
October 11, 2024
CISA Warns of Critical Fortinet Flaw as Palo Alto Networks Issues Urgent Security Patches Full Text
Abstract
The CISA warned of a critical Fortinet flaw that allows remote code execution impacting FortiOS, FortiPAM, FortiProxy, and FortiWeb. Federal agencies must apply mitigations by October 30, 2024.The Hacker News
October 5, 2024
ACSC and CISA Launch Critical OT Cybersecurity Guidelines Full Text
Abstract
ACSC and CISA have jointly launched a new guide called Principles of Operational Technology Cybersecurity. This guide aims to assist organizations, especially those in critical infrastructure sectors, in securing their OT environments.Infosecurity Magazine
September 23, 2024
DOJ, FBI Need Better Metrics for Tracking Ransomware Disruption Efforts, Audit Finds Full Text
Abstract
An audit found that both the DOJ and FBI need to improve in three key areas to enhance their fight against ransomware. While the FBI reported an improvement in taking action within 72 hours in 47% of incidents, there is still room for progress.The Record
September 19, 2024
CISA Warns of Actively Exploited Adobe Flash Player Vulnerabilities Full Text
Abstract
The CISA has directed federal agencies to remove Flash Player by October 8, 2024, to safeguard sensitive data and critical operations. Adobe officially ended Flash Player support in 2020, recognizing its security risks.Security Online
September 14, 2024
Chinese-Made Port Cranes in US Included ‘Backdoor’ Modems, House Report Says Full Text
Abstract
A recent congressional investigation revealed that Chinese-made port cranes in the United States contained hidden modems that could provide unauthorized access to the machines.The Record
September 14, 2024
Hackers Have Sights Set on Four Microsoft Vulnerabilities, CISA Warns Full Text
Abstract
Federal civilian agencies have until the end of the month to address these issues. The vulnerabilities are part of Microsoft's monthly security release, with CVE-2024-43491 considered the most concerning due to its severity score.The Record
September 12, 2024
India Needs Better Cybersecurity for Space Systems Full Text
Abstract
Dr. Sreedhara Panicker Somanath, chairman of the Indian Space Research Organization, emphasized the importance of cybersecurity for the entire system during the recent inauguration of a cybersecurity training center.Dark Reading
September 11, 2024
UK’s ICO and NCA Sign Memorandum to Boost Reporting and Resilience Full Text
Abstract
The UK’s data protection watchdog and serious and organized crime agency have signed a memorandum of understanding (MoU) designed to enhance cooperation and reaffirm their commitment to helping victim organizations.Infosecurity Magazine
September 11, 2024
DHS Cyber Review Board Will Announce Next Investigation ‘Soon’ Full Text
Abstract
The DHS Cyber Safety Review Board, led by Homeland Security officials, is preparing to announce its next investigation soon, as hinted by DHS undersecretary Rob Silvers. Silvers mentioned criteria for incident review but did not reveal details.The Record
September 11, 2024
CISA adds SonicWall SonicOS, ImageMagick, and Linux Kernel Bugs to its Known Exploited Vulnerabilities catalog Full Text
Abstract
. The ImageMagick vulnerability (CVE-2016-3714) could allow remote code execution through crafted images. Linux Kernel flaw (CVE-2017-1000253) enables privilege escalation for unpatched systems.Security Affairs
September 10, 2024
CISA Flags ICS Bugs in Baxter, Mitsubishi Products Full Text
Abstract
CISA has identified vulnerabilities in industrial control system products from Baxter and Mitsubishi that are commonly used in healthcare and critical manufacturing sectors. Both the firms have released advisories with mitigation measures.Dark Reading
September 6, 2024
Sami Khoury, Head of Canada’s Cyber Agency, Starts New Role in Government Full Text
Abstract
Sami Khoury, the head of Canada's cyber agency, is moving to a new role as the government's senior official for cybersecurity after leading the Canadian Centre for Cyber Security (CCCS) since August 2021.The Record
September 5, 2024
CISA Warns of Three Actively Exploited Vulnerabilities That Demand Immediate Attention Full Text
Abstract
Two vulnerabilities, CVE-2021-20123 and CVE-2021-20124, pose serious risks for Draytek VigorConnect routers, potentially leading to unauthorized access to sensitive files. Another vulnerability, CVE-2024-7262, affects Kingsoft WPS Office.Security Online
September 5, 2024
FBI Warns Crypto Firms of Aggressive Social Engineering Attacks Full Text
Abstract
The FBI issued a warning about aggressive social engineering attacks by North Korean hacking groups targeting cryptocurrency firms. The attacks involve deploying malware to steal crypto assets through highly targeted tactics that are hard to detect.Bleeping Computer
September 4, 2024
US Government Isn’t Ready for Cyber Chaos in the Food and Agriculture Sector Full Text
Abstract
The industry remains largely unscathed by cyber threats, but recent events like the JBS ransomware attack highlight vulnerabilities. The sector's increased automation makes it a target for hackers, posing risks to the US food supply.The Record
September 2, 2024
NIST Releases New Draft of Digital Identity Proofing Guidelines Full Text
Abstract
The new draft of NIST's digital identity proofing guidelines includes updates to accommodate passkeys and mobile driver's licenses, as well as options for identification without using biometrics like facial recognition.NextGov
September 2, 2024
CISA Launches Cyber Incident Reporting Portal To Streamline Breach Disclosure Full Text
Abstract
The CISA has launched a cyber incident reporting portal to make breach disclosure easier. It allows organizations to report cyberattacks, vulnerabilities, and data breaches voluntarily.Cybersecurity Dive
August 30, 2024
US Offers $2.5 Million Reward for Hacker Linked to Angler Exploit Kit Full Text
Abstract
The U.S. Department of State and the Secret Service are offering a reward of $2.5 million for information leading to the capture of Belarusian cybercriminal Volodymyr Kadariya, who is linked to the Angler Exploit Kit.Bleeping Computer
August 29, 2024
CISA Adds Google Chromium V8 Bug to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
Google released a security update this week to address the actively exploited Chrome zero-day vulnerability. The vulnerability, CVE-2024-7965, is an inappropriate implementation issue in Chrome's V8 JavaScript engine.Security Affairs
August 24, 2024
NSA Issues Guidance for Better Logging, Threat Detection to Prevent LotL Incidents Full Text
Abstract
The NSA has released guidelines to improve logging and threat detection for Living-off-the-Land (LotL) attacks in cloud services, enterprise networks, mobile devices, and OT networks as part of a global effort for critical infrastructure security.Dark Reading
August 24, 2024
CISA Adds Dahua IP Camera, Linux Kernel, and Microsoft Exchange Server Bugs to its KEV Catalog Full Text
Abstract
The CISA has added new vulnerabilities to its Known Exploited Vulnerabilities catalog, including Dahua IP Camera authentication bypass flaws, a Linux Kernel buffer overflow issue, and a Microsoft Exchange Server vulnerability.Security Affairs
August 17, 2024
CISA Warns Critical Vulnerabilities in Vonets WiFi Bridge Devices, No Patch Available Full Text
Abstract
These vulnerabilities could allow attackers to execute arbitrary code, disclose sensitive information, or disrupt device functionality, posing a significant threat to industrial and commercial networks relying on these devices.Security Online
August 14, 2024
Biden Administration Pledges $11 Million to Open Source Security Initiative Full Text
Abstract
The effort, known as the Open-Source Software Prevalence Initiative (OSSPI), aims to identify where open-source software components are being used in sectors like healthcare, transportation, and energy production to enhance national cybersecurity.The Record
August 13, 2024
Britain and France to Discuss Misuse of Commercial Cyber Intrusion Tools Full Text
Abstract
The UK and France will discuss the misuse of commercial cyber intrusion tools as part of the Pall Mall Process, aiming to address the irresponsible use of hacking tools like spyware.The Record
August 10, 2024
CISA Warns of Hackers Abusing Cisco Smart Install Feature Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has advised organizations to disable the legacy Cisco Smart Install (SMI) feature due to recent attacks exploiting it.Bleeping Computer
August 7, 2024
Federal Watchdog Urges EPA to Develop Comprehensive Cyber Strategy to Protect Water Systems Full Text
Abstract
The U.S. Government Accountability Office is urging the Environmental Protection Agency (EPA) to develop a comprehensive strategy to protect the nation's drinking and wastewater systems from cyber threats.Cybersecurity Dive
August 7, 2024
Cyber Training Organization Pledges $15 Million in Education Programs Full Text
Abstract
EC-Council, a cyber certification organization, has pledged $15 million in scholarships to support over 50,000 students in cybersecurity programs. The goal is to help students earn industry credentials and enhance their cybersecurity skills.The Record
August 5, 2024
US Senate Confirms First DOD Cyber Policy Chief Full Text
Abstract
The Senate has confirmed Michael Sulmeyer as the first cyber policy chief at the Defense Department, where he will serve as the assistant secretary of Defense for cyber policy.The Record
August 5, 2024
CrowdStrike Outage Renews Supply Chain Concerns, Federal Officials Say Full Text
Abstract
Federal officials have raised concerns about the software supply chain and memory safety vulnerabilities following a global IT outage caused by a faulty CrowdStrike software update.Cybersecurity Dive
August 5, 2024
White House Officials Meet with Allies, Industry on Connected Car Risks Full Text
Abstract
Representatives from various countries and the European Union participated in the meeting, addressing cybersecurity and data risks in connected vehicles. The meeting highlighted the importance of connected cars as a critical part of infrastructure.The Record
August 1, 2024
Inaugural Pentagon Cyber Policy Chief Nominee Sails Through Senate Armed Services Committee Full Text
Abstract
The Senate Armed Services Committee has approved Michael Sulmeyer, the Army’s top digital adviser, as the inaugural assistant secretary of defense for cyber policy, paving the way for his nomination to the Senate floor for a vote.The Record
July 30, 2024
US State Department Says UN Cybercrime Treaty Must Include Human Rights Protections Full Text
Abstract
The U.S. State Department emphasized the importance of including human rights protections in the upcoming United Nations cybercrime treaty. The final round of negotiations for the treaty, which began on Monday and will conclude on August 9, 2024.The Record
July 26, 2024
National Defense University Cyber Professor Tapped as ONCD Deputy Director Full Text
Abstract
The Office of the National Cyber Director (ONCD) announced Wednesday that former Navy SEAL and National Defense University cyberspace professor Harry Wingo has been selected as its deputy director.The Record
July 22, 2024
US Sanctions Two Members of Russian ‘Cyber Army’ Hacktivist Group Full Text
Abstract
The U.S. sanctioned two members of the Russian hacktivist group Cyber Army of Russia Reborn (CARR) for carrying out cyber operations against critical U.S. infrastructure. CARR has launched low-impact DDoS attacks in Ukraine and its allies since 2022.The Record
July 22, 2024
China Claims Volt Typhoon was a False Flag Inside Job Conspiracy Full Text
Abstract
Beijing has claimed that the Volt Typhoon attack gang, accused by Five Eyes nations of being a Beijing-backed threat to critical infrastructure, was actually fabricated by the US intelligence community.The Register
July 22, 2024
CISA Says Malicious Hackers are ‘Taking Advantage’ of CrowdStrike Outage Full Text
Abstract
The U.S. cybersecurity agency CISA warned against clicking on suspicious links to prevent email compromise. Cybercriminals are already impersonating CrowdStrike in phishing emails, asking for payment to "fix the CrowdStrike apocalypse."Tech Crunch
July 10, 2024 – Phishing
Regional Transport Office Themed Phishing Campaign Targets Android Users In India Full Text
Abstract
Phishing messages impersonating the Regional Transport Office have been circulating since 2024, claiming traffic violations and prompting users to download a malicious APK named "VAHAN PARIVAHAN.apk".Cyble As CISOs Grapple with the C-Suite, Job Satisfaction Takes a Hit Full Text
Abstract
Research shows that 75% of CISOs are considering a job change due to various challenges and pressures. CISOs often face accountability for cyber incidents and compliance failures, leading to discontent.Cybersecurity Dive
July 10, 2024
CISA Adds Microsoft Windows and Rejetto HTTP File Server Bugs to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
The vulnerabilities added include CVE-2024-23692 affecting Rejetto HTTP File Server, CVE-2024-38080 impacting Windows Hyper-V, and CVE-2024-38112 targeting Windows MSHTML Platform.Security Affairs
July 10, 2024
US Senate NDAA 2025 Boosts Military Cyber and AI Initiatives Full Text
Abstract
The Senate Armed Services Committee presented the NDAA for fiscal year 2025, totaling $923.3 billion for defense funding. This includes $878.4 billion for the Pentagon and $33.4 billion for national security programs under the Department of Energy.Bank Infosecurity
July 9, 2024
CISA and Partner Agencies Join ASD’S ACSC to Release Advisory on APT40, a Chinese State-Sponsored Group Full Text
Abstract
Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the UK, and the US have warned about APT40, a China-linked cyber espionage group known for quickly exploiting new security bugs after public disclosure.CISA
June 26, 2024
Update: CISA Warns Chemical Facilities of Potential Data Theft Full Text
Abstract
Although there was no evidence of data theft or lateral movement, the agency's investigation revealed that unauthorized access to various sensitive information, including security plans and user accounts, may have occurred.Cybersecurity Dive
June 25, 2024
FBI Warns of Fake Law Firms Targeting Crypto Scam Victims Full Text
Abstract
The FBI has issued a warning about cybercriminals pretending to be law firms and lawyers offering cryptocurrency recovery services. These scammers target victims of investment scams, stealing funds and personal information.Bleeping Computer
June 25, 2024
Manufacturing Cybersecurity at Heart of New White House Guidance Full Text
Abstract
The U.S. Department of Energy has released a new framework of best practices for securing clean energy cyber supply chains, focusing on key technologies used in managing electricity, oil, and natural gas systems.Cybersecurity Dive
June 19, 2024
US, Indonesia Hold Port-Focused Cybersecurity Exercise Full Text
Abstract
The exercise involved simulations of major cyber incidents and ransomware attacks against port operations and maritime activities. The goal was to better prepare for potential cyber threats to maritime critical infrastructure.The Record
June 19, 2024
G7 Countries Vow to Establish Collective Cybersecurity Framework for Operational Tech Full Text
Abstract
The G7 countries have pledged to establish a collective cybersecurity framework for operational technologies to strengthen the cybersecurity of key technologies used in managing energy systems globally.The Record
June 18, 2024
CISA and EAC Release Guide to Enhance Election Security Through Public Communication Full Text
Abstract
The guide advises election officials to mitigate risks to election infrastructure and operations by developing a public communications plan with accurate election information and training teams for effective incident response communication.The Cyber Express
June 18, 2024
US Pledges to Protect Ukraine’s Critical Infrastructure From Cyberattacks in Security Deal Full Text
Abstract
The agreement, based on a pledge by the G7 countries, focuses on assisting Ukraine in protecting its networks from cyberattacks and countering disinformation. The U.S. will also help strengthen Ukraine's cyber defenses in critical infrastructure.The Record
June 13, 2024
Process to Verify Software Was Built Securely Begins Today Full Text
Abstract
US government contractors providing critical infrastructure software now need to fill out a form confirming that their software follows secure-by-design principles and has undergone scrutiny through software bills of material (SBOMs).Dark Reading
June 12, 2024
CISA Warns of Criminals Impersonating its Employees in Phone Calls Full Text
Abstract
The CISA has warned the public to be cautious and reminded them that its staff will never ask for money or instruct secrecy. The agency has also provided tips to help people avoid falling for these impersonation scams.Bleeping Computer
June 10, 2024
CISA Planning JCDC Overhaul as Experts Criticize Slow Start Full Text
Abstract
The top U.S. cyber defense agency may overhaul its flagship public-private partnership as experts say the initiative is floundering due to unclear membership rules and participation hurdles.Healthcare Info Security
June 10, 2024
FCC Greenlights $200M Pilot for School and Library Cybersecurity Full Text
Abstract
The Federal Communications Commission on Thursday voted to kickstart a three year pilot program that would study the use of agency funding to support cybersecurity services and equipment for school and library networks.NextGov
May 30, 2024
NIST Unveils ARIA to Evaluate and Verify AI Capabilities, Impacts Full Text
Abstract
The Assessing Risks and Impacts of AI (ARIA) program aims to help organizations and individuals determine whether a given AI technology will be valid, reliable, safe, secure, private, and fair once deployed.Help Net Security
May 30, 2024
NIST Expects to Clear Backlog in Vulnerabilities Database by End of Fiscal Year Full Text
Abstract
The National Institute of Standards and Technology (NIST) said it has awarded a new contract to an outside vendor that will help the federal government process software and hardware bugs added to the National Vulnerability Database (NVD).The Record
May 29, 2024
Watchdog calls out EPA for continued cybersecurity concerns Full Text
Abstract
In its annual report on open priority recommendations for the agency, the GAO called out the EPA for failing to outline a procedure for assessing vulnerabilities across its operations.NextGov
May 29, 2024
The Evolution of Security Metrics for NIST CSF 2.0 Full Text
Abstract
Combining effective use of metrics plus a deeper understanding of how security processes play out is the best way to build more security agility and enable teams to react more quickly and effectively.Help Net Security
May 28, 2024
White House Announces Plans to Revamp Data Routing Security by Year-End Full Text
Abstract
The augmentations concern the Border Gateway Protocol, a backbone data transmission algorithm that determines the optimal path for data packets to move across networks, said National Cyber Director Harry CokerNextGov
May 27, 2024
EU Wants Universities to Work with Intelligence Agencies to Protect Their Research Full Text
Abstract
Europe’s leading research universities should work more closely with the continent’s intelligence agencies to help secure their research from being stolen by hostile states, EU member states recommended this week.The Record
May 25, 2024
NSA Issues Guidance for Maturing Application, Workload Capabilities Under Zero Trust; Dave Luber Quoted Full Text
Abstract
“This guidance helps organizations disrupt malicious cyber activity by applying granular access control and visibility to applications and workloads in modern network environments,” said Dave Luber, director of cybersecurity at NSA.ExecutiveGov
May 22, 2024
ARPA-H Pledges $50M for Hospital IT Security Auto-Patching Full Text
Abstract
The US government's Advanced Research Projects Agency for Health (ARPA-H) has pledged more than $50 million to fund the development of technology that aims to automate the process of securing hospital IT environments.The Register
May 21, 2024
CISA Warns of Actively Exploited NextGen Mirth Connect Pre-Auth RCE Vulnerability Full Text
Abstract
The CISA has required federal agencies to update to a patched version of Mirth Connect (version 4.4.1 or later) by June 10, 2024, to secure their networks against active threats.Horizon S3
May 17, 2024
New UK System Will See ISPs Benefit From Same Protections as Government Networks Full Text
Abstract
The UK's NCSC has launched a new "Share and Defend" system that will provide internet service providers with the same malicious domain blocklists used to protect government networks, helping to raise cybersecurity resilience across the country.The Record
May 16, 2024
UK: NCSC to Defend ‘High-Risk’ Political Candidates from Cyberattacks Full Text
Abstract
The Personal Internet Protection (PIP) service aims to provide an additional layer of security to individuals at “high-risk” of cyberattacks like spear-phishing, malware and other threats, ahead of the upcoming election year.The Cyber Express
May 16, 2024
Cyber Trust Label Could be in Place by End of the Year, White House Says Full Text
Abstract
The Biden administration plans to have consumer devices labeled with the U.S. Cyber Trust Mark on store shelves by the end of 2024, to help consumers understand security and encourage manufacturers to include basic digital defenses.The Record
May 15, 2024
CISA, FBI, and DHS Unveil Cybersecurity Guide For Civil Society Groups Full Text
Abstract
The publication Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society is designed to provide high-risk communities with actionable steps to bolster their cybersecurity defenses.Infosecurity Magazine
May 15, 2024
NIST Issues New Guidelines on Protecting Unclassified Data in Government Systems Full Text
Abstract
The NIST issued new guidelines to help federal agencies and their private sector contractors better protect sensitive unclassified information, known as Controlled Unclassified Information (CUI), from cyber threats, particularly supply chain risks.NEXTGOV
May 13, 2024
US and China to Hold Discussions on AI Risks and Security Full Text
Abstract
Biden administration officials lowered expectations about the discussions during a call with reporters, saying the talks were "not focused on promoting any technical cooperation" between the two world superpowers on AI or emerging technologies.Bank Info Security
May 13, 2024
Cyberthreat Landscape Permanently Altered by Chinese Operations, US Officials Say Full Text
Abstract
US officials say that a notorious Chinese hacking operation named Volt Typhoon has permanently altered the cyberthreat landscape by moving beyond traditional nation-state espionage goals and instead aiming to cause disruption and sow societal panic.The Record
May 13, 2024
UK’s AI Safety Institute Unveils Platform to Accelerate Safe AI Develo Full Text
Abstract
The platform, called Inspect, is set to pave the way for the safe innovation of AI models, according to the AI Safety Institute and Department for Science, Innovation and Technology (DIST).Infosecurity Magazine
May 10, 2024
CISA Explains Why it Doesn’t Call Out Tech Vendors by Name Full Text
Abstract
The CISA isn’t inclined to call out technology vendors when their fundamental errors impact customers — officials contend they can make a greater impact by discerning and generalizing those mistakes for a broader audience.Cybersecurity Dive
May 9, 2024
CISA Extends CIRCIA Rule Comment Period Full Text
Abstract
The CISA will prolong the comment period for new regulations under the Cyber Incident Reporting for Critical Infrastructure Act for another month after requests from the energy and information technology sectors and other industries.SC Magazine
May 7, 2024
Germany Recalls Ambassador to Russia Over Cyberattacks Full Text
Abstract
Germany has recalled its ambassador to Russia in response to alleged Moscow-backed cyberattacks targeting various sectors in Germany, including defense, aerospace, and IT companies, as well as the German Social Democratic Party.The Record
May 7, 2024
White House in Talks With Industry to Build Legal Framework for Software Liability Full Text
Abstract
The White House is engaging with the tech industry to establish a legal framework for software liability as part of a broader cybersecurity strategy, aiming to incentivize software developers to create products without exploitable security flaws.NextGov
May 7, 2024
US Sets Sights on Partnerships to Counter Cyberthreats, Secure AI in New Global Cyber Strategy Full Text
Abstract
The new strategy of the U.S. government aims to defend against cyberattacks on critical infrastructure, prevent surveillance misuses, and promote digital solidarity among global partners.NextGov
May 7, 2024
Krebs, Luber Added to Cyber Safety Review Board Full Text
Abstract
The Cyber Safety Review Board (CSRB) has added four new members, including Chris Krebs, former Director of the CISA, and David Luber, head of the NSA's Cybersecurity Directorate.CYBERSCOOP
May 4, 2024
CISA Urges Software Devs to Weed out Path Traversal Vulnerabilities Full Text
Abstract
Path traversal vulnerabilities, also known as directory traversal, can be exploited by attackers to manipulate critical files, compromise security mechanisms, access sensitive data, and disrupt systems.Bleeping Computer
May 2, 2024
CISA Adds GitLab Flaw to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
This flaw allows for an account takeover via Password Reset, enabling attackers to hijack accounts without any interaction. The affected versions range from 16.1 to 16.7, with GitLab releasing patches for versions 16.1.6 to 16.7.2.Security Affairs
May 2, 2024
NCSC’s New Mobile Risk Model Aimed at “High-Threat” Firms Full Text
Abstract
The initiative is designed to mitigate the threat of consumer-grade devices being targeted by commercial spyware, potentially enabling sophisticated threat actors to use these as a stepping stone into back-end corporate systems and data.Infosecurity Magazine
May 1, 2024
CISA Unveils Guidelines for AI and Critical Infrastructure Full Text
Abstract
The CISA on Monday released safety and security guidelines for critical infrastructure, a move that comes just days after the Department of Homeland Security announced the formation of a safety and security board focused on the same topic.FEDSCOOP
April 29, 2024
More Than 800 Vulnerabilities Resolved Through CISA Ransomware Notification Pilot Full Text
Abstract
The Ransomware Vulnerability Warning Pilot was unveiled in January 2023 as a program designed to “identify organizations with internet-accessible vulnerabilities commonly associated with known ransomware actors.”The Record
April 29, 2024
British Intelligence Moves to Protect Research Universities From Espionage Full Text
Abstract
The head of Britain’s domestic intelligence agency warned the country’s leading research universities on Thursday that foreign states are targeting their institutions and imperiling national security.The Record
April 29, 2024
DHS Announces AI Safety Board with OpenAI Founder, CEOs of Microsoft, Nvidia, IBM Full Text
Abstract
Members will include representatives of tech companies, critical infrastructure entities, academia, and government agencies, as well as “leaders in the civil rights, civil liberties, and privacy communities,” DHS Secretary Alejandro Mayorkas said.The Record
April 25, 2024
CISA Warns of Cisco and CrushFTP Vulnerabilities Being Actively Exploited Full Text
Abstract
On Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) added two Cisco product vulnerabilities — CVE-2024-20353 and CVE-2024-20359 — as well as one vulnerability affecting popular file transfer tool CrushFTP.The Record
April 23, 2024
CISA to Issue List of Software Products Critical to Agency Security by End of September Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency is targeting a September 30 deadline to give federal agencies a list of example software products deemed critical for the federal government’s cyber posture.NextGov
April 22, 2024
UK Cyber Agency NCSC Announces Richard Horne as its Next Chief Executive Full Text
Abstract
The hire marks another coup for the British public sector in poaching talent from the technology industry, particularly at the executive level, following the recruitment of Ollie Whitehouse as the NCSC’s chief technology officer earlier this year.The Record
April 19, 2024
NSA Shares Best Practices for Secure AI Systems Full Text
Abstract
The guidance offers a wide range of best practices, including that organizations adopt a zero trust mindset, actively monitor the AI model’s behavior, and require the primary developer of the AI system to provide a threat model for their system.Meritalk
April 19, 2024
CISA, FBI, and ODNI Release Guidance for Securing Election Infrastructure Against the Tactics of Foreign Malign Influence Operations Full Text
Abstract
The guidance document details the latest tactics employed in foreign malign influence operations to shape U.S. policies, decisions, and discourse and could be used to target America’s election infrastructure.CISA
April 19, 2024
CISA, FBI, Europol Say Akira Ransomware Raked in $42 Million From Over 250 Victims Full Text
Abstract
According to a joint advisory from the FBI, CISA, Europol's EC3, and the Netherlands' NCSC-NL, the Akira ransomware operation has breached the networks of over 250 organizations and raked in roughly $42 million in ransom payments.Bleeping Computer
April 15, 2024
US Cyber Command Expanded ‘Hunt Forward’ Operations in 2023 Full Text
Abstract
A secretive U.S. cyber military force ramped up global operations in 2023, executing more than double the average number of "hunt forward" campaigns than the previous five years, according to the head of U.S. Cyber Command.Bank Info Security
April 13, 2024
CISA Orders Agencies Impacted by Microsoft Hack to Mitigate Risks Full Text
Abstract
CISA has issued a new emergency directive ordering U.S. federal agencies to address risks resulting from the breach of multiple Microsoft corporate email accounts by the Russian APT29 hacking group.Cyware
April 13, 2024
FBI Warns of Massive Wave of Road Toll SMS Phishing Attacks Full Text
Abstract
While the mobile phishing campaign has yet to reach some U.S. regions, this can be explained by the fact that complaint information collected so far by IC3 indicates the scam may be moving from state to state.Cyware
April 9, 2024
US Health Deptarment Warns Hospitals of Hackers Targeting IT Help Desks Full Text
Abstract
The U.S. Department of Health and Human Services (HHS) warns that hackers are now using social engineering tactics to target IT help desks across the Healthcare and Public Health (HPH) sector.Bleeping Computer
April 8, 2024
US Chamber of Commerce, Industry Groups Call for 30-Day Delay in CIRCIA Rules Full Text
Abstract
The U.S. Chamber of Commerce and multiple industry leaders are calling for a month-long extension of the 60-day comment period for a new incident reporting rule being issued by the top cybersecurity agency in the U.S.The Record
April 2, 2024
FCC to Probe ‘Grave’ Weaknesses in Phone Network Infrastructure Full Text
Abstract
The Federal Communications Commission (FCC) says it is taking action to address significant weaknesses in telecommunications networks that can enable cybercrime and spying.The Record
April 2, 2024
Vulnerability Database Backlog Due to Increased Volume, Changes in ‘Support,’ NIST Says Full Text
Abstract
The National Institute of Standards and Technology (NIST) blamed increases in the volume of software and “a change in interagency support” for the recent backlog of vulnerabilities analyzed in the organization’s National Vulnerability Database (NVD).The Record
April 1, 2024
OMB Issues First Governmentwide AI Risk Mitigation Rules Full Text
Abstract
U.S. federal agencies have until December to implement a series of safeguards that aim to ensure the government is responsibly using artificial intelligence, the White House ordered Thursday.Gov Info Security
April 1, 2024
Pentagon Lays Out Strategy to Improve Defense Industrial Base Cybersecurity Full Text
Abstract
The strategy, which covers fiscal years 2024 through 2027, lays out four topline goals, such as improving best practices within the industrial base. Each goal contains a subset of objectives, such as being able to recover from a cyberattack.The Record
April 1, 2024
NIST Unveils New Consortium to Operate the NVD Full Text
Abstract
It’s now official: the US National Institute of Standards and Technology (NIST) will hand over some aspects of the management of the world’s most widely used software vulnerability repository to an industry consortium.Infosecurity Magazine
March 29, 2024
CISA Issues Notice for Long-Awaited Critical Infrastructure Reporting Requirements Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) posted the 447-page set of regulations under the Cyber Incident Reporting for Critical Infrastructure Act to the Federal Register, allowing the public to comment on it.Cybersecurity Dive
March 28, 2024
CISA Adds One Known Exploited Vulnerability in Microsoft Sharepoint Server to Catalog Full Text
Abstract
The vulnerability, tracked as CVE-2023-24955 (CVSS score: 7.2), is a critical remote code execution flaw that allows an authenticated attacker with Site Owner privileges to execute arbitrary code.CISA
March 28, 2024
UK: NCSC Warns of Hackers Hitting High-Risk Individuals’ Personal Accounts Full Text
Abstract
Britain's National Cyber Security Center is warning that criminals and nation-state hacking groups, confronted with well-managed corporate cybersecurity defenses, have turned their sights to individual personal devices and accounts.Bank Info Security
March 26, 2024
Senator Demands Answers From HHS About $7.5 Million Cyber Theft in 2023 Full Text
Abstract
HHS has not issued a public statement about the incident, and its Office of the Inspector General declined to confirm or deny an investigation was underway when pressed about it in January.The Record
March 12, 2024
ODNI Appoints New Election Security Leader Ahead of Presidential Race Full Text
Abstract
The Office of the Director of National Intelligence (ODNI) has appointed Jessica Brandt as the director of the Foreign Malign Influence Center, which aims to combat foreign interference in U.S. elections.Cyware
March 9, 2024
CISA Adds Apple iOS and iPadOS Memory Corruption Bugs to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
These memory corruption vulnerabilities, tracked as CVE-2024-23225 and CVE-2024-23296, were exploited in attacks against iPhone devices. Apple released emergency security updates to address these zero-day vulnerabilities.Cyware
March 8, 2024
CISA, NSA Share Best Practices for Securing Cloud Services Full Text
Abstract
The NSA and CISA have issued five joint bulletins outlining best practices for securing cloud environments, covering identity and access management, key management, encryption, data security, and mitigating risks from managed service providers.Cyware
March 2, 2024
CISA adds Microsoft Streaming Service bug to its Known Exploited Vulnerabilities catalog Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the CVE-2023-29360 Microsoft Streaming Service vulnerability to its Known Exploited Vulnerabilities catalog, which allows attackers to gain SYSTEM privileges.Cyware
March 2, 2024
UK Unveils Draft Cybersecurity Governance Code Full Text
Abstract
The UK Department for Science, Innovation and Technology (DSIT) has revealed what its future Cybersecurity Governance Code of Practice will look like and the five principals it will include.Cyware
March 1, 2024
FBI, CISA Release IoCs for Phobos Ransomware Full Text
Abstract
The Phobos ransomware strain, distributed through ransomware-as-a-service, has targeted a wide range of organizations, including governments, healthcare, education, and critical infrastructure sectors.Cyware
February 29, 2024
Senator Asks FTC to Investigate Automakers’ Data Privacy Practices Full Text
Abstract
Senator Edward Markey has called for an investigation into the data privacy practices of the automotive industry, urging Federal Trade Commission (FTC) Chair Lina Khan to take action.Cyware
February 29, 2024
DoE Invests $45 Million to Prevent Cyberattacks on US Energy Systems Full Text
Abstract
The Department of Energy's Office of Cybersecurity, Energy Security, and Emergency Response (CESER) has allocated $45 million for 16 projects aimed at developing new technologies to prevent cyberattacks and reduce energy disruptions.Cyware
February 28, 2024
HSCC Issues Cyber ‘Call to Action’ Plan for Health Sector Full Text
Abstract
The plan includes 12 measurable objectives, such as increasing cybersecurity practices, developing cross-sector risk management strategies, and implementing automation and emerging technologies.Cyware
February 28, 2024
Cybersecurity Agencies Warn Ubiquiti EdgeRouter Users of APT28’s MooBot Threat Full Text
Abstract
Organizations are urged to perform a hardware factory reset, upgrade firmware, change default credentials, and implement firewall rules to protect against the MooBot attacks.Cyware
February 28, 2024
US Agencies Warn of ALPHV/Blackcat Ransomware Threat to Healthcare Providers Full Text
Abstract
ALPHV/Blackcat ransomware affiliates use advanced social engineering techniques and open-source research to gain initial access to victim networks, posing as IT or helpdesk staff to obtain credentials.Cyware
February 26, 2024
HHS OCR Tells Congress it Needs More Funding for HIPAA Work Full Text
Abstract
The number of reported health data breaches and HIPAA complaints has been increasing, posing a significant challenge for the Department of Health and Human Services' Office for Civil Rights to keep up with their workload.Cyware
February 26, 2024
CISA, EPA, FBI Publish Top Cyber Steps for Water System Operators Full Text
Abstract
Water and wastewater systems need to enhance their cybersecurity measures to protect against potential cyberattacks due to vulnerabilities in their operational technology (OT) and information technology (IT) systems.Cyware
February 24, 2024
President Biden’s Executive Order Seeks to Bolster Port Cybersecurity Full Text
Abstract
The White House issued an executive order to improve maritime port security, including bolstering cybersecurity policies and investing in infrastructure, while addressing concerns about Chinese-owned cranes' potential cybersecurity threats.Cyware
February 17, 2024
CISA Warns of Akira Ransomware Exploiting Cisco ASA/FTD Vulnerability Full Text
Abstract
The information disclosure vulnerability, known as CVE-2020-3259, is being exploited by the Akira ransomware group to compromise susceptible Cisco Anyconnect SSL VPN appliances.Cyware
February 12, 2024
CISA Partners with OpenSSF to Release Principles for Package Repository Security Framework Full Text
Abstract
This initiative aligns with CISA's Open Source Software Security Roadmap's objective of collaborating with relevant working groups to develop security principles for package managers.Cyware
February 12, 2024
National Cyber Director Urges Private Sector Collaboration to Counter Nation-State Cyber Threat Full Text
Abstract
National Cyber Director Harry Coker emphasized the need for a collaborative effort between the government and industry to address cyber threats, harmonize regulations, and build a diverse cybersecurity workforce.Cyware
February 12, 2024
CISA Blitzes Super Bowl With Cyber Campaign as Businesses Fumble Security Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) partnered with the NFL to promote cybersecurity awareness during the Super Bowl, aiming to encourage strong passwords, multifactor authentication, and phishing reporting.Cyware
February 08, 2024
Chinese Hackers Operate Undetected in U.S. Critical Infrastructure for Half a Decade Full Text
Abstract
The U.S. government on Wednesday said the Chinese state-sponsored hacking group known as Volt Typhoon had been embedded into some critical infrastructure networks in the country for at least five years. Targets of the threat actor include communications, energy, transportation, and water and wastewater systems sectors in the U.S. and Guam. "Volt Typhoon's choice of targets and pattern of behavior is not consistent with traditional cyber espionage or intelligence gathering operations, and the U.S. authoring agencies assess with high confidence that Volt Typhoon actors are pre-positioning themselves on IT networks to enable lateral movement to OT assets to disrupt functions," the U.S. government said . The joint advisory, which was released by the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and the Federal Bureau of Investigation (FBI), was also backed by other nations that are part of the Five Eyes (FVEY) intelligence allThe Hacker News
February 8, 2024
CISA Adds Google Chromium V8 Type Confusion Bug to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
The vulnerability, tracked as CVE-2023-4762, can allow a remote attacker to execute arbitrary code via a crafted HTML page, and has been exploited by threat actors to install spyware on both Apple and Android devices.Cyware
February 5, 2024
China-Linked Hackers Primed to Attack US Critical Infrastructure, FBI Director Says Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) has observed an evolving threat from China-linked hackers infiltrating U.S. critical infrastructure, aiming to induce societal panic and chaos.Cyware
February 2, 2024
US Senate Panel Hears Plea for Action on Bank Spoofing Scams Full Text
Abstract
A top U.S. banking lobbyist told a Senate panel Thursday there are limits to what financial institutions can do to stop scammers from draining individual banking accounts and called on regulators like the FCC to do more to combat caller ID spoofing.Cyware
February 01, 2024
CISA Warns of Active Exploitation of Critical Vulnerability in iOS, iPadOS, and macOS Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting iOS, iPadOS, macOS, tvOS, and watchOS to its Known Exploited Vulnerabilities ( KEV ) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2022-48618 (CVSS score: 7.8), concerns a bug in the kernel component. "An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication ," Apple said in an advisory, adding the issue "may have been exploited against versions of iOS released before iOS 15.7.1." The iPhone maker said the problem was addressed with improved checks. It's currently not known how the vulnerability is being weaponized in real-world attacks. Interestingly, patches for the flaw were released on December 13, 2022 with the release of iOS 16.2, iPadOS 16.2 , macOS Ventura 13.1 , tvOS 16.2 , and watchOS 9.2 , although it was only publicly disclosed more than a yearThe Hacker News
January 29, 2024
Saudi Arabia Boosts Railway Cybersecurity Full Text
Abstract
The railway network, spanning 4,500 kilometers in Saudi Arabia, faces challenges in securing its legacy and modern technologies, especially with the introduction of IoT signaling and communication systems.Cyware
January 26, 2024
Feds Warn Healthcare Sector of ConnectWise ScreenConnect Threats Full Text
Abstract
Federal authorities warn that a self-hosted version of ConnectWise's ScreenConnect remote access tool was compromised at a large pharmacy services firm, posing a significant risk to other healthcare organizations.Cyware
January 25, 2024
HHS Details New Cyber Performance Goals for Health Sector Full Text
Abstract
The performance goals consist of essential and enhanced practices based on industry cybersecurity frameworks and aim to address common vulnerabilities and mature cybersecurity capabilities in the healthcare sector.Cyware
January 25, 2024
UK Tells Business Leaders to ‘Toughen Up’ Against Cyberattacks Full Text
Abstract
The increase in ransomware attacks in the UK is attributed to the success of the ransomware-as-a-service ecosystem, making it easier for criminals to engage in disruptive attacks.Cyware
January 20, 2024
CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch (FCEB) agencies to implement mitigations against two actively exploited zero-day flaws in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) products. The development came after the vulnerabilities – an authentication bypass (CVE-2023-46805) and a code injection bug (CVE-2024-21887) – came under widespread exploitation of vulnerabilities by multiple threat actors. The flaws allow a malicious actor to craft malicious requests and execute arbitrary commands on the system. The U.S. company acknowledged in an advisory that it has witnessed a "sharp increase in threat actor activity" starting on January 11, 2024, after the shortcomings were publicly disclosed. "Successful exploitation of the vulnerabilities in these affected products allows a malicious threat actor to move laterally, perform data exfiltration, andThe Hacker News
January 17, 2024
Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned that threat actors deploying the AndroxGh0st malware are creating a botnet for "victim identification and exploitation in target networks." A Python-based malware, AndroxGh0st was first documented by Lacework in December 2022, with the malware inspiring several similar tools like AlienFox, GreenBot (aka Maintance), Legion, and Predator. The cloud attack tool is capable of infiltrating servers vulnerable to known security flaws to access Laravel environment files and steal credentials for high-profile applications such as Amazon Web Services (AWS), Microsoft Office 365, SendGrid, and Twilio. Some of the notable flaws weaponized by the attackers include CVE-2017-9841 (PHPUnit), CVE-2021-41773 (Apache HTTP Server), and CVE-2018-15133 (Laravel Framework). "AndroxGh0st has multiple features to enable SMTP abuse including scanning, exploitatThe Hacker News
January 16, 2024
DOD Unveils First-Ever National Defense Industrial Strategy Full Text
Abstract
The National Defense Industrial Strategy focuses on resilient supply chains, workforce readiness, flexible acquisitions, and economic deterrence to improve defense industrial ecosystem.Cyware
January 10, 2024
DOJ to up Tempo of Cybercrime Operations in 2024, Senior Official Says Full Text
Abstract
The US Department of Justice expects an increase in government disruption operations in cybersecurity in 2024, with a focus on dismantling cybercriminal infrastructure and targeting individuals and companies supporting cybercrime.Cyware
January 10, 2024
FTC Bans Outlogic (X-Mode) From Selling Sensitive Location Data Full Text
Abstract
The U.S. Federal Trade Commission (FTC) on Tuesday prohibited data broker Outlogic , which was previously known as X-Mode Social , from sharing or selling any sensitive location data with third-parties. The ban is part of a settlement over allegations that the company "sold precise location data that could be used to track people's visits to sensitive locations such as medical and reproductive health clinics, places of religious worship and domestic abuse shelters." The proposed order also requires it to destroy all the location data it previously gathered unless it obtains consumer consent or ensures the data has been de-identified or rendered non-sensitive as well as maintain a comprehensive list of sensitive locations and develop a comprehensive privacy program with a data retention schedule to prevent abuse. The FTC accused X-Mode Social and Outlogic of failing to establish adequate safeguards to prevent the misuse of such data by downstream customers. The devThe Hacker News
January 10, 2024
CISA Flags 6 Vulnerabilities - Apple, Apache, Adobe , D-Link, Joomla Under Attack Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added six security flaws to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active exploitation. This includes CVE-2023-27524 (CVSS score: 8.9), a high-severity vulnerability impacting the Apache Superset open-source data visualization software that could enable remote code execution. It was fixed in version 2.1. Details of the issue first came to light in April 2023, with Horizon3.ai's Naveen Sunkavally describing it as a "dangerous default configuration in Apache Superset that allows an unauthenticated attacker to gain remote code execution, harvest credentials, and compromise data." It's currently not known how the vulnerability is being exploited in the wild. Also added by CISA are five other flaws - CVE-2023-38203 (CVSS score: 9.8) - Adobe ColdFusion Deserialization of Untrusted Data Vulnerability CVE-2023-29300 (CVSS score: 9.8) - Adobe ColdFusion Deserialization of UntrusThe Hacker News
January 9, 2024
US DHS Solicits Synthetic Data Expertise for AI Training Full Text
Abstract
The U.S. federal government is seeking synthetic data generators to train machine learning models and test systems in instances where real-world data is unavailable or poses privacy and security risks.Cyware
January 08, 2024
NIST Warns of Security and Privacy Risks from Rapid AI System Deployment Full Text
Abstract
The U.S. National Institute of Standards and Technology (NIST) is calling attention to the privacy and security challenges that arise as a result of increased deployment of artificial intelligence (AI) systems in recent years. "These security and privacy challenges include the potential for adversarial manipulation of training data, adversarial exploitation of model vulnerabilities to adversely affect the performance of the AI system, and even malicious manipulations, modifications or mere interaction with models to exfiltrate sensitive information about people represented in the data, about the model itself, or proprietary enterprise data," NIST said . As AI systems become integrated into online services at a rapid pace, in part driven by the emergence of generative AI systems like OpenAI ChatGPT and Google Bard, models powering these technologies face a number of threats at various stages of the machine learning operations. These include corrupted training data, security flawThe Hacker News
January 5, 2024
The FBI Is Adding More Cyber-Focused Agents to US Embassies Full Text
Abstract
The expansion of the FBI's cyber program reflects a shift towards a proactive approach, focusing on disrupting cybercriminal operations rather than just investigating after the fact.Cyware
January 5, 2024
DOE Announces Up to $70 Million to Strengthen Energy Sector Against Physical and Cyber Hazards Full Text
Abstract
The funding opportunity is open to public and private stakeholders, universities, and DOE's National Laboratories, and will focus on developing innovative solutions to strengthen the resilience of America's energy systems.Cyware
January 4, 2024
FTC Soliciting Contest Submissions to Help Tackle Voice Cloning Technology Full Text
Abstract
The FTC is seeking multidisciplinary approaches to prevent unauthorized use of voice cloning, improve real-time detection, and provide consumers with tools to identify cloned voices in audio clips.Cyware
December 29, 2023
CERT-UA Uncovers New Malware Wave Distributing OCEANMAP, MASEPIE, STEELHOOK Full Text
Abstract
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign orchestrated by the Russia-linked APT28 group to deploy previously undocumented malware such as OCEANMAP, MASEPIE, and STEELHOOK to harvest sensitive information. The activity, which was detected by the agency between December 15 and 25, 2023, targets government entities with email messages urging recipients to click on a link to view a document. However, to the contrary, the links redirect to malicious web resources that abuse JavaScript and the "search-ms:" URI protocol handler to drop a Windows shortcut file (LNK) that launches PowerShell commands to activate an infection chain for a new malware known as MASEPIE. MASEPIE is a Python-based tool to download/upload files and execute commands, with communications with the command-and-control (C2) server taking place over an encrypted channel using the TCP protocol. The attacks further pave the way for the deployment of aThe Hacker News
December 20, 2023
‘No Evidence’ of Foreign Election Interference in 2022 US Midterms, Spy Agencies Say Full Text
Abstract
The U.S. intelligence community has stated that Russia and China attempted to influence the 2022 U.S. midterms, but were unsuccessful in hacking the election infrastructure or disrupting voting.Cyware
December 19, 2023
FBI, CISA, and ACSC Release Joint Advisory on Play Ransomware Full Text
Abstract
The Play ransomware group has been targeting businesses and critical infrastructure in North America, South America, and Europe since June 2022. They use a double-extortion model, encrypting systems after exfiltrating data.Cyware
December 19, 2023
US Agencies Release Security Guidance on Managing SBOMs and Open Source Software Full Text
Abstract
The report provides guidance on open source software adoption, including criteria for selection, risk assessment, licensing, export control, maintenance, vulnerability response, and secure software delivery.Cyware
December 18, 2023
UK National Grid Pulls Chinese Equipment Over Cybersecurity Concerns Full Text
Abstract
The contract with NR Electric UK, a subsidiary of China's Nari Technology, was terminated without reason given in April, highlighting growing concerns over Chinese involvement in critical infrastructure.Cyware
December 16, 2023
China’s MIIT Introduces Color-Coded Action Plan for Data Security Incidents Full Text
Abstract
China's Ministry of Industry and Information Technology (MIIT) on Friday unveiled draft proposals detailing its plans to tackle data security events in the country using a color-coded system. The effort is designed to "improve the comprehensive response capacity for data security incidents, to ensure timely and effective control, mitigation and elimination of hazards and losses caused by data security incidents, to protect the lawful rights and interests of individuals and organizations, and to safeguard national security and public interests, the department said. The 25-page document encompasses all incidents in which data has been illegally accessed, leaked, destroyed, or tampered with, categorized them into four hierarchical tiers based on the scope and the degree of harm caused - Red: Level I ("especially significant"), which applies to widespread shutdowns, substantial loss of business processing capability, interruptions arising due to serious anomalieThe Hacker News
December 13, 2023
FCC Reminds Mobile Phone Carriers They Must do More to Prevent SIM Swaps Full Text
Abstract
The FCC has updated its rules to require carriers to better verify customers' identities before making any changes to their accounts. The agency also emphasized the importance of quickly notifying customers of any account changes.Cyware
December 11, 2023
CISA and ENISA Signed a Working Arrangement to Enhance Cooperation Full Text
Abstract
The collaboration aims to strengthen cybersecurity, safeguard critical infrastructure, and reinforce the resilience of digital products in the face of increasing cyber threats.Cyware
December 8, 2023
FCC Partners With Four States on Privacy and Data Protection Enforcement Full Text
Abstract
By collaborating with state enforcers, the FCC can enhance its investigative efforts, share information, and leverage tools to address consumer harms more effectively in the realm of privacy and cybersecurity.Cyware
December 06, 2023
Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a high-severity Adobe ColdFusion vulnerability by unidentified threat actors to gain initial access to government servers. "The vulnerability in ColdFusion (CVE-2023-26360) presents as an improper access control issue and exploitation of this CVE can result in arbitrary code execution," CISA said , adding an unnamed federal agency was targeted between June and July 2023. The shortcoming affects ColdFusion 2018 (Update 15 and earlier versions) and ColdFusion 2021 (Update 5 and earlier versions). It has been addressed in versions Update 16 and Update 6, released on March 14, 2023, respectively. It was added by CISA to the Known Exploited Vulnerabilities (KEV) catalog a day later, citing evidence of active exploitation in the wild. Adobe, in an advisory released around that time, said it's aware of the flaw being "exploited in the wild in very limited attacks."The Hacker News
December 5, 2023
OPM Launches Cyber Rotational Program for Feds Full Text
Abstract
The OPM has launched a new Federal Rotational Cyber Workforce Program, allowing cybersecurity employees in the federal government to apply for rotational opportunities at other agencies to enhance their skills and defend against evolving threats.Cyware
November 30, 2023
CISA Warns of Unitronics PLC Exploitation Following Water Utility Hack Full Text
Abstract
In the case of the Municipal Water Authority of Aliquippa, CISA noted that the attackers likely accessed the ICS device “by exploiting cybersecurity weaknesses, including poor password security and exposure to the internet”.Cyware
November 27, 2023
U.S., U.K., and Global Partners Release Secure AI System Development Guidelines Full Text
Abstract
The U.K. and U.S., along with international partners from 16 other countries, have released new guidelines for the development of secure artificial intelligence (AI) systems. "The approach prioritizes ownership of security outcomes for customers, embraces radical transparency and accountability, and establishes organizational structures where secure design is a top priority," the U.S. Cybersecurity and Infrastructure Security Agency (CISA) said . The goal is to increase cyber security levels of AI and help ensure that the technology is designed, developed, and deployed in a secure manner, the National Cyber Security Centre (NCSC) added . The guidelines also build upon the U.S. government's ongoing efforts to manage the risks posed by AI by ensuring that new tools are tested adequately before public release, there are guardrails in place to address societal harms, such as bias and discrimination, and privacy concerns, and setting up robust methods for consumerThe Hacker News
November 24, 2023
North Korean Supply Chain Attacks Prompt Joint Warning From South Korea and the UK Full Text
Abstract
The United Kingdom and South Korea have issued a joint advisory warning about software supply chain attacks carried out by North Korean state-linked hackers, highlighting the increasing volume and sophistication of such attacks.Cyware
November 24, 2023
Australia’s Cybersecurity Strategy Focuses on Protecting Small Businesses and Critical Infrastructure Full Text
Abstract
The strategy includes financial investments to support small and medium businesses, strengthen critical infrastructure, and enhance cyber capabilities, but critics argue that the allocated funds are insufficient.Cyware
November 21, 2023
CISA Releases Cybersecurity Guidance for Healthcare, Public Health Organizations Full Text
Abstract
The guide incorporates vulnerability data, known exploited vulnerabilities, and the MITRE ATT&CK framework. It covers topics such as asset management, identity management, device security, vulnerabilities, patching, and secure design principles.Cyware
November 20, 2023
US Announces $70 Million Cybersecurity Boost for Rural, Municipal Utilities Full Text
Abstract
The funding opportunity includes investments in technologies, tools, training, and processes to strengthen cybersecurity, as well as increasing access to technical assistance and training for organizations with limited resources.Cyware
November 17, 2023
FCC Enforces Stronger Rules to Protect Customers Against SIM Swapping Attacks Full Text
Abstract
The U.S. Federal Communications Commission (FCC) is adopting new rules that aim to protect consumers from cell phone account scams that make it possible for malicious actors to orchestrate SIM-swapping attacks and port-out fraud. "The rules will help protect consumers from scammers who target data and personal information by covertly swapping SIM cards to a new device or porting phone numbers to a new carrier without ever gaining physical control of a consumer's phone," FCC said this week. While SIM swapping refers to transferring a user's account to a SIM card controlled by the scammer by convincing the victim's wireless carrier, port-out fraud occurs when the bad actor, posing as the victim, transfers their phone number from one service provider to another without their knowledge. The new rules, first proposed in July 2023 , mandate wireless providers to adopt secure methods of authenticating a customer before redirecting a customer's phone number to a new device or provideThe Hacker News
November 17, 2023
U.S. Cybersecurity Agencies Warn of Scattered Spider’s Gen Z Cybercrime Ecosystem Full Text
Abstract
U.S. cybersecurity and intelligence agencies have released a joint advisory about a cybercriminal group known as Scattered Spider that's known to employ sophisticated phishing tactics to infiltrate targets. "Scattered Spider threat actors typically engage in data theft for extortion using multiple social engineering techniques and have recently leveraged BlackCat/ALPHV ransomware alongside their usual TTPs," the agencies said . The threat actor, also tracked under the monikers Muddled Libra, Octo Tempest, 0ktapus, Scatter Swine, Star Fraud, and UNC3944, was the subject of an extensive profile from Microsoft last month, with the tech giant calling it "one of the most dangerous financial criminal groups." Considered as experts in social engineering, Scattered Spider is known to rely on phishing, prompt bombing, and SIM swapping attacks to obtain credentials, install remote access tools, and bypass multi-factor authentication (MFA). Scattered Spider, liThe Hacker News
November 16, 2023
CISA and FBI Issue Warning About Rhysida Ransomware Double Extortion Attacks Full Text
Abstract
The threat actors behind the Rhysida ransomware engage in opportunistic attacks targeting organizations spanning various industry sectors. The advisory comes courtesy of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC). "Observed as a ransomware-as-a-service (RaaS) model, Rhysida actors have compromised organizations in education, manufacturing, information technology, and government sectors and any ransom paid is split between the group and affiliates," the agencies said . "Rhysida actors leverage external-facing remote services, such as virtual private networks (VPNs), Zerologon vulnerability (CVE-2020-1472), and phishing campaigns to gain initial access and persistence within a network." First detected in May 2023, Rhysida makes use of the time-tested tactic of double extortion, demanding a ransom payment to decrypt victim daThe Hacker News
November 16, 2023
State-Backed Hackers a Threat to Australia, Agency Warns Full Text
Abstract
Critical infrastructure, including water supplies and electricity grids, are likely targets for cyberattacks, along with the theft of military secrets and intellectual property.Cyware
November 16, 2023
CISA Outlines AI-Related Cybersecurity Efforts Full Text
Abstract
CISA's roadmap outlines five key areas of focus, including responsible use of AI, secure adoption of AI-based software, protection against malicious use of AI, collaboration with partners, and workforce education on AI systems and techniques.Cyware
November 15, 2023
NY Governor Wants New Cybersecurity Rules for Hospitals After Multiple Attacks Full Text
Abstract
New York Governor Kathy Hochul has proposed new cybersecurity rules for hospitals in the state to establish robust cybersecurity programs, assess risks, and implement protective measures to combat the rising threat of cyberattacks.Cyware
November 14, 2023
Royal Ransomware Rebrands as BlackSuit - Warn FBI and CISA Full Text
Abstract
The Royal ransomware gang, now known as BlackSuit, has undergone a strategic rebranding, unveiled in a joint advisory by CISA and the FBI. This shift, observed since November 2022, involves advanced encryption methods and sophisticated attack vectors, emphasizing the exploitation of vulnerabilities ... Read MoreCyware
November 14, 2023
US Agencies Warn Royal Ransomware Gang May Rebrand as ‘BlackSuit’ Full Text
Abstract
There are indications that Royal may be preparing for a re-branding effort and/or a spinoff variant. Blacksuit ransomware shares a number of identified coding characteristics similar to Royal.Cyware
November 09, 2023
CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw in the Service Location Protocol (SLP) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-29552 (CVSS score: 7.5), the issue relates to a denial-of-service (DoS) vulnerability that could be weaponized to launch massive DoS amplification attacks. It was disclosed by Bitsight and Curesec earlier this April. "The Service Location Protocol (SLP) contains a denial-of-service (DoS) vulnerability that could allow an unauthenticated, remote attacker to register services and use spoofed UDP traffic to conduct a denial-of-service (DoS) attack with a significant amplification factor," CISA said . SLP is a protocol that allows systems on a local area network (LAN) to discover each other and establish communications. The exact details surrounding the nature of exploitation of the flaw are currently unknown, buThe Hacker News
November 6, 2023
US, South Korea and Japan Launch Group to Tackle North Korean Hacking Full Text
Abstract
The FBI has attributed recent cryptocurrency hacks to North Korean-sponsored threat actors, highlighting the need for increased cybersecurity cooperation among liberal democracies in the Pacific.Cyware
October 31, 2023
Russia to Launch its Own Version of Virustotal Due to US Snooping Fears Full Text
Abstract
The Russian government is developing its own malware scanning platform, Multiscanner, due to concerns that the U.S. government could access data from the popular VirusTotal service.Cyware
October 31, 2023
Canada Bans WeChat and Kaspersky Apps On Government Devices Full Text
Abstract
Canada on Monday announced a ban on the use of apps from Tencent and Kaspersky on government mobile devices, citing an "unacceptable level of risk to privacy and security." "The Government of Canada is committed to keeping government information and networks secure," the Canadian government said . "We regularly monitor potential threats and take immediate action to address risks." To that end, Tencent's WeChat and Kaspersky's suite of applications have been removed from government-issued mobile devices effective October 30, 2023. Going forward, users of these devices will be blocked from downloading the apps. "We are taking a risk-based approach to cyber security by removing access to these applications on government mobile devices," Anita Anand, President of the Treasury Board, said in a statement, adding the apps "provide considerable access to the device's contents." WeChat is a Chinese instant messaging, social medThe Hacker News
October 30, 2023
White House Issues Sweeping Executive Order to Secure AI Full Text
Abstract
The order directs the National Institute of Standards and Technology to establish new standards for red-team testing and the Department of Health and Human Services to create a safety program for AI in healthcare.Cyware
October 30, 2023
CISA Launches Logging Tool for Resource-Poor Organizations Full Text
Abstract
The tool provides step-by-step installation instructions, prebuilt elastic security detection rules, and coding to reduce cost barriers, making it accessible for organizations aiming to implement basic logging and monitoring capabilities.Cyware
October 27, 2023
CISA: Agencies Seeing Steep Decrease in Known Exploited Vulnerabilities on Federal Networks Full Text
Abstract
Federal civilian agencies have remediated over 7 million Known Exploited Vulnerabilities findings this year, resulting in a 72% decrease in the percentage of vulnerabilities exposed for 45 or more days.Cyware
October 26, 2023
Australia Focuses on Threat of Chinese Attack on Solar Power Full Text
Abstract
The Australian government is introducing standards to address the cybersecurity vulnerabilities of internet-connected solar inverters amid concerns of potential Chinese state-sponsored hacking.Cyware
October 21, 2023
FBI: Thousands of Remote IT Workers Sent Wages to North Korea to Help Fund Weapons Program Full Text
Abstract
The workers used false identities to secure remote IT jobs and funneled their earnings to North Korea, while also infiltrating and stealing information from the companies they worked for.Cyware
October 20, 2023
CISA, NSA, FBI, MS-ISAC Publish Guide on Preventing Phishing Intrusions Full Text
Abstract
The guide categorizes phishing into two common tactics: obtaining login credentials and deploying malware, and provides details on techniques used by malicious actors, such as impersonation and spoofing, to carry out these attacks.Cyware
October 20, 2023
CISA Launches New Phase of Secure by Design to Push Global Industry on Software Security Full Text
Abstract
CISA plans to issue a request for information to address Secure by Design engineering and is urging software manufacturers to demonstrate evidence of security incorporation through artifacts.Cyware
October 19, 2023
UK Warns Nuclear Power Plant Operator of Cybersecurity Failings Full Text
Abstract
EDF, the company operating nuclear power plants in the UK, is facing increased regulatory attention after an inspection of its cybersecurity practices. The company failed to provide a comprehensive cybersecurity improvement plan.Cyware
October 13, 2023
CISA Now Flagging Vulnerabilities, Misconfigurations Exploited by Ransomware Full Text
Abstract
Through its Ransomware Vulnerability Warning Pilot (RVWP) program, the CISA has released two new resources to help identify and fix vulnerabilities exploited by ransomware groups.Cyware
October 13, 2023
FBI, CISA Warn of Rising AvosLocker Ransomware Attacks Against Critical Infrastructure Full Text
Abstract
The AvosLocker ransomware gang has been linked to attacks against critical infrastructure sectors in the U.S., with some of them detected as recently as May 2023. That's according to a new joint cybersecurity advisory released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) detailing the ransomware-as-a-service (RaaS) operation's tactics, techniques, and procedures (TTPs). "AvosLocker affiliates compromise organizations' networks by using legitimate software and open-source remote system administration tools," the agencies said . "AvosLocker affiliates then use exfiltration-based data extortion tactics with threats of leaking and/or publishing stolen data." The ransomware strain first emerged on the scene in mid-2021, and has since leveraged sophisticated techniques to disable antivirus protection as a detection evasion measure. It affects Windows, Linux, and VMware ESXi environmentThe Hacker News
October 13, 2023
State’s Cyber Overhaul Bets Big on Zero Trust to Tackle Emerging Threats Full Text
Abstract
The State Department has undergone a significant cybersecurity overhaul, prioritizing a zero-trust security architecture and implementing key performance indicators and guidance from various federal agencies.Cyware
October 11, 2023
U.S. Cybersecurity Agency Warns of Actively Exploited Adobe Acrobat Reader Vulnerability Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity flaw in Adobe Acrobat Reader to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active exploitation. Tracked as CVE-2023-21608 (CVSS score: 7.8), the vulnerability has been described as a use-after-free bug that can be exploited to achieve remote code execution (RCE) with the privileges of the current user. A patch for the flaw was released by Adobe in January 2023. HackSys security researchers Ashfaq Ansari and Krishnakant Patil were credited with discovering and reporting the flaw. The following versions of the software are impacted - Acrobat DC - 22.003.20282 (Win), 22.003.20281 (Mac) and earlier versions (fixed in 22.003.20310) Acrobat Reader DC - 22.003.20282 (Win), 22.003.20281 (Mac) and earlier versions (fixed in 22.003.20310) Acrobat 2020 - 20.005.30418 and earlier versions (fixed in 20.005.30436) Acrobat Reader 2020 - 20.005.30418 and earlThe Hacker News
October 7, 2023
CISA Reverses Course on Malicious Exploitation of Video Conferencing Device Flaws Full Text
Abstract
The Meeting Owl vulnerabilities, discovered by researchers at Modzero, include encryption flaws, hardcoded credentials, and authentication issues, which could potentially allow attackers to take control of the device.Cyware
October 05, 2023
CISA Warns of Active Exploitation of JetBrains and Windows Vulnerabilities Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws to its Known Exploited Vulnerabilities ( KEV ) catalog due to active exploitation, while removing five bugs from the list due to lack of adequate evidence. The vulnerabilities newly added are below - CVE-2023-42793 (CVSS score: 9.8) - JetBrains TeamCity Authentication Bypass Vulnerability CVE-2023-28229 (CVSS score: 7.0) - Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability CVE-2023-42793 relates to a critical authentication bypass vulnerability that allows for remote code execution on TeamCity Server. Data gathered by GreyNoise has revealed exploitation attempts targeting the flaw from 74 unique IP addresses to date. On the other hand, CVE-2023-28229 is a high-severity flaw in the Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service that allows an attacker to gain specific limited SYSTEM privileges. There are currenThe Hacker News
September 30, 2023
FBI Warns of Rising Trend of Dual Ransomware Attacks Targeting U.S. Companies Full Text
Abstract
The U.S. Federal Bureau of Investigation (FBI) is warning of a new trend of dual ransomware attacks targeting the same victims, at least since July 2023. "During these attacks, cyber threat actors deployed two different ransomware variants against victim companies from the following variants: AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and Royal," the FBI said in an alert. "Variants were deployed in various combinations." Not much is known about the scale of such attacks, although it's believed that they happen in close proximity to one another, ranging from anywhere between 48 hours to within 10 days. Another notable change observed in ransomware attacks is the increased use of custom data theft, wiper tools, and malware to exert pressure on victims to pay up. "This use of dual ransomware variants resulted in a combination of data encryption, exfiltration, and financial losses from ransom payments," the agency said. "Second ranThe Hacker News
September 30, 2023
FBI Warns Energy Sector of Likely Increase in Targeting by Chinese, Russian Hackers Full Text
Abstract
The FBI warns that changes in the global energy supply, including US exports of liquefied natural gas and shifts in the crude oil supply chain, are likely to boost the targeting of critical energy infrastructure by Chinese and Russian hackers.Cyware
September 30, 2023
CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks Full Text
Abstract
The flaw, tracked as CVE-2018-14667, was added by CISA on Thursday to its Known Exploited Vulnerabilities (KEV) Catalog, with federal agencies being instructed to apply mitigations or discontinue the use of the product by October 19.Cyware
September 29, 2023
FBI Warns Organizations of Dual Ransomware, Wiper Attacks Full Text
Abstract
As part of this trend, which was observed in July 2023, the FBI notes in a new private industry notification, threat actors deploy two ransomware variants in close date proximity to one another.Cyware
September 28, 2023
CISA Rolls Dice on Public Service Campaign to Raise Cyber Awareness Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) has launched a national public service campaign called "Secure our World" to raise awareness of cybersecurity in local communities.Cyware
September 23, 2023
Chinese, North Korean Nation-State Groups Target Health Data Full Text
Abstract
Financially motivated groups originating in North Korea and China "have all the sophistication of many other cybercriminal gangs but also have the resources - technological, financial and diplomatic - of a state behind them," HHS HC3 warned.Cyware
September 21, 2023
China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers Full Text
Abstract
China's Ministry of State Security (MSS) has accused the U.S. of breaking into Huawei's servers, stealing critical data, and implanting backdoors since 2009, amid mounting geopolitical tensions between the two countries. In a message posted on WeChat, the government authority said U.S. intelligence agencies have "done everything possible" to conduct surveillance, secret theft, and intrusions on many countries around the world, including China, using a "powerful cyber attack arsenal." Specifics about the alleged hacks were not shared. It explicitly singled out the U.S. National Security Agency's (NSA) Computer Network Operations (formerly the Office of Tailored Access Operations or TAO) as having "repeatedly carried out systematic and platform-based attacks" against the country to plunder its "important data resources." The post went on to claim that the cyber-warfare intelligence-gathering unit hacked Huawei's servers in 200The Hacker News
September 21, 2023
Cyber Experts Urge House Committee to Avoid Federal Shutdown Full Text
Abstract
Cybersecurity experts urged Congress to avoid a government shutdown on October 1 - the start of the new federal fiscal year - telling a House panel that a lapse would damage efforts to keep the nation secure.Cyware
September 20, 2023
DHS: Ransomware attackers headed for second most profitable year Full Text
Abstract
Ransomware attackers remain a major threat to the United States and are on pace to have their second most profitable year ever, the Department of Homeland Security said in an annual report.Cyware
September 15, 2023
NIST Publishes New Guidance for Access Control in Cloud-Native Applications in Multi-Location Environments Full Text
Abstract
This scenario calls for establishing trust in all enterprise access entities, data sources, and computing services through secure communication and the validation of access policies.Cyware
September 14, 2023
White House Urging Dozens of Countries to Publicly Commit to Not Pay Ransoms Full Text
Abstract
The U.S. National Security Council (NSC) is urging the governments of all countries participating in the International Counter Ransomware Initiative (CRI) to issue a joint statement announcing they will not pay ransoms to cybercriminals.Cyware
September 14, 2023
Federal Agency Warns Healthcare Sector of Akira Ransomware Threats Full Text
Abstract
Federal authorities are warning the health sector about threats posed by Akira, a RaaS group that surfaced about six months ago and has been linked to several dozen attacks on predominately small and midsized entities across many industries.Cyware
September 13, 2023
US Cyber Command Wrapped Second ‘Hunt Forward’ Mission to Lithuania Full Text
Abstract
Members of the command’s Cyber National Mission Force (CNMF) worked for months alongside experts from Lithuania’s Information Technology and Communications Department, which is part of the country’s Ministry of the Interior.Cyware
September 13, 2023
Ransomware: It Takes A Village, Says the UK NCSC Full Text
Abstract
Stopping the ransomware epidemic is less about tackling individual crypto-locking malware variants and more about combating the entire ecosystem of bad actors underpinning digital extortion, the British government said Monday.Cyware
September 12, 2023
CISA Adds Recently Discovered Apple Zero-Days to Known Exploited Vulnerabilities Catalog Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) added the security vulnerabilities chained in the zero-click iMessage exploit BLASTPASS to its Known Exploited Vulnerabilities Catalog.Cyware
September 11, 2023
CISA Director Says Critical Infrastructure Cyber Incident Reporting Rules Almost Ready Full Text
Abstract
Final work is underway for the Cyber Incident Reporting for Critical Infrastructure Act, which CISA Director Jen Easterly expects to be done by the end of the year or early 2024 at the latest, she said at the Billington Cybersecurity Summit.Cyware
September 9, 2023
CISA, FBI, and CNMF Release Advisory on Multiple Nation-State Threat Actors Exploiting CVE-2022-47966 and CVE-2022-42475 Full Text
Abstract
CISA, FBI, and CNMF confirmed that nation-state APT actors exploited CVE-2022-47966 to gain unauthorized access to a public-facing application (Zoho ManageEngine ServiceDesk Plus), establish persistence, and move laterally through the network.Cyware
September 08, 2023
CISA Warning: Nation-State Hackers Exploit Fortinet and Zoho Vulnerabilities Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that multiple nation-state actors are exploiting security flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus to gain unauthorized access and establish persistence on compromised systems. "Nation-state advanced persistent threat (APT) actors exploited CVE-2022-47966 to gain unauthorized access to a public-facing application (Zoho ManageEngine ServiceDesk Plus), establish persistence, and move laterally through the network," according to a joint alert published by the agency, alongside Federal Bureau of Investigation (FBI), and Cyber National Mission Force (CNMF). The identities of the threat groups behind the attacks have not been disclosed, although the U.S. Cyber Command (USCYBERCOM) hinted at the involvement of Iranian nation-state crews. The findings are based on an incident response engagement conducted by CISA at nn unnamed aeronautical sector organization from FebruarThe Hacker News
September 4, 2023
UK Cyber Agency Warns of Prompt Injection Attacks in AI Full Text
Abstract
Threat actors are manipulating the technology behind large language model chatbots to access confidential information, generate offensive content, and "trigger unintended consequences," warned the U.K. cybersecurity agency.Cyware
September 1, 2023 – Breach
Data Breach Could Affect More Than 100,000 in Pima County Full Text
Abstract
More than 100,000 Pima County residents could be affected by a nationwide data breach that affected the company that handled COVID-19 case investigations and contact tracing here, officials say.Cyware
August 28, 2023
CISA Touts ‘Tremendous Growth’ in Vulnerability Disclosure Platform Full Text
Abstract
The Vulnerability Disclosure Policy (VDP) Platform has seen “tremendous growth” in onboarding 40 agency programs since its launch in July 2021, the Cybersecurity and Infrastructure Security Agency said Friday in a news release.Cyware
August 25, 2023a
FBI: Patches for Barracuda ESG Zero-Day CVE-2023-2868 are ineffective Full Text
Abstract
The FBI warned that patches for a critical Barracuda ESG flaw CVE-2023-2868 are "ineffective" and patched appliances are still being hacked. The Federal Bureau of Investigation warned that security patches for critical vulnerability CVE-2023-2868...Security Affairs
August 23, 2023
North Korean Affiliates Suspected in $40M Cryptocurrency Heist, FBI Warns Full Text
Abstract
The U.S. Federal Bureau of Investigation (FBI) on Tuesday warned that threat actors affiliated with North Korea may attempt to cash out stolen cryptocurrency worth more than $40 million. The law enforcement agency attributed the blockchain activity to an adversary the U.S. government tracks as TraderTraitor, which is also known by the name Jade Sleet. An investigation undertaken by the FBI found that the group moved approximately 1,580 bitcoin from several cryptocurrency heists over the past 24 hours and are currently said to be holding those funds in six different wallets. North Korea is known to blur the lines among cyber warfare, espionage, and financial crime. TraderTraitor , in particular, has been linked to a series of attacks targeting blockchain and cryptocurrency exchanges with the goal of plundering digital assets to generate illicit revenue for the sanctions-hit nation. This includes the $60 million theft of virtual currency from Alphapo on June 22, 2023; the $37 mThe Hacker News
August 23, 2023
FBI Says North Korea’s Lazarus Hackers Behind Recent Crypto Heists Full Text
Abstract
June saw three headline-grabbing incidents involving cryptocurrency companies: a $100 million hack of Atomic Wallet on June 2, as well as two June 22 attacks in which cybercriminals stole $60 million from Alphapo and $37 million from CoinsPaid.Cyware
August 23, 2023
CISA Prioritizing On-Site K-12 Cybersecurity Reviews This School Year Full Text
Abstract
The assessments can encompass a wide range of individualized reviews and actions, from preventing cyber-enabled fraud schemes to combating ransomware attacks and other digital intrusions.Cyware
August 22, 2023
CISA adds critical Adobe ColdFusion flaw to its Known Exploited Vulnerabilities catalog Full Text
Abstract
US CISA added critical vulnerability CVE-2023-26359 in Adobe ColdFusion to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added a critical flaw CVE-2023-26359 (CVSS score 9.8) affecting...Security Affairs
August 21, 2023
Israel and US to Invest $3.85 Million in projects for critical infrastructure protection through the BIRD Cyber Program Full Text
Abstract
Israel and US government agencies announced the BIRD Cyber Program, an investment of roughly $4M in projects to enhance the cyber resilience of critical infrastructure. The BIRD Cyber Program is a joint initiative from the Israel National Cyber Directorate...Security Affairs
August 17, 2023
The Plan to Better Protect US Hospitals From Ransomware Full Text
Abstract
The HHS' Advanced Research Projects Agency for Health (Arpa-H) launched an initiative to find and help fund the development of cybersecurity technologies that can specifically improve defenses for digital infrastructure in US health care.Cyware
August 17, 2023
CISA Publishes Plan For Remote Monitoring Tools After Nation-State, Ransomware Exploitation Full Text
Abstract
In an announcement Wednesday, CISA said it worked with industry partners as part of the Joint Cyber Defense Collaborative (JCDC) to create a “clear roadmap to advance security and resilience of the RMM ecosystem.”Cyware
August 17, 2023
CISA Adds Citrix ShareFile Flaw to KEV Catalog Due to In-the-Wild Attacks Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Citrix ShareFile storage zones controller to its Known Exploited Vulnerabilities ( KEV ) catalog, based on evidence of active in-the-wild exploitation. Tracked as CVE-2023-24489 (CVSS score: 9.8), the shortcoming has been described as an improper access control bug that, if successfully exploited, could allow an unauthenticated attacker to compromise vulnerable instances remotely. The problem is rooted in ShareFile's handling of cryptographic operations, enabling adversaries to upload arbitrary files, resulting in remote code execution. "This vulnerability affects all currently supported versions of customer-managed ShareFile storage zones controller before version 5.11.24," Citrix said in an advisory released in June. Dylan Pindur of Assetnote has been credited with discovering and reporting the issue. It's worth noting that the first signs of exploitatioThe Hacker News
August 16, 2023
CISA adds flaw in Citrix ShareFile to its Known Exploited Vulnerabilities catalog Full Text
Abstract
US CISA added critical vulnerability CVE-2023-24489 in Citrix ShareFile to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added critical flaw CVE-2023-24489 (CVSS score 9.8) affecting...Security Affairs
August 16, 2023
Chamber of Commerce Urges SEC to Delay Cyber Rule Implementation Full Text
Abstract
The U.S. Chamber of Commerce urged the Securities and Exchange Commission to delay by a year the effective date of new cybersecurity rules, saying the regulatory move could otherwise have “severe consequences” for companies.Cyware
August 13, 2023
The DHS’s CSRB to review cloud security practices following the hack of Microsoft Exchange govt email accounts Full Text
Abstract
The DHS's CSRB will review cloud security practices following recent hacks of Microsoft Exchange accounts used by US govt agencies. The US DHS announced that the Cyber Safety Review Board (CSRB) will review the security measure to protect cloud computing...Security Affairs
August 11, 2023
Ukrainian Official Touts Country’s Wartime Cyber Intelligence Efforts Full Text
Abstract
Intelligence gathered in cyberspace is helping Ukraine understand Russia's plans and stop the enemy from carrying them out, according to the country’s top cyber and information security official.Cyware
August 11, 2023
CISA Adds Microsoft .NET Vulnerability to KEV Catalog Due to Active Exploitation Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched security flaw in Microsoft's .NET and Visual Studio products to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active exploitation. Tracked as CVE-2023-38180 (CVSS score: 7.5), the high-severity flaw relates to a case denial-of-service (DoS) impacting .NET and Visual Studio. It was addressed by Microsoft as part of its August 2023 Patch Tuesday updates shipped earlier this week, tagging it with an "Exploitation More Likely" assessment. While exact details surrounding the nature of exploitation are unclear, the Windows maker has acknowledged the existence of a proof-of-concept (PoC) in its advisory. It also said that attacks leveraging the flaw can be pulled off without any additional privileges or user interaction. "Proof-of-concept exploit code is available, or an attack demonstration is not practical for most systems," the companyThe Hacker News
August 10, 2023
CISA discovered a new backdoor, named Whirlpool, used in Barracuda ESG attacks Full Text
Abstract
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) observed a new backdoor, named Whirlpool, in attacks on Barracuda ESG appliances. The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has discovered a new backdoor,...Security Affairs
August 10, 2023
CISA adds actively exploited flaw in .NET, Visual Studio to its Known Exploited Vulnerabilities catalog Full Text
Abstract
US CISA added zero-day vulnerability CVE-2023-38180 affecting .NET and Visual Studio to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added an actively exploited zero-day vulnerability CVE-2023-38180...Security Affairs
August 10, 2023
US Govt launches Artificial Intelligence Cyber Challenge Full Text
Abstract
The US Government House this week launched an Artificial Intelligence Cyber Challenge competition for creating a new generation of AI systems. On Wednesday, the United States Government House introduced an Artificial Intelligence Cyber Challenge competition....Security Affairs
August 10, 2023
NIST Releases Draft Overhaul of Its Core Cybersecurity Framework Full Text
Abstract
The National Institute of Standards and Technology released a long-anticipated draft version of the Cybersecurity Framework 2.0 Tuesday, the first major update of the agency’s risk guidance since 2014.Cyware
August 8, 2023
White House Pushes Cybersecurity Defense for K-12 Schools Full Text
Abstract
Typically understaffed and underfunded when it comes to cybersecurity, American K-12 schools have experienced a ramp-up in ransomware attacks, particularly after the pandemic forced the hasty adoption of remote tools for teaching.Cyware
August 8, 2023
HHS Warns Healthcare Sector of Attacks by Rhysida Ransomware Group Full Text
Abstract
Authorities are sounding the alarm about double-extortion attacks against healthcare and public health sector organizations by a relatively new ransomware-as-a-service group, Rhysida, which until recently had mainly focused on other industries.Cyware
August 8, 2023
CISA Unveils Cybersecurity Strategic Plan for Next Three Years Full Text
Abstract
The Cybersecurity Strategic Plan for fiscal years 2024-2026 outlines the agency’s plans for achieving a future where damaging cyberattacks are rare, organizations are resilient, and technology is secure by design.Cyware
August 7, 2023
US ‘Lagging Behind’ on Border Gateway Protocol Security Practices, CISA and FCC Chiefs Say Full Text
Abstract
The U.S. government is lagging behind other countries in instituting more stringent cybersecurity measures governing the Border Gateway Protocol (BGP) – a set of technical rules responsible for routing data efficiently.Cyware
August 7, 2023
FBI warns of crooks posing as NFT developers in fraudulent schema Full Text
Abstract
The FBI is warning about cyber criminals masquerading as NFT developers to steal cryptocurrency and other digital assets. The U.S. Federal Bureau of Investigation (FBI) is warning about cyber criminals posing as legitimate NFT developers in fraud...Security Affairs
August 07, 2023
FBI Alert: Crypto Scammers are Masquerading as NFT Developers Full Text
Abstract
The U.S. Federal Bureau of Investigation (FBI) is warning about cyber crooks masquerading as legitimate non-fungible token (NFT) developers to steal cryptocurrency and other digital assets from unsuspecting users. In these fraudulent schemes, criminals either obtain direct access to NFT developer social media accounts or create look-alike accounts to promote "exclusive" new NFT releases, often employing misleading advertising campaigns that create a sense of urgency to pull them off. "Links provided in these announcements are phishing links directing victims to a spoofed website that appears to be a legitimate extension of a particular NFT project," the FBI said in an advisory last week. The replica websites urge potential targets to connect their cryptocurrency wallets and purchase the NFT, only for the threat actors to siphon the funds and NFTs to wallets under their control. "Contents stolen from victims' wallets are often processed through a serThe Hacker News
August 5, 2023
CISA Cybersecurity Strategic Plan: An Important Step To Secure Critical Infrastructure Full Text
Abstract
As a founding member of the Network Resilience Coalition, Cisco appreciates CISA’s shared commitment to driving focused attention and investment in efforts to secure and maintain existing critical networked technologies.Cyware
August 5, 2023
Government watchdog finds U.S. embassies running software vulnerable to attacks Full Text
Abstract
The assessment, which GAO began at the end of last year, also found that many State Department posts lack not only a chief information security officer, but any cybersecurity personnel whatsoever.Cyware
August 04, 2023
Major Cybersecurity Agencies Collaborate to Unveil 2022’s Most Exploited Vulnerabilities Full Text
Abstract
A four-year-old critical security flaw impacting Fortinet FortiOS SSL has emerged as one of the most routinely and frequently exploited vulnerabilities in 2022. "In 2022, malicious cyber actors exploited older software vulnerabilities more frequently than recently disclosed vulnerabilities and targeted unpatched, internet-facing systems," cybersecurity and intelligence agencies from the Five Eyes nations, which comprises Australia, Canada, New Zealand, the U.K., and the U.S., said in a joint alert. The continued weaponization of CVE-2018-13379 , which was also one among the most exploited bugs in 2020 and 2021 , suggests a failure on the part of organizations to apply patches in a timely manner, the authorities said. "Malicious cyber actors likely prioritize developing exploits for severe and globally prevalent CVEs," according to the advisory. "While sophisticated actors also develop tools to exploit other vulnerabilities, developing exploits for criThe Hacker News
August 4, 2023
CISA, FBI, and NSA published the list of 12 most exploited vulnerabilities of 2022 Full Text
Abstract
CISA, the FBI, and NSA, along with Five Eyes cybersecurity agencies published a list of the 12 most exploited vulnerabilities of 2022. CISA, the NSA, and the FBI, in collaboration with cybersecurity authorities from Australia, Canada, New Zealand,...Security Affairs
August 2, 2023
CISA adds second Ivanti EPMM flaw to its Known Exploited Vulnerabilities catalog Full Text
Abstract
US CISA added a second actively exploited Ivanti ‘s Endpoint Manager Mobile (EPMM) vulnerability to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the second actively exploited Ivanti...Security Affairs
August 2, 2023
Possible Chinese Malware in US Systems a ‘Ticking Time Bomb’: Report Full Text
Abstract
The Biden administration believes China has implanted malware in key US power and communications networks in a “ticking time bomb” that could disrupt the military in event of a conflict, The New York Times reported Saturday.Cyware
August 1, 2023
US govt is hunting a Chinese malware that can interfere with its military operations Full Text
Abstract
The US government believes that China has deployed malware in key US power and communications networks that can be activated in case of a conflict. American intelligence officials believe China has implanted malware in key US power and communications...Security Affairs
July 31, 2023
White House Unveils National Cyber Workforce Strategy Full Text
Abstract
"Cyber education and workforce development have not kept pace with demand and the rapid pace of technological change," says the strategy document. "Moreover, skills in demand in the cyber workforce are evolving."Cyware
July 29, 2023
Hackers Deploy “SUBMARINE” Backdoor in Barracuda Email Security Gateway Attacks Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday disclosed details of a "novel persistent backdoor" called SUBMARINE deployed by threat actors in connection with the hack on Barracuda Email Security Gateway (ESG) appliances. "SUBMARINE comprises multiple artifacts — including a SQL trigger, shell scripts, and a loaded library for a Linux daemon — that together enable execution with root privileges, persistence, command and control, and cleanup," the agency said . The findings come from an analysis of malware samples obtained from an unnamed organization that had been compromised by threat actors exploiting a critical flaw in ESG devices, CVE-2023-2868 (CVSS score: 9.8), which allows for remote command injection. Evidence gathered so far shows that the attackers behind the activity, a suspected China nexus-actor tracked by Mandiant as UNC4841 , leveraged the flaw as a zero-day in October 2022 to gain initial access to victim envirThe Hacker News
July 29, 2023
CISA warns about SUBMARINE Backdoor employed in Barracuda ESG attacks Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns of threat actors deploying the SUBMARINE Backdoor in Barracuda ESG attacks. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published an alert on a malware variant,...Security Affairs
July 28, 2023
DOD, OMB expect September release of proposed CMMC rule Full Text
Abstract
The rule has been delayed several times as the DOD revamp its approach, including changing to the longer proposed rule-making process. Originally, the expectation was that CMMC would come out as an interim final rule to be finalized in 60 days.Cyware
July 28, 2023
Cybersecurity Agencies Warn Against IDOR Bugs Exploited for Data Breaches Full Text
Abstract
Cybersecurity agencies in Australia and the U.S. have published a joint cybersecurity advisory warning against security flaws in web applications that could be exploited by malicious actors to orchestrate data breach incidents and steal confidential data. This includes a specific class of bugs called Insecure Direct Object Reference ( IDOR ), a type of access control flaw that occurs when an application utilizes user-supplied input or an identifier for direct access to an internal resource, such as a database record, without any additional validations. A typical example of an IDOR flaw is the ability of a user to trivially change the URL (e.g., https://example[.]site/details.php?id= 12345 ) to obtain unauthorized data of another transaction (i.e., https://example[.]site/details.php?id= 67890 ). "IDOR vulnerabilities are access control vulnerabilities enabling malicious actors to modify or delete data or access sensitive data by issuing requests to a website or a web appliThe Hacker News
July 27, 2023
CISA Analysis Shows Most Cyberattacks on Governments, Critical Infrastructure Involve Valid Credentials Full Text
Abstract
More than half of all cyberattacks on government agencies, critical infrastructure organizations, and state-level government bodies involved the use of valid accounts, according to a new report from the CISA.Cyware
July 27, 2023
DOJ Reorganizes Units to Better Fight Ransomware Full Text
Abstract
The U.S. Justice Department is merging its National Cryptocurrency Enforcement Team with its Crime and Intellectual Property Section to strengthen its capabilities in investigating cryptocurrency-related criminal cases and cybercrime.Cyware
July 26, 2023
To Execute the National Cyber Strategy, It’s Going to Take the Whole US Government Full Text
Abstract
The implementation plan for the national cybersecurity strategy assigns specific tasks and responsibilities to various government agencies, highlighting the need for coordination and collaboration.Cyware
July 26, 2023
CISA adds Ivanti EPMM flaw to its Known Exploited Vulnerabilities catalog Full Text
Abstract
US CISA added actively exploited Ivanti 's Endpoint Manager Mobile (EPMM) vulnerability to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added actively exploited Ivanti 's Endpoint Manager...Security Affairs
July 21, 2023 <br {:=”” .fs-4=”” .fw-700=”” .lh-0=”” }=”” <p=”” style=”font-weight:500; margin:0px” markdown=”1”> CISA warns of attacks against Citrix NetScaler ADC and Gateway Devices Full Text
Abstract
The US CISA warns of cyber attacks targeting Citrix NetScaler Application Delivery Controller (ADC) and Gateway devices. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warning of cyber attacks against Citrix NetScaler Application...Security Affairs
July 21, 2023
Citrix NetScaler ADC and Gateway Devices Under Attack: CISA Urges Immediate Action Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory on Thursday warning that the newly disclosed critical security flaw in Citrix NetScaler Application Delivery Controller (ADC) and Gateway devices is being abused to drop web shells on vulnerable systems. "In June 2023, threat actors exploited this vulnerability as a zero-day to drop a web shell on a critical infrastructure organization's non-production environment NetScaler ADC appliance," the agency said . "The web shell enabled the actors to perform discovery on the victim's active directory (AD) and collect and exfiltrate AD data. The actors attempted to move laterally to a domain controller but network segmentation controls for the appliance blocked movement." The shortcoming in question is CVE-2023-3519 (CVSS score: 9.8), a code injection bug that could result in unauthenticated remote code execution. Citrix, earlier this week, released patches for the issue andThe Hacker News
July 19, 2023
CISA and NSA Issue New Guidance to Strengthen 5G Network Slicing Against Threats Full Text
Abstract
U.S. cybersecurity and intelligence agencies have released a set of recommendations to address security concerns with 5G standalone network slicing and harden them against possible threats. "The threat landscape in 5G is dynamic; due to this, advanced monitoring, auditing, and other analytical capabilities are required to meet certain levels of network slicing service level requirements over time," the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) said . 5G is the fifth-generation technology standard for broadband cellular networks, offering increased data speeds and lower latency. Network slicing is an architectural model that allows mobile service providers to partition their network up into several independent "slices" in order to create virtual networks that cater to different clients and use cases. The latest advisory builds upon guidance previously issued by the agencies in December 2022, warningThe Hacker News
July 19, 2023
US Gov adds surveillance firms Cytrox and Intellexa to Entity List for trafficking in cyber exploits Full Text
Abstract
The U.S. government added surveillance technology vendors Cytrox and Intellexa to an economic blocklist for trafficking in cyber exploits. The Commerce Department’s Bureau of Industry and Security (BIS) added surveillance technology vendors Intellexa...Security Affairs
July 18, 2023
White House Unveils Consumer Labeling Program to Strengthen IoT Security Full Text
Abstract
The Biden administration has considered an Energy Star type of consumer labeling program a key part of an effort to strengthen the nation’s cyber infrastructure following the SolarWinds and Colonial Pipeline attacks.Cyware
July 17, 2023
FCC Chair Proposes $200M Investment to Boost K-12 Cybersecurity Full Text
Abstract
The move follows urgent calls for the FCC to update its E-rate program to cover advanced firewalls and other network security measures. The pilot program is part of FCC Chairwoman Jessica Rosenworcel’s Learn Without Limits initiative.Cyware
July 14, 2023
US CISA warns of Rockwell Automation ControlLogix flaws Full Text
Abstract
The U.S. CISA warns of two flaws impacting Rockwell Automation ControlLogix that can lead to remote code execution and DoS attacks. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of two vulnerabilities affecting Rockwell...Security Affairs
July 14, 2023
CISA Gives US Civilian Agencies Until August 1 to Resolve Four Microsoft Vulnerabilities Full Text
Abstract
The inclusion of the four vulnerabilities — CVE-2023-32046, CVE-2023-32049, CVE-2023-35311, and CVE-2023-36874 — into CISA’s catalog means the bugs are already being exploited by hackers.Cyware
July 12, 2023
Biden’s Cyber Command and NSA Nominee Seen as a Pick for Continuity Full Text
Abstract
At his first Senate confirmation hearing on Wednesday, Air Force Lt. Gen. Timothy Haugh, Cyber Command’s deputy chief, will explain how he plans to fill the shoes of Paul Nakasone.Cyware
July 12, 2023
Pro-Chinese Twitter Accounts Seek to Expand Beijing’s Influence in Latin America Full Text
Abstract
Three Twitter accounts that appear to have links to the Chinese government have been spreading propaganda in Latin America and successfully avoided Twitter's efforts to label state media, researchers said in an analysis published Tuesday.Cyware
July 8, 2023
Vulnerabilities in PiiGAB Product Could Expose Industrial Organizations to Attacks Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) on Thursday published an advisory describing the vulnerabilities discovered by researchers at Radboud University in PiiGAB M-Bus 900s gateway/converter.Cyware
July 7, 2023
TMF announces five new digital services and cybersecurity investments Full Text
Abstract
The Labor Department will use the $15.2 million in the most recent batch of funding for zero-trust architecture. The EPA will put its $2.5 million toward the cybersecurity of its analytical radiation data system.Cyware
July 7, 2023
Truebot’s Activity Spikes, U.S and Canada Authorities Issue Warning Full Text
Abstract
A joint advisory from the CISA, the FBI, the MS-ISAC, and the Canadian Centre for Cyber Security (CCCS) discovered a rise in the use of the Truebot malware by threat actors. Notably, these actors are increasingly exploiting the CVE-2022-31199 flaw to target organizations in the U.S. and Canada with ... Read MoreCyware
July 7, 2023
CISA and FBI warn of Truebot infecting US and Canada based organizations Full Text
Abstract
CISA and the FBI warned today of a new Truebot variant employed in attacks against organizations in the United States and Canada. A new variant of the Truebot malware was used in attacks against organizations in the United States and Canada. Threat...Security Affairs
July 04, 2023
Swedish Data Protection Authority Warns Companies Against Google Analytics Use Full Text
Abstract
The Swedish data protection watchdog has warned companies against using Google Analytics due to risks posed by U.S. government surveillance, following similar moves by Austria, France , and Italy last year. The development comes in the aftermath of an audit initiated by the Swedish Authority for Privacy Protection (IMY) against four companies CDON, Coop, Dagens Industri, and Tele2. "In its audits, IMY considers that the data transferred to the U.S. via Google's statistics tool is personal data because the data can be linked with other unique data that is transferred," IMY said . "The authority also concludes that the technical security measures that the companies have taken are not sufficient to ensure a level of protection that essentially corresponds to that guaranteed within the EU/EEA." The data protection authority also fined $1.1 million for Swedish telecom service provider Tele2 and less than $30,000 for local online marketplace CDON failing toThe Hacker News
July 03, 2023
CISA Flags 8 Actively Exploited Flaws in Samsung and D-Link Devices Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed a set of eight flaws to the Known Exploited Vulnerabilities ( KEV ) catalog, based on evidence of active exploitation. This includes six shortcomings affecting Samsung smartphones and two vulnerabilities impacting D-Link devices. All the flaws have been patched as of 2021. CVE-2021-25394 (CVSS score: 6.4) - Samsung mobile devices race condition vulnerability CVE-2021-25395 (CVSS score: 6.4) - Samsung mobile devices race condition vulnerability CVE-2021-25371 (CVSS score: 6.7) - An unspecified vulnerability in the DSP driver used in Samsung mobile devices that allows loading of arbitrary ELF libraries CVE-2021-25372 (CVSS score: 6.7) - Samsung mobile devices improper boundary check within the DSP driver in Samsung mobile devices CVE-2021-25487 (CVSS score: 7.8) - Samsung mobile devices out-of-bounds read vulnerability leading to arbitrary code execution CVE-2021-25489 (CVSS score: 5.5) - SamsungThe Hacker News
July 3, 2023
CISA adds Samsung and D-link bugs to its Known Exploited Vulnerabilities catalog Full Text
Abstract
US CISA added actively exploited Samsung and D-Link vulnerabilities to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added six Samsung and two D-Link vulnerabilities to its Known Exploited...Security Affairs
June 29, 2023
European Cyber Agency Remains Underfunded Full Text
Abstract
There are multiple discrepancies in how the European Commission allocates funds to the cyber agency, Juhan Lepassaar, the executive director of the EU Agency for Cybersecurity, said during a Tuesday parliamentary hearing evaluating allocated budgets.Cyware
June 29, 2023
Cyber Command to expand ‘canary in the coal mine’ unit working with private sector Full Text
Abstract
U.S. Cyber Command is doubling the size of a little-known program that serves as one of the military's chief links to private industry in order to bolster the country’s defenses against cyber threats.Cyware
June 28, 2023
UAE, Israel create ‘Crystal Ball’ platform to fight hackers Full Text
Abstract
The mission is to “design, deploy and enable regional intelligence enhancement” through collaboration and knowledge-sharing to combat national-level cyberthreats, according to a presentation by Mohamed Al Kuwaiti, UAE head of cybersecurity.Cyware
June 27, 2023
Experts found hundreds of devices within federal networks having internet-exposed management interfaces Full Text
Abstract
Researchers at Censys have identified hundreds of devices deployed within federal networks that have internet-exposed management interfaces. Researchers at Censys have analyzed the attack surfaces of more than 50 Federal Civilian Executive Branch...Security Affairs
June 24, 2023
U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency has added a batch of six flaws to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active exploitation. This comprises three vulnerabilities that Apple patched this week ( CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439 ), two flaws in VMware ( CVE-2023-20867 and CVE-2023-20887 ), and one shortcoming impacting Zyxel devices ( CVE-2023-27992 ). CVE-2023-32434 and CVE-2023-32435, both of which allow code execution, are said to have been exploited as zero-days to deploy spyware as part of a years-long cyber espionage campaign that commenced in 2019. Dubbed Operation Triangulation, the activity culminates in the deployment of TriangleDB that's designed to harvest a wide range of information from compromised devices, such as creating, modifying, removing, and stealing files, listing and terminating processes, gathering credentials from iCloud Keychain, and tracking a user's location. TheThe Hacker News
June 24, 2023
Someone is sending mysterious smartwatches to the US Military personnel Full Text
Abstract
U.S. Army’s Criminal Investigation Division warns that US military personnel have reported receiving unsolicited smartwatches in the mail. The U.S. Army’s Criminal Investigation Division reported that service members across the military received...Security Affairs
June 23, 2023
CISA orders govt agencies to fix recently disclosed flaws in Apple devices Full Text
Abstract
U.S. Cybersecurity and Infrastructure Security Agency (CISA) added six new vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added six new security flaws to its Known...Security Affairs
June 23, 2023
NSA Releases Guide to Combat Powerful BlackLotus Bootkit Targeting Windows Systems Full Text
Abstract
The U.S. National Security Agency (NSA) on Thursday released guidance to help organizations detect and prevent infections of a Unified Extensible Firmware Interface ( UEFI ) bootkit called BlackLotus . To that end, the agency is recommending that "infrastructure owners take action by hardening user executable policies and monitoring the integrity of the boot partition." BlackLotus is an advanced crimeware solution that was first spotlighted in October 2022 by Kaspersky. A UEFI bootkit capable of bypassing Windows Secure Boot protections, samples of the malware have since emerged in the wild. This is accomplished by taking advantage of a known Windows flaw called Baton Drop ( CVE-2022-21894 , CVSS score: 4.4) discovered in vulnerable boot loaders not added into the Secure Boot DBX revocation list . The vulnerability was addressed by Microsoft in January 2022. This loophole could be exploited by threat actors to replace fully patched boot loaders with vulnerable vThe Hacker News
June 23, 2023
Federal incentives could help utilities overcome major cybersecurity hurdle: money Full Text
Abstract
A new cyber incentive framework from the Federal Energy Regulatory Commission could help utilities adapt to new threats at a faster pace, by providing flexibility for them to invest in pre-qualified cybersecurity measures.Cyware
June 21, 2023
New DOJ unit will focus on prosecuting nation-state cybercrime Full Text
Abstract
The decision to put cyber on equal footing with the division’s three existing sections comes as the DOJ has ramped up its own efforts to defeat botnets, contain or eliminate malware outbreaks and pursue digital criminals around the globe.Cyware
June 20, 2023
Federal Authority Warns Health Sector of TimisoaraHackerTeam Threats Full Text
Abstract
Federal authorities are warning the healthcare sector of an apparent resurgence of TimisoaraHackerTeam threats after a recent attack by the "obscure" ransomware group on a U.S. cancer center.Cyware
June 19, 2023
EU member states are urged to restrict without delay 5G equipment from risky suppliers Full Text
Abstract
The European Commission urges member states to limit “without delay” equipment from Chinese suppliers from their 5G networks, specifically Huawei and ZTE. The European Commission told member states to impose restrictions on high-risk suppliers...Security Affairs
June 19, 2023
Britain to double cyber defense funding for Ukraine Full Text
Abstract
The United Kingdom on Sunday announced a “major expansion” to its Ukraine Cyber Program, which has seen British experts provide remote incident response support to the Ukrainian government following Russian cyberattacks on critical infrastructure.Cyware
June 18, 2023
US govt offers $10 million bounty for info linking Clop ransomware gang to a foreign government. Full Text
Abstract
The U.S. government announced up to a $10 million bounty for information linking the Clop ransomware gang to a foreign government. The US goverment is offering up to a $10 million bounty for information linking CL0P Ransomware Gang or any other threat...Security Affairs
June 15, 2023
The Dynamics of the Ukrainian IT Army’s Campaign in Russia Full Text
Abstract
The Ukrainian IT Army offers a unique perspective into the choices of an offensive actor in a war.Lawfare
June 15, 2023
Proposed NIST Updates and Data Incident Response Planning Full Text
Abstract
Proposals to update NIST 800-171—the U.S. government’s primary information security standard for the private sector—coincides with escalation of cyberattack against U.S. businesses.Lawfare
June 15, 2023
Cybersecurity agencies published a joint LockBit ransomware advisory Full Text
Abstract
The LockBit ransomware group successfully extorted roughly $91 million from approximately 1,700 U.S. organizations since 2020. According to a joint advisory published by cybersecurity agencies, the LockBit ransomware group has successfully extorted...Security Affairs
June 15, 2023
Cyber Command reshuffles force expansion due to Navy readiness woes Full Text
Abstract
The U.S. military has rearranged a years-long effort to expand the "action arm" of its top cyber forces, according to multiple sources, as leaders try to balance fighting advanced foreign threats like China with maintaining basic readiness.Cyware
June 08, 2023
Clop Ransomware Gang Likely Aware of MOVEit Transfer Vulnerability Since 2021 Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have published a joint advisory regarding the active exploitation of a recently disclosed critical flaw in Progress Software's MOVEit Transfer application to drop ransomware. "The Cl0p Ransomware Gang, also known as TA505, reportedly began exploiting a previously unknown SQL injection vulnerability in Progress Software's managed file transfer (MFT) solution known as MOVEit Transfer," the agencies said . "Internet-facing MOVEit Transfer web applications were infected with a web shell named LEMURLOOT, which was then used to steal data from underlying MOVEit Transfer databases." The prolific cybercrime gang has since issued an ultimatum to several impacted businesses, urging them to get in touch by June 14, 2023, or risk getting all their stolen data published. Microsoft is tracking the activity under the moniker Lace Tempest (aka Storm-0950),The Hacker News
June 7, 2023
US, Israel Provide Guidance on Securing Remote Access Software Full Text
Abstract
The Guide to Securing Remote Access Software (PDF) is authored by the CISA, the FBI, the NSA, the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Israel National Cyber Directorate (INCD).Cyware
June 7, 2023
The National Cybersecurity Strategy: Breaking a 50-Year Losing Streak Full Text
Abstract
The new White House strategy tackles long-standing cybersecurity problems head-on.Lawfare
June 7, 2023
White House critical infrastructure protection order is ‘outdated’ and needs rethinking, Cyberspace Solarium Commission says Full Text
Abstract
The document — 2013’s Presidential Policy Directive 21, or PPD-21 — established which agencies were responsible for steering protection of each of the 16 critical infrastructure sectors, today known as sector risk management agencies (SRMAs).Cyware
June 6, 2023
NATO: Military cyber defenders need to be present on networks during peacetime Full Text
Abstract
David van Weel, NATO’s assistant secretary general for emerging security challenges, told the 15th annual International Conference on Cyber Conflict (CyCon) that NATO members will begin recognizing cyberspace as “a permanently contested environment.”Cyware
June 2, 2023
CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog Full Text
Abstract
US CISA added actively exploited Progress MOVEit Transfer zero-day vulnerability to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added a Progress MOVEit Transfer SQL injection vulnerability,...Security Affairs
June 2, 2023
Federal vision to streamline cyber incident reporting expected this summer Full Text
Abstract
The Cyber Incident Reporting Council will issue a report to Congress "in the next month or two" with recommendations on ways to achieve harmony across a complex network of federal cyber mandates.Cyware
June 2, 2023
Russia’s FSB blames the US intelligence for Operation Triangulation Full Text
Abstract
Russia’s intelligence Federal Security Service (FSB) said that the recent attacks against iPhones with a zero-click iOS exploit as part of Operation Triangulation were carried out by US intelligence. Researchers from the Russian firm Kaspersky have...Security Affairs
May 27, 2023
AHA Tells HHS to ‘Amend or Suspend’ Web Tracking Guidance Full Text
Abstract
The AHA is urging federal regulators to back off from recent guidance that treats patient IP addresses as PHI, saying that the new rules would "reduce public access to credible health information" and create hardships for doctors and hospitals.Cyware
May 27, 2023
DOD Submits Classified Cyber Strategy to Congress Full Text
Abstract
The Department of Defense announced on Friday that it submitted its classified 2023 cyber strategy to Congress “earlier this week” and plans to release an unclassified summary of its new cybersecurity approach “in the coming months.”Cyware
May 26, 2023
Italy’s Industry Ministry reports ‘heavy’ cyberattack Full Text
Abstract
Technicians were working to "mitigate the consequences" of the attack, the ministry wrote in a statement, adding that initial checks showed no evidence of data theft. It was too early to predict when activities would be back to normal, it said.Cyware
May 25, 2023
U.S. and Partners Release Joint Cybersecurity Advisory on Volt Typhoon Full Text
Abstract
The joint advisory warns of the tactics, techniques, and procedures used by a China state-sponsored cyber actor targeting U.S. critical infrastructure organizations.Lawfare
May 25, 2023
CISA and Partners Update the #StopRansomware Guide Developed Through the Joint Ransomware Task Force Full Text
Abstract
The updated guide, developed through the Joint Ransomware Task Force, reflects lessons learned in the last few years, adding the FBI and NSA as co-authors. It offers recommendations to prevent initial intrusion and protect data using cloud backups.Cyware
May 24, 2023
The US government sanctioned four entities and one individual for supporting cyber operations conducted by North Korea Full Text
Abstract
The US Department of the Treasury sanctioned four entities and one individual for their role in cyber operations conducted by North Korea. The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against four...Security Affairs
May 24, 2023
Ukraine’s CERT-UA warns of espionage activity conducted by UAC-0063 Full Text
Abstract
The Computer Emergency Response Team of Ukraine (CERT-UA) warns of a cyberespionage campaign targeting state bodies in the country. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks targeting state bodies in the country...Security Affairs
May 23, 2023
Treasury Department sanctions entities tied to North Korean IT scams, hacking Full Text
Abstract
The Treasury Department issued sanctions on Tuesday cracking down on four entities and one individual involved in malicious cyber activities supporting the Democratic People’s Republic of Korea and its weapons programs.Cyware
May 23, 2023
China Bans U.S. Chip Giant Micron, Citing “Serious Cybersecurity Problems” Full Text
Abstract
China has banned U.S. chip maker Micron from selling its products to Chinese companies working on key infrastructure projects, citing national security risks. The development comes nearly two months after the country's cybersecurity authority initiated a probe in late March 2023 to assess potential network security risks. "The purpose of this network security review of Micron's products is to prevent product network security problems from endangering the security of national critical information infrastructure, which is a necessary measure to maintain national security," the Cyberspace Administration of China (CAC) said . The CAC further said the investigation found "serious cybersecurity problems" in Micron's products, endangering the country's critical information infrastructure supply chain. As a result, operators involved in such critical information infrastructure projects should stop purchasing products from Micron, it added. The authoThe Hacker News
May 22, 2023
CISA adds iPhone bugs to its Known Exploited Vulnerabilities catalog Full Text
Abstract
US CISA added three zero-day vulnerabilities affecting iPhones, Macs, and iPads to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added three zero-day vulnerabilities affecting iPhones, Macs,...Security Affairs
May 22, 2023
GAO Tells Federal Agencies to Fully Implement Key Cloud Security Practices Full Text
Abstract
A new US Government Accountability Office (GAO) report shows that the Departments of Agriculture, Homeland Security (DHS), Labor, and the Treasury have not fully implemented six key cloud security practices for their systems.Cyware
May 22, 2023
China bans chip maker Micron from its key information infrastructure Full Text
Abstract
The Chinese government announced the ban on the products made by the US memory chip giant Micron Technology over national security concerns. The Cyberspace Administration of China announced the ban on products made by US memory chip giant Micron Technology...Security Affairs
May 22, 2023
CISA orders govt agencies to patch iPhone bugs exploited in attacks Full Text
Abstract
Today, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) ordered federal agencies to address three recently patched zero-day flaws affecting iPhones, Macs, and iPads known to be exploited in attacks.BleepingComputer
May 22, 2023
EU slaps Meta with $1.3 billion fine for moving data to US servers Full Text
Abstract
The Irish Data Protection Commission (DPC) has announced a $1.3 billion fine on Facebook after claiming that the company violated Article 46(1) of the GDPR (General Data Protection Regulation).BleepingComputer
May 20, 2023
US CISA warns of a Samsung vulnerability under active exploitation Full Text
Abstract
US CISA added the vulnerability CVE-2023-21492 flaw affecting Samsung devices to its Known Exploited Vulnerabilities Catalog. US CISA added the vulnerability CVE-2023-21492 vulnerability (CVSS score: 4.4) affecting Samsung devices to its Known Exploited...Security Affairs
May 18, 2023
Ukraine, Ireland, Japan and Iceland join NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) Full Text
Abstract
The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) announced that Ukraine, Ireland, Japan and Iceland joined the organization. The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) is a multinational organization established...Security Affairs
May 17, 2023
US Gov offers a $10M reward for a Russian ransomware actor Full Text
Abstract
The US government is offering a $10M reward for Russian national Mikhail Pavlovich Matveev (30) charged for his role in ransomware attacks The US Justice Department charged Russian national Mikhail Pavlovich Matveev (30), aka Wazawaka, m1x, Boriselcin,...Security Affairs
May 17, 2023
Justice and Commerce Department ‘strike force’ target theft of quantum, autonomous technologies Full Text
Abstract
The newly formed Justice and Commerce Department’s joint Disruptive Technology Strike Force announced five coordinated enforcement actions taking aim at individuals seeking to help China, Russia and Iran gain access to sensitive U.S. technologies.Cyware
May 17, 2023
FBI confirms BianLian ransomware switch to extortion only attacks Full Text
Abstract
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Cyber Security Centre (ACSC) have published a joint advisory to inform organizations of the latest tactics, techniques, and procedures (TTPs) and known indicators of compromise (IOCs) of the BianLian ransomware group.BleepingComputer
May 17, 2023
Transportation Needs to Improve Cyber Policy Implementation, Watchdog Finds Full Text
Abstract
The Department of Transportation should better implement its policies for established cyber roles, including improving training and role expectations, according to a recent GAO report.Cyware
May 17, 2023
U.S. Offers $10 Million Bounty for Capture of Notorious Russian Ransomware Operator Full Text
Abstract
A Russian national has been charged and indicted by the U.S. Department of Justice (DoJ) for launching ransomware attacks against "thousands of victims" in the country and across the world. Mikhail Pavlovich Matveev (aka Wazawaka , m1x, Boriselcin, and Uhodiransomwar), the 30-year-old individual in question, is alleged to be a "central figure" in the development and deployment of LockBit , Babuk , and Hive ransomware variants since at least June 2020. "These victims include law enforcement and other government agencies, hospitals, and schools," DoJ said . "Total ransom demands allegedly made by the members of these three global ransomware campaigns to their victims amount to as much as $400 million, while total victim ransom payments amount to as much as $200 million." LockBit, Babuk, and Hive operate alike, leveraging unlawfully obtained access to exfiltrate valuable data and deploy ransomware on compromised networks. The threat actorThe Hacker News
May 16, 2023
President Zelensky imposes sanctions against the Russian IT sector Full Text
Abstract
Ukraine’s President Zelensky and the country’s Council of National Security introduced new sanctions against individuals and businesses. Ukraine’s President Volodymyr Zelensky and the country’s Council of National Security introduced new sanctions...Security Affairs
May 16, 2023
CISA adds Ruckus bug and another six flaws to its Known Exploited Vulnerabilities catalog Full Text
Abstract
US Cybersecurity and Infrastructure Security Agency (CISA) added seven new flaws to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the following three new issues to its Known...Security Affairs
May 10, 2023
U.S. Government Neutralizes Russia’s Most Sophisticated Snake Cyber Espionage Tool Full Text
Abstract
The U.S. government on Tuesday announced the court-authorized disruption of a global network compromised by an advanced malware strain known as Snake wielded by Russia's Federal Security Service (FSB). Snake, dubbed the "most sophisticated cyber espionage tool," is the handiwork of a Russian state-sponsored group called Turla (aka Iron Hunter, Secret Blizzard, SUMMIT, Uroburos, Venomous Bear, and Waterbug), which the U.S. government attributes to a unit within Center 16 of the FSB. The threat actor has a track record of heavily focusing on entities in Europe, the Commonwealth of Independent States (CIS), and countries affiliated with NATO, with recent activity expanding its footprint to incorporate Middle Eastern nations deemed a threat to countries supported by Russia in the region. "For nearly 20 years, this unit [...] has used versions of the Snake malware to steal sensitive documents from hundreds of computer systems in at least 50 countries, which haveThe Hacker News
May 8, 2023
CERT-UA warns of an ongoing SmokeLoader campaign Full Text
Abstract
Ukraine's CERT-UA warns of an ongoing phishing campaign aimed at distributing the SmokeLoader malware in the form of a polyglot file. CERT-UA warns of an ongoing phishing campaign that is distributing the SmokeLoader malware in the form of a polyglot...Security Affairs
May 8, 2023
White House official says Counter Ransomware Initiative focused on ‘expanding the tent,’ with Jordan, Costa Rica, Colombia joining Full Text
Abstract
According to White House Deputy National Security Adviser Anne Neuberger, there were more than 6,500 ransomware attacks across the globe between 2020 and 2022, prompting difficult discussions about ways to disrupt the ecosystem.Cyware
May 03, 2023
CISA Issues Advisory on Critical RCE Affecting ME RTU Remote Terminal Units Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday released an Industrial Control Systems (ICS) advisory about a critical flaw affecting ME RTU remote terminal units. The security vulnerability, tracked as CVE-2023-2131 , has received the highest severity rating of 10.0 on the CVSS scoring system for its low attack complexity. "Successful exploitation of this vulnerability could allow remote code execution," CISA said , describing it as a case of command injection affecting versions of INEA ME RTU firmware prior to version 3.36 . Security researcher Floris Hendriks of Radboud University has been credited with reporting the issue to CISA. Also published by CISA is an alert related to multiple known security holes in Intel(R) processors impacting Factory Automation (FA) products from Mitsubishi Electric that could result in privilege escalation and a denial-of-service (DoS) condition. The development comes as the agency recommended critiThe Hacker News
May 02, 2023
Alert: Active Exploitation of TP-Link, Apache, and Oracle Vulnerabilities Detected Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three flaws to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The security vulnerabilities are as follows - CVE-2023-1389 (CVSS score: 8.8) - TP-Link Archer AX-21 Command Injection Vulnerability CVE-2021-45046 (CVSS score: 9.0) - Apache Log4j2 Deserialization of Untrusted Data Vulnerability CVE-2023-21839 (CVSS score: 7.5) - Oracle WebLogic Server Unspecified Vulnerability CVE-2023-1389 concerns a case of command injection affecting TP-Link Archer AX-21 routers that could be exploited to achieve remote code execution. According to Trend Micro's Zero Day Initiative, the flaw has been put to use by threat actors associated with the Mirai botnet since April 11, 2023. The second flaw to be added to the KEV catalog is CVE-2021-45046, a remote code execution affecting the Apache Log4j2 logging library that came to light in December 2021. It's cuThe Hacker News
May 2, 2023
CISA adds TP-Link, Apache, and Oracle bugs to its Known Exploited Vulnerabilities catalog Full Text
Abstract
US Cybersecurity and Infrastructure Security Agency (CISA) added TP-Link, Apache, and Oracle vulnerabilities to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the following three...Security Affairs
April 29, 2023
CISA warns of a critical flaw affecting Illumina medical devices Full Text
Abstract
U.S. CISA released an Industrial Control Systems (ICS) medical advisory warning of a critical flaw affecting Illumina medical devices. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS)...Security Affairs
April 29, 2023
CISA Warns of Critical Flaws in Illumina’s DNA Sequencing Instruments Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS) medical advisory warning of a critical flaw impacting Illumina medical devices. The issues impact the Universal Copy Service (UCS) software in the Illumina MiSeqDx, NextSeq 550Dx, iScan, iSeq 100, MiniSeq, MiSeq, NextSeq 500, NextSeq 550, NextSeq 1000/2000, and NovaSeq 6000 DNA sequencing instruments. The most severe of the flaws, CVE-2023-1968 (CVSS score: 10.0), permits remote attackers to bind to exposed IP addresses, thereby making it possible to eavesdrop on network traffic and remotely transmit arbitrary commands. The second issue relates to a case of privilege misconfiguration (CVE-2023-1966, CVSS score: 7.4) that could enable a remote unauthenticated malicious actor to upload and execute code with elevated permissions. "Successful exploitation of these vulnerabilities could allow an attacker to take any action at the operating system level," CISA saThe Hacker News
April 28, 2023
Biden’s Spyware Order: A Needed First Step Full Text
Abstract
The executive order’s ultimate impact will depend on whether the White House can galvanize similar action in Congress, at the local level, and among like-minded governments abroad.Lawfare
April 28, 2023
FDA, CISA: Illumina Medical Devices Vulnerable to Remote Hacking Full Text
Abstract
The US government is notifying healthcare providers and lab personnel about a component used by several Illumina medical devices being affected by serious vulnerabilities that can allow remote hacking.Cyware
April 22, 2023
CISA Adds 3 Actively Exploited Flaws to KEV Catalog, including Critical PaperCut Bug Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three security flaws to its Known Exploited Vulnerabilities ( KEV ) catalog, based on evidence of active exploitation. The three vulnerabilities are as follows - CVE-2023-28432 (CVSS score - 7.5) - MinIO Information Disclosure Vulnerability CVE-2023-27350 (CVSS score - 9.8) - PaperCut MF/NG Improper Access Control Vulnerability CVE-2023-2136 (CVSS score - TBD) - Google Chrome Skia Integer Overflow Vulnerability "In a cluster deployment, MinIO returns all environment variables, including MINIO_SECRET_KEY and MINIO_ROOT_PASSWORD, resulting in information disclosure," MinIO maintainers said in an advisory published on March 21, 2023. Data gathered by GreyNoise shows that as many as 18 unique malicious IP addresses from the U.S., the Netherlands, France, Japan, and Finland have attempted to exploit the flaw over the past 30 days. The threat intelligence company, in an alert pThe Hacker News
April 22, 2023
CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog Full Text
Abstract
US Cybersecurity and Infrastructure Security Agency (CISA) added MinIO, PaperCut, and Chrome vulnerabilities to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the following three...Security Affairs
April 21, 2023
US Teams Up With Partner Nations to Release Smart City Cyber Guidance Full Text
Abstract
These guidelines, developed by a group of agencies—including the U.S. CISA, the ACSC, and the U.K NCSC—aim to help communities transitioning into "smart cities" fortify the digital networks crucial to delivering basic utilities and services.Cyware
April 18, 2023
CISA adds bugs in Chrome and macOS to its Known Exploited Vulnerabilities catalog Full Text
Abstract
US Cybersecurity and Infrastructure Security Agency (CISA) added Chrome and macOS vulnerabilities to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the following five new issues...Security Affairs
April 15, 2023
CISA adds bugs in Android and Novi Survey to its Known Exploited Vulnerabilities catalog Full Text
Abstract
US Cybersecurity and Infrastructure Security Agency (CISA) added Android and Novi Survey flaws to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the following five new issues to its Known...Security Affairs
April 14, 2023
12,000 Indian Government Websites on Alert for Indonesian Hacking Threat Full Text
Abstract
CERT-In issued an ‘Urgent- High Alert’ warning to all Central and state agencies and departments to be alert of potential attacks by Indonesian hackers and report any such incidents to them immediately.Cyware
April 12, 2023
IRS acting CIO: Securing software supply chain remains a challenge for agencies Full Text
Abstract
Finding the right balance between encouraging innovation within development teams and securing the software supply chain remains a challenge for federal agencies, according to the acting chief information officer of the IRS.Cyware
April 11, 2023
CISA Issues Advisories on Critical ICS and SCADA Vulnerabilities Full Text
Abstract
Multiple advisories have been released by the CISA covering bugs found in ICS and SCADA software from several vendors including Rockwell Automation, Hitachi Energy, JTEKT Electronics, Korenix, mySCADA Technologies, and Industrial Control Links. ScadaFlex II series controllers by Industrial Control ... Read MoreCyware
April 10, 2023
CISA adds zero-day bugs in iPhones, Macs, and iPads to its Known Exploited Vulnerabilities catalog Full Text
Abstract
US Cybersecurity and Infrastructure Security Agency (CISA) added two flaws in iPhones, Macs, and iPads to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the following five new issues...Security Affairs
April 10, 2023
Biden cyber officials see auto, food safety as models for security overhaul Full Text
Abstract
The blueprint for holding the technology industry accountable for product security is based on similar efforts that resulted in the automobile industry creating safer cars, Acting National Cyber Director Kemba Walden said last week.Cyware
April 10, 2023
CISA Warns of 5 Actively Exploited Security Flaws: Urgent Action Required Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added five security flaws to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active exploitation in the wild. This includes three high-severity flaws in the Veritas Backup Exec Agent software (CVE-2021-27876, CVE-2021-27877, and CVE-2021-27878) that could lead to the execution of privileged commands on the underlying system. The flaws were fixed in a patch released by Veritas in March 2021. CVE-2021-27876 (CVSS score: 8.1) - Veritas Backup Exec Agent File Access Vulnerability CVE-2021-27877 (CVSS score: 8.2) - Veritas Backup Exec Agent Improper Authentication Vulnerability CVE-2021-27878 (CVSS score: 8.8) - Veritas Backup Exec Agent Command Execution Vulnerability Google-owned Mandiant, in a report published last week, revealed that an affiliate associated with the BlackCat (aka ALPHV and Noberus) ransomware operation is targeting publicly exposed Veritas Backup Exec inThe Hacker News
April 8, 2023
CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog Full Text
Abstract
US CISA has added Veritas Backup Exec flaws, which were exploited in ransomware attacks, to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the following five new issues to its Known...Security Affairs
April 07, 2023
CISA Warns of Critical ICS Flaws in Hitachi, mySCADA, ICL, and Nexx Products Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published eight Industrial Control Systems (ICS) advisories warning of critical flaws affecting products from Hitachi Energy, mySCADA Technologies, Industrial Control Links, and Nexx. Topping the list is CVE-2022-3682 (CVSS score: 9.9), impacting Hitachi Energy's MicroSCADA System Data Manager SDM600 that could allow an attacker to take remote control of the product. The flaw stems from an issue with file permission validation, thereby permitting an adversary to upload a specially crafted message to the system, leading to arbitrary code execution. Hitachi Energy has released SDM600 1.3.0.1339 to mitigate the issue for SDM600 versions prior to version 1.2 FP3 HF4 (Build Nr. 1.2.23000.291). Another set of five critical vulnerabilities – CVE-2023-28400 , CVE-2023-28716 , CVE-2023-28384 , CVE-2023-29169 , and CVE-2023-29150 (CVSS scores: 9.9) – relate to command injection bugs present in mySCADA myThe Hacker News
April 5, 2023
U.K. National Cyber Force, Responsible Cyber Power, and Cyber Persistence Theory Full Text
Abstract
The U.K. National Cyber Force’s operating document offers a framework for responsible cyber behavior in the highly contested cyber strategic environment and further validates cyber persistence theory.Lawfare
April 5, 2023
CISA JCDC Will Focus on Energy Sector Full Text
Abstract
The CISA 's Joint Cyber Defense Collective (JCDC) initiative is going to build operation plans for protecting and responding to cyber threats. What comes to mind when you think of cyber criminals? Depending on who you ask, you’ll get a variety of answers....Security Affairs
April 4, 2023
Zimbra Flaw Exploited by Russia Against NATO Countries Added to CISA ‘Must Patch’ List Full Text
Abstract
Because of this issue, an endpoint URL may accept parameters without sanitization, which could allow an unauthenticated attacker to provide crafted request parameters leading to the execution of arbitrary web scripts or HTML code.Cyware
April 4, 2023
CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog Full Text
Abstract
US CISA has added a Zimbra flaw, which was exploited in attacks targeting NATO countries, to its Known Exploited Vulnerabilities catalog U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Zimbra flaw, tracked as CVE-2022-27926,...Security Affairs
April 4, 2023
Australia takes its turn to kick TikTok off government kit Full Text
Abstract
Australia has joined the growing list of nations that have decided TikTok represents an unacceptable risk when running on government-owned devices, so has decided not to allow it onto those machines.Cyware
April 3, 2023
Bank of England Warns of Potential Cyberattacks on Financial System Full Text
Abstract
The Bank of England has issued a stern warning to banks, insurers, and market infrastructure companies to take immediate steps to bolster their defenses against a potential major cyberattack.Cyware
April 1, 2023
CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog Full Text
Abstract
CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added nine new vulnerabilities to its Known...Security Affairs
March 31, 2023
Biden administration goes global in effort to constrain spyware use Full Text
Abstract
Acoalition of 11 countries committed on Thursday to counter the misuse of commercial spyware, a step toward building an international agreement to curb technology deployed by authoritarian countries to spy on dissidents and journalists.Cyware
March 28, 2023
President Biden Signs Executive Order Restricting Use of Commercial Spyware Full Text
Abstract
U.S. President Joe Biden on Monday signed an executive order that restricts the use of commercial spyware by federal government agencies. The order said the spyware ecosystem "poses significant counterintelligence or security risks to the United States Government or significant risks of improper use by a foreign government or foreign person." It also seeks to ensure that the government's use of such tools is done in a manner that's "consistent with respect for the rule of law, human rights, and democratic norms and values." To that end, the order lays out the various criteria under which commercial spyware could be disqualified for use by U.S. government agencies. They include - The purchase of commercial spyware by a foreign government or person to target the U.S. government, A commercial spyware vendor that uses or discloses sensitive data obtained from the cyber surveillance tool without authorization and operates under the control of a foreign gThe Hacker News
March 27, 2023
CISA Ships ‘Untitled Goose Tool’ to Hunt for Microsoft Azure Cloud Infections Full Text
Abstract
Azure network defenders can use the tool to export and review sign-in audit logs and activity alerts from a range of Azure and Microsoft Defender environments to pinpoint signs of suspicious activity.Cyware
March 25, 2023
TikTok CEO got grilled by lawmakers from both parties on whether the Chinese-owned app can protect American privacy Full Text
Abstract
TikTok CEO Shou Zi Chew’s testimony did not seem to quell many concerns that lawmakers had about the company’s connections to China or the adequacy of its risk-mitigation plan, Project Texas.Cyware
March 24, 2023
CISA announced the Pre-Ransomware Notifications initiative Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) announced the Pre-Ransomware Notifications service to help organizations stop ransomware attacks before damage occurs. The US Cybersecurity and Infrastructure Security Agency announced...Security Affairs
March 22, 2023
CISA Alerts on Critical Security Vulnerabilities in Industrial Control Systems Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released eight Industrial Control Systems (ICS) advisories on Tuesday, warning of critical flaws affecting equipment from Delta Electronics and Rockwell Automation. This includes 13 security vulnerabilities in Delta Electronics' InfraSuite Device Master, a real-time device monitoring software. All versions prior to 1.0.5 are affected by the issues. "Successful exploitation of these vulnerabilities could allow an unauthenticated attacker to obtain access to files and credentials, escalate privileges, and remotely execute arbitrary code," CISA said . Top of the list is CVE-2023-1133 (CVSS score: 9.8), a critical flaw that arises from the fact that InfraSuite Device Master accepts unverified UDP packets and deserializes the content , thereby allowing an unauthenticated remote attacker to execute arbitrary code. Two other deserialization flaws, CVE-2023-1139 (CVSS score: 8.8) and CVE-2023-1145The Hacker News
March 18, 2023
US Government Warns Organizations of LockBit 3.0 Ransomware Attacks Full Text
Abstract
Also referred to as LockBit Black, LockBit 3.0 has a more modular architecture compared to its previous variants, and supports various arguments that modify its behavior after deployment.Cyware
March 18, 2023
US govt agencies released a joint alert on the Lockbit 3.0 ransomware Full Text
Abstract
The US government released a joint advisory that provides technical details about the operation of the Lockbit 3.0 ransomware gang. The U.S. Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State...Security Affairs
March 16, 2023
Microsoft sheds light on a year of Russian hybrid warfare in Ukraine Full Text
Abstract
Russia-linked threat actors targeted at least 17 European nations in 2023, and 74 countries since the start of the invasion of Ukraine. Microsoft revealed that Russia-linked threat actors targeted at least 17 European nations between January and mid-February...Security Affairs
March 16, 2023
Polish intelligence dismantled a network of Russian spies Full Text
Abstract
Polish intelligence dismantled a cell of Russian spies that gathered info on military equipment deliveries to Ukraine via the EU member. Polish counter-intelligence has dismantled a cell of Russian spies that gathered information on the provisioning...Security Affairs
March 16, 2023
CISA adds Adobe ColdFusion bug to Known Exploited Vulnerabilities Catalog Full Text
Abstract
US CISA added an actively exploited vulnerability in Adobe ColdFusion to its Known Exploited Vulnerabilities Catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in Adobe ColdFusion, tracked as CVE-2023-26360 (CVSS...Security Affairs
March 16, 2023
CISA says federal civilian agency hacked by nation-state and criminal hacking groups Full Text
Abstract
According to the alert, both the unnamed nation-backed hacking group and the criminal group dubbed XE Group exploited known vulnerabilities in Progress Telerik software located in the unnamed government agency’s Microsoft IIS web server.Cyware
March 15, 2023
Rishi Sunak hints at TikTok ban from UK government devices Full Text
Abstract
Rishi Sunak has indicated that the UK could follow the US and Canada in banning TikTok from government devices, saying he will take “whatever steps are necessary” to protect Britain’s security.Cyware
March 13, 2023
CISA adds Plex Media Server bug, exploited in LastPass attack, to Known Exploited Vulnerabilities Catalog Full Text
Abstract
US CISA added remote code execution vulnerability in Plex Media Server to its Known Exploited Vulnerabilities Catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a remote code execution (RCE) vulnerability in the Plex Media...Security Affairs
March 11, 2023
CISA adds VMware’s Cloud Foundation bug to Known Exploited Vulnerabilities Catalog Full Text
Abstract
US CISA added an actively exploited vulnerability in VMware's Cloud Foundation to its Known Exploited Vulnerabilities Catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in VMware's Cloud Foundation,...Security Affairs
March 10, 2023
Department of Defense Releases Cyber Workforce Strategy, 2023–2027 Full Text
Abstract
The Cyber Workforce Strategy outlines steps to assess and enhance human capital over the next five years.Lawfare
March 10, 2023
White House Budget Seeks to Bolster US Tech Development, Modernize Standards Full Text
Abstract
The budget proposes $3.1 billion for the CISA. This includes “$98 million to implement the Cyber Incident Reporting for Critical Infrastructure Act,” as well as “$425 million to improve CISA’s internal cybersecurity and analytical capabilities.”Cyware
March 8, 2023
CISA adds three new bugs to Known Exploited Vulnerabilities Catalog Full Text
Abstract
US CISA added actively exploited flaws in Teclib GLPI, Apache Spark, and Zoho ManageEngine ADSelfService Plus to its Known Exploited Vulnerabilities Catalog. US CISA added the following actively exploited flaws to its Known Exploited Vulnerabilities...Security Affairs
March 08, 2023
CISA’s KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three security flaws to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active exploitation. The list of vulnerabilities is below - CVE-2022-35914 (CVSS score: 9.8) - Teclib GLPI Remote Code Execution Vulnerability CVE-2022-33891 (CVSS score: 8.8) - Apache Spark Command Injection Vulnerability CVE-2022-28810 (CVSS score: 6.8) - Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability The most critical of the three is CVE-2022-35914 , which concerns a remote code execution vulnerability in the third-party library htmlawed present in Teclib GLPI , an open source asset and IT management software package. The exact specifics surrounding the nature of attacks are unknown, but the Shadowserver Foundation in October 2022 noted that it has seen exploitation attempts against its honeypots. Since then, a cURL-based one-line proof of concept (PoC) has been made aThe Hacker News
March 8, 2023
US Senators Aim to Block Foreign Tech That Poses Threat Full Text
Abstract
Analysis in 2021 by The Citizen Lab concluded that TikTok collects types of data similar to what other social media platforms collect - and also said that "the general privacy standards for social platforms is not a high bar."Cyware
March 6, 2023
US government orders States to conduct cyber security audits of public water systems Full Text
Abstract
The US government urges cyber security audits of public water systems, highlighting the importance to secure US critical infrastructure. The Biden administration announced on Friday that it will make it mandatory for the states to conduct cyber security...Security Affairs
March 3, 2023
CISA Releases Decider Tool to Help with MITRE ATT&CK Mapping Full Text
Abstract
Decider makes the mapping process easier by asking the user a series of questions about the adversary’s activity in their network. The tool also provides search and filtering functionality, and allows users to export the results to common formats.Cyware
March 3, 2023
The Biden-Harris Administration Releases New National Cybersecurity Strategy Full Text
Abstract
The long-awaited National Cybersecurity Strategy seeks to make fundamental changes to underlying dynamics of the digital ecosystem.Lawfare
March 03, 2023
U.S. Cybersecurity Agency Raises Alarm Over Royal Ransomware’s Deadly Capabilities Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new advisory about Royal ransomware , which emerged in the threat landscape last year. "After gaining access to victims' networks, Royal actors disable antivirus software and exfiltrate large amounts of data before ultimately deploying the ransomware and encrypting the systems," CISA said . The custom ransomware program , which has targeted U.S. and international organizations since September 2022, is believed to have evolved from earlier iterations that were dubbed Zeon. What's more, it's said to be operated by seasoned threat actors who used to be part of Conti Team One, cybersecurity company Trend Micro disclosed in December 2022. The ransomware group employs call back phishing as a means of delivering their ransomware to victims, a technique widely adopted by criminal groups that splintered from the Conti enterprise last year following its shutdown. Other modes ofThe Hacker News
March 3, 2023
The U.S. CISA and FBI warn of Royal ransomware operation Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of the capabilities of the recently emerged Royal ransomware. The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded...Security Affairs
March 2, 2023
White House Releases National Cybersecurity Strategy Full Text
Abstract
The strategy is designed to address cyber threats while also working to increase pathways for digital innovation.Lawfare
March 1, 2023
Canada is going to ban TikTok on government mobile devices Full Text
Abstract
The Canadian government announced it will ban the video app TikTok from all government-issued devices over security concerns. Canada is going to ban the popular Chinese video-sharing app TikTok from the mobile devices of its employees over security...Security Affairs
February 28, 2023
CISA adds ZK Java Web Framework bug to Known Exploited Vulnerabilities Catalog Full Text
Abstract
US CISA added an actively exploited vulnerability in the ZK Java Web Framework to its Known Exploited Vulnerabilities Catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability, tracked as CVE-2022-36537 (CVSS...Security Affairs
February 28, 2023
CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity flaw affecting the ZK Framework to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation. Tracked as CVE-2022-36537 (CVSS score: 7.5), the issue impacts ZK Framework versions 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2, and 8.6.4.1, and allows threat actors to retrieve sensitive information via specially crafted requests. "The ZK Framework is an open source Java framework," CISA said . "This vulnerability can impact multiple products, including but not limited to ConnectWise R1Soft Server Backup Manager." The vulnerability was patched in May 2022 in versions 9.6.2, 9.6.0.2, 9.5.1.4, 9.0.1.3, and 8.6.4.2. As demonstrated by Huntress in a proof-of-concept (PoC) in October 2022, the vulnerability can be weaponized to bypass authentication, upload a backdoored JDBC database driver to gain code execution, and deploy ransomware on susceptibleThe Hacker News
February 24, 2023
CISA warns of disruptive attacks amid the anniversary of Russia’s invasion of Ukraine Full Text
Abstract
One year after Russia's invasion of Ukraine, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns organizations to increase vigilance. Exactly one year, Russia invaded Ukraine, and now one year later the U.S. Cybersecurity and Infrastructure...Security Affairs
February 24, 2023
CISA Sounds Alarm on Cybersecurity Threats Amid Russia’s Invasion Anniversary Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging organizations and individuals to increase their cyber vigilance, as Russia's military invasion of Ukraine officially enters one year . "CISA assesses that the United States and European nations may experience disruptive and defacement attacks against websites in an attempt to sow chaos and societal discord on February 24, 2023, the anniversary of Russia's 2022 invasion of Ukraine," the agency said . To that end, CISA is recommending that organizations implement cybersecurity best practices, increase preparedness, and take proactive steps to reduce the likelihood and impact of distributed denial-of-service (DDoS) attacks. The advisory comes as the Computer Emergency Response Team of Ukraine (CERT-UA) revealed that Russian nation-state hackers breached government websites and planted backdoors as far back as December 2021. CERT-UA attributed the activity to a threat actor it trackThe Hacker News
February 23, 2023
The European Commission has banned its staff from using TikTok over security concerns Full Text
Abstract
The European Commission has banned its employees from using the Chinese social media app TikTok over security concerns. The European Union has banned the popular Chinese video-sharing app TikTok from the mobile devices of its employees over security...Security Affairs
February 23, 2023
Many cyber operations conducted by Russia are yet to be publicly disclosed, says Dutch intelligence Full Text
Abstract
Dutch intelligence revealed that many cyber operations attributed to Russia against Ukraine and NATO members have yet to be publicly disclosed. According to a joint report published by the Dutch General Intelligence and Security Service (AIVD), and the Military...Security Affairs
February 22, 2023
CISA adds IBM Aspera Faspex and Mitel MiVoice to Known Exploited Vulnerabilities Catalog Full Text
Abstract
US CISA added actively exploited flaws in IBM Aspera Faspex and Mitel MiVoice to its Known Exploited Vulnerabilities Catalog. US CISA added the following actively exploited flaws to its Known Exploited Vulnerabilities Catalog: CVE-2022-47986 (CVSS...Security Affairs
February 22, 2023
U.S. Cybersecurity Agency CISA Adds Three New Vulnerabilities in KEV Catalog Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of shortcomings is as follows - CVE-2022-47986 (CVSS score: 9.8) - IBM Aspera Faspex Code Execution Vulnerability CVE-2022-41223 (CVSS score: 6.8) - Mitel MiVoice Connect Code Injection Vulnerability CVE-2022-40765 (CVSS score: 6.8) - Mitel MiVoice Connect Command Injection Vulnerability CVE-2022-47986 is described as a YAML deserialization flaw in the file transfer solution that could allow a remote attacker to execute code on the system. Details of the flaw and a proof-of-concept (PoC) were shared by Assetnote on February 2, a day after which the Shadowserver Foundation said it "picked up exploitation attempts" in the wild. The active exploitation of the Aspera Faspex flaw comes shortly after a vulnerability in Fortra's GoAnywhere MFT-managed filThe Hacker News
February 20, 2023
ENISA and CERT-EU Warn of Chinese APTs Targeting EU Organizations Full Text
Abstract
The joint report focus on cyber activities conducted by multiple Chinese Advanced Persistent Threat (APT) groups, including APT27, APT30, APT31, Ke3chang, GALLIUM, and Mustang Panda.Cyware
February 17, 2023
CISA adds Cacti, Office, Windows and iOS bugs to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
US CISA added actively exploited flaws in Cacti framework, Microsoft Office, Windows, and iOS to its Known Exploited Vulnerabilities Catalog. US CISA added the following actively exploited flaws to its Known Exploited Vulnerabilities Catalog: CVE-2022-46169...Security Affairs
February 13, 2023
Education Department reminds colleges of deadline for following cybersecurity rules Full Text
Abstract
Higher-education institutions that handle federal financial aid data have until early June to comply with federal rules for protecting privacy and personal information, the Education Department noted this week.Cyware
February 12, 2023
Australian Defense Department will replace surveillance cameras from Chinese firms Hikvision and Dahua Full Text
Abstract
Australia’s Defense Department announced that they will remove surveillance cameras made by Chinese firms linked to the government of Beijing. Australia’s Defense Department is going to replace surveillance cameras made by Chinese firms Hikvision...Security Affairs
February 12, 2023
Russian Government evaluates the immunity to hackers acting in the interests of Russia Full Text
Abstract
The Russian Government proposed to give a sort of immunity to the hackers that operate in the interests of Moscow. Russian media reported that Alexander Khinshtein, the head of the Duma committee on information policy, announced that the Russian...Security Affairs
February 11, 2023
Remcos RAT Used to Spy on Ukrainian Government - Says CERT-UA Full Text
Abstract
An alert from the CERT-UA revealed that threat actors conducted a phishing campaign against Ukrainian government agencies to deploy the Remcos RAT on their computers. The email contained a file reminding recipients to pay for services availed from Ukrtelecom. This latest Remcos version leverages th ... Read MoreCyware
February 11, 2023
CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three flaws to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active abuse in the wild. Included among the three is CVE-2022-24990 , a bug affecting TerraMaster network-attached storage (TNAS) devices that could lead to unauthenticated remote code execution with the highest privileges. Details about the flaw were disclosed by Ethiopian cyber security research firm Octagon Networks in March 2022. The vulnerability, according to a joint advisory released by U.S. and South Korean government authorities, is said to have been weaponized by North Korean nation-state hackers to strike healthcare and critical infrastructure entities with ransomware. The second shortcoming to be added to KEV catalog is CVE-2015-2291 , an unspecified flaw in the Intel ethernet diagnostics driver for Windows (IQVW32.sys and IQVW64.sys) that could throw an affected device into a denial-of-serviceThe Hacker News
February 11, 2023
CISA adds Fortra MFT, TerraMaster NAS, Intel driver Flaws, to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
US CISA added actively exploited flaws in Fortra MFT, Intel driver, and TerraMaster NAS to its Known Exploited Vulnerabilities Catalog. US CISA added actively exploited flaws in Fortra MFT, Intel driver, and TerraMaster NAS, respectively tracked as CVE-2023-0669,...Security Affairs
February 9, 2023
United States and United Kingdom Issue Joint Sanctions on Members of Russian Cybercrime Gang Full Text
Abstract
The United States and United Kingdom have issued joint sanctions against members of Trickbot, the first sanctions of their kind from U.K. authorities.Lawfare
February 9, 2023
FBI Media Alert: Valentine’s Day in New Mexico Means Love - and Scams Full Text
Abstract
Romance scam perpetrators are usually men targeting older women who are divorced, widowed, elderly, or disabled—but scammers do not discriminate. To facilitate the investment and demonstrate the ROI, victims are directed to fake websites.Cyware
February 8, 2023
Ukraine CERT-UA warns of phishing attacks employing Remcos software Full Text
Abstract
The Computer Emergency Response Team of Ukraine (CERT-UA) warns of a new wave of attacks against state authorities to deploy the Remcos software. The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of a phishing campaign aimed at state...Security Affairs
February 8, 2023
US CISA releases a script to recover servers infected with ESXiArgs ransomware Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a script to recover VMware ESXi servers infected with ESXiArgs ransomware. Good news for the victims of the recent wave of ESXiArgs ransomware attacks, the U.S. Cybersecurity...Security Affairs
February 08, 2023
CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks Full Text
Abstract
The Computer Emergency Response Team of Ukraine (CERT-UA) has issued an alert warning of cyber attacks against state authorities in the country that deploy a legitimate remote access software named Remcos. The mass phishing campaign has been attributed to a threat actor it tracks as UAC-0050 , with the agency describing the activity as likely motivated by espionage given the toolset employed. The bogus emails that kick-start the infection sequence claim to be from Ukrainian telecom company Ukrtelecom and come bearing a decoy RAR archive. Of the two files present in the file, one is a password-protected RAR archive that's over 600MB and the other is a text file containing the password to open the RAR file. Embedded within the second RAR archive is an executable that leads to the installation of the Remcos remote access software, granting the attacker full access to commandeer compromised computers. Remcos , short for remote control and surveillance software, is offered by BThe Hacker News
February 6, 2023
Italian National Cybersecurity Agency (ACN) warns of massive ransomware campaign targeting VMware ESXi servers Full Text
Abstract
The Italian National Cybersecurity Agency (ACN) warns of an ongoing massive ransomware campaign targeting VMware ESXi servers. The Italian National Cybersecurity Agency (ACN) warns of an ongoing massive ransomware campaign targeting VMware ESXi servers...Security Affairs
February 4, 2023
CISA adds Oracle, SugarCRM bugs to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
US CISA added actively exploited vulnerabilities in SugarCRM and Oracle products to its Known Exploited Vulnerabilities Catalog. The Cybersecurity and Infrastructure Security Agency (CISA) added Oracle and SugarCRM flaws, respectively tracked as CVE-2022-21587...Security Affairs
February 4, 2023
CERT-FR warns of a new wave of ransomware attacks targeting VMware ESXi servers Full Text
Abstract
A new wave of ransomware attacks is targeting VMware ESXi servers to deliver ransomware, CERT of France warns. The French Computer Emergency Response Team (CERT-FR) warns that threat actors are targeting VMware ESXi servers to deploy ransomware. CERT-FR...Security Affairs
February 03, 2023
CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on February 2 added two security flaws to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation. The first of the two vulnerabilities is CVE-2022-21587 (CVSS score: 9.8), a critical issue impacting versions 12.2.3 to 12.2.11 of the Oracle Web Applications Desktop Integrator product. "Oracle E-Business Suite contains an unspecified vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator," CISA said . The issue was addressed by Oracle as part of its Critical Patch Update released in October 2022. Not much is known about the nature of the attacks exploiting the vulnerability, but the development follows the publication of a proof-of-concept (PoC) by cybersecurity firm Viettel on January 16, 2023. The second security flaw to be added to the KEV catalog is CVE-2023-22952 (CVSS score:The Hacker News
January 31, 2023
HHS, AHA Warn of Surge in Russian DDoS Attacks on US Healthcare Sector Entities Full Text
Abstract
U.S. government and industry authorities are warning the healthcare sector of a surge in distributed denial-of-service attacks in recent days against hospitals and other medical entities instigated by Russian nuisance hacking group KillNet.Cyware
January 27,2023
British Cyber Agency Warns of Russian and Iranian Hackers Targeting Key Industries Full Text
Abstract
The U.K. National Cyber Security Centre (NCSC) on Thursday warned of spear-phishing attacks mounted by Russian and Iranian state-sponsored actors for information-gathering operations. "The attacks are not aimed at the general public but targets in specified sectors, including academia, defense, government organizations, NGOs, think tanks, as well as politicians, journalists and activists," the NCSC said . The agency attributed the intrusions to SEABORGIUM (aka Callisto, COLDRIVER, and TA446) and APT42 (aka ITG18, TA453, and Yellow Garuda). The similarities in the modus operandi aside, there is no evidence the two groups are collaborating with each other. The activity is typical of spear-phishing campaigns, where the threat actors send messages tailored to the targets, while also taking enough time to research their interests and identify their social and professional circles. The initial contact is designed to appear innocuous in an attempt to gain their trust and cThe Hacker News
January 26, 2023
UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups Full Text
Abstract
The U.K. National Cyber Security Centre (NCSC) warns of a surge in the number of attacks from Russian and Iranian nation-state actors. The U.K. National Cyber Security Centre (NCSC) is warning of targeted phishing attacks conducted by threat actors...Security Affairs
January 26, 2023
GSA seeks nominations for new FedRAMP cloud advisory committee Full Text
Abstract
The General Services Administration announced Tuesday that it is accepting advisory board member nominations for the FedRAMP cybersecurity authorization program, marking the first step in implementing recent legislation that reformed the program.Cyware
January 26, 2023
CISA Releases Guide to Help Safeguard K-12 Schools from Cyber Threats Full Text
Abstract
The CISA released a report outlining a variety of steps that K-12 schools and districts should take to enhance their cybersecurity practices, amid an increase in ransomware attacks and other digital threats targeting education institutions.Cyware
January 26, 2023
FTC Marks Identity Theft Awareness Week for 2023 on January 30-February 3 Full Text
Abstract
The Federal Trade Commission will mark its annual Identity Theft Awareness Week with a series of free events January 30-February 3 focused on how identity theft affects people of every community and ways to reduce your risk.Cyware
January 26, 2023
British Cyber Agency Issues Warning Over Russian and Iranian Espionage Campaigns Full Text
Abstract
The U.K NCSC warned that instead of sending surprise phishing emails, the Russia-based SEABORGIUM and Iran-based APT42 (or Charming Kitten) are contacting their targets in a benign fashion and attempting to build a rapport and a sense of trust.Cyware
January 26, 2023
Avoid TikTok for government work, Dutch officials told Full Text
Abstract
Public authorities in the Netherlands are being told to steer clear of TikTok amid growing concerns across the EU and U.S. that the Chinese-owned video-sharing platform poses privacy risks.Cyware
January 23, 2023
International Counter Ransomware Task Force kicks off Full Text
Abstract
An international counter-ransomware task force first announced at a White House event in November officially commenced operations on Monday, according to the Australian government which is the inaugural chair of the group.Cyware
January 20, 2023
HHS CIO Mathias says tree-based AI models helping to combat Medicare fraud Full Text
Abstract
The HHS has launched a pilot program to tackle Medicare fraud using tree-based artificial intelligence models and deep learning approaches, HHS Chief Information Officer Karl Mathias said Wednesday.Cyware
January 19, 2023
US CISA adds Centos Web Panel RCE CVE-2022-44877 to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
US CISA added the vulnerability CVE-2022-44877 in CentOS Control Web Panel utility to its Known Exploited Vulnerabilities Catalog. The US CISA added the Centos Web Panel 7 unauthenticated remote code execution flaw (CVE-2022-44877) to its Known Exploited...Security Affairs
January 18,2023
CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published four Industrial Control Systems (ICS) advisories, calling out several security flaws affecting products from Siemens, GE Digital, and Contec. The most critical of the issues have been identified in Siemens SINEC INS that could lead to remote code execution via a path traversal flaw ( CVE-2022-45092 , CVSS score: 9.9) and command injection ( CVE-2022-2068 , CVSS score: 9.8). Also patched by Siemens is an authentication bypass vulnerability in llhttp parser ( CVE-2022-35256 , CVSS score: 9.8) as well as an out-of-bounds write bug in the OpenSSL library ( CVE-2022-2274 , CVSS score: 9.8) that could be exploited to trigger remote code execution. The German automation company, in December 2022, released Service Pack 2 Update 1 software to mitigate the flaws. Separately, a critical flaw has also been revealed in GE Digital's Proficy Historian solution that could result in code execution regardless ofThe Hacker News
January 16,2023
CISA Warns for Flaws Affecting Industrial Control Systems from Major Manufacturers Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released several Industrial Control Systems (ICS) advisories warning of critical security flaws affecting products from Sewio, InHand Networks, Sauter Controls, and Siemens. The most severe of the flaws relate to Sewio's RTLS Studio, which could be exploited by an attacker to "obtain unauthorized access to the server, alter information, create a denial-of-service condition, gain escalated privileges, and execute arbitrary code," according to CISA . This includes CVE-2022-45444 (CVSS score: 10.0), a case of hard-coded passwords for select users in the application's database that potentially grant remote adversaries unrestricted access. Also notable are two command injection flaws (CVE-2022-47911 and CVE-2022-43483, CVSS scores: 9.1) and an out-of-bounds write vulnerability (CVE-2022-41989, CVSS score: 9.1) that could result in denial-of-service condition or code execution. The vulnerabilitiesThe Hacker News
January 13, 2023
New York state adds $35 million to 2023 cybersecurity budget as attacks soar Full Text
Abstract
New York Governor Kathy Hochul is adding an additional $35 million in funding to the state’s $61.9 million cybersecurity budget for this year, while also creating a new team focusing on protecting critical infrastructure.Cyware
January 11, 2023
US CISA adds MS Exchange bug CVE-2022-41080 to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
US CISA added Microsoft Exchange elevation of privileges bug CVE-2022-41080 to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two new vulnerabilities to its Known Exploited Vulnerabilities...Security Affairs
January 6, 2023
FBI warns of imposter ads in search results Full Text
Abstract
It’s no secret that rogue ads have been a particular plague on the Internet for as far back as we can remember. The FBI warning concerns fake ads impersonating the real thing and diverting potential victims off to parts unknown.Cyware
January 5, 2023
NIST Finalizes Cybersecurity Guidance for Ground Segment of Space Operations Full Text
Abstract
The NIST has published the final version of its guidance on applying the Cybersecurity Framework to the ground segment of space operations, specifically satellite command and control.Cyware
January 04,2023
The FBI’s Perspective on Ransomware Full Text
Abstract
Ransomware: contemporary threats, how to prevent them and how the FBI can help In April 2021, Dutch supermarkets faced a food shortage. The cause wasn't a drought or a sudden surge in the demand for avocados. Rather, the reason was a ransomware attack. In the past years, companies, universities, schools, medical facilities and other organizations have been targeted by ransomware threat actors, turning ransomware into the internet's most severe security crisis. The Ransomware Landscape Ransomware has existed for more than 30 years, but it became a lucrative source of income for cyber actors and gangs in the past decade. Since 2015, ransomware gangs have been targeting organizations instead of individuals. Consequently, ransom sums have increased significantly, reaching millions of dollars. Ransomware is effective because it pressures victims in two, complementary ways. First, by threatening victims to destroy their data. Second, by threatening to publicize the attack. The sThe Hacker News
January 4, 2023
How Can the White House’s New IoT Labels Improve Security? Full Text
Abstract
The White House’s National Security Council (NSC) is working on an ambitious project to improve consumer Internet of Things (IoT) security through industry-standard labeling.Cyware
January 2, 2023
Poland warns of pro-Kremlin cyberattacks aimed at destabilization Full Text
Abstract
The cyberattacks on Poland’s government services, private companies, media organizations, and ordinary citizens have intensified over the past year, Poland’s security agency said.Cyware
December 30, 2022
CISA adds JasperReports vulnerabilities to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
US CISA added TIBCO Software's JasperReports vulnerabilities to its Known Exploited Vulnerabilities Catalog. US CISA added TIBCO Software's JasperReports vulnerabilities, tracked as CVE-2018-5430 (CVSS score: 7.7) and CVE-2018-18809 (CVSS...Security Affairs
December 29, 2022
Govt of India Issues Advisory Against Potential Phishing Attacks Full Text
Abstract
The Computer Emergency Response Team (CERT-In) issued an advisory in the wake of this data breach. It warned Indian users that their accounts could be compromised due to the phishing attacks that cybercriminals undertake.Cyware
December 29, 2022
Lawmakers Signal Inquiries Into U.S. Government’s Use of Foreign Spyware Full Text
Abstract
Countries globally have embraced commercial spyware for the new powers of surveillance it gives them. The Israeli firm NSO held a near monopoly in the industry for nearly a decade, selling Pegasus to Mexico, Saudi Arabia, India, and other nations.Cyware
December 28, 2022
UAE Panel on Cybersecurity Warns Against Cyberattacks During New Year Celebrations Full Text
Abstract
The council then pointed out that many countries have witnessed the rapid digital transformation in services and daily transactions, which has increased the risks posed by cyberattacks against various sectors, including electricity, gas, and water.Cyware
December 22, 2022
France Seeks to Protect Hospitals After Series of Cyberattacks Full Text
Abstract
"The target is that 100 percent of the most important health facilities have undergone these new exercises by May 2023," the interior, health, and digital services ministers announced in a joint statement.Cyware
December 21, 2022
FBI warns of search engine ads pushing malware, phishing Full Text
Abstract
The FBI warns that threat actors are using search engine advertisements to promote websites distributing ransomware or stealing login credentials for financial institutions and crypto exchanges.BleepingComputer
December 20, 2022
Cyber Command conducted offensive operations to protect midterm elections Full Text
Abstract
U.S. Cyber Command conducted both defensive and offensive operations to thwart foreign actors from interfering in the 2022 midterms, according to the digital combat unit’s chief.Cyware
December 19, 2022
US Puts 3 Dozen More Chinese Companies on Trade Blacklist Full Text
Abstract
The U.S. Department of Commerce is adding 36 Chinese high-tech companies, including makers of aviation equipment, chemicals, and computer chips, to an export controls blacklist, citing concerns over national security, U.S. interests and human rights.Cyware
December 19, 2022
US Gov warns of BEC attacks to hijack shipments of food products Full Text
Abstract
US government is warning of business email compromise (BEC) attacks aimed at hijacking shipments of food products and ingredients. The Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI),...Security Affairs
December 16, 2022
FBI warns that BEC attacks now also target food shipments Full Text
Abstract
Organizations in the food sector are now also targeted in business email compromise (BEC) attacks, according to a joint advisory issued by the FBI, the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the U.S. Department of Agriculture (USDA).BleepingComputer
December 16, 2022
CISA adds Veeam Backup and Replication bugs to Known Exploited Vulnerabilities Catalog Full Text
Abstract
US CISA added two vulnerabilities impacting Veeam Backup & Replication software to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two vulnerabilities impacting Veeam Backup...Security Affairs
December 15, 2022
HHS Issues an Alert on LockBit 3.0 Attacks Full Text
Abstract
The HHS warned the healthcare and public health sector organizations against the rising number of LockBit 3.0 ransomware attacks, along with other ransomware and triple-extortion. The frequent attack vectors associated with ransomware are phishing, Remote Desktop Protocol (RDP), credentials, and kn ... Read MoreCyware
December 14, 2022
NSA shares tips on mitigating 5G network slicing threats Full Text
Abstract
The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI), have published a joint report that highlights the most likely risks and potential threats in 5G network slicing implementations.BleepingComputer
December 14, 2022
Mapping Threat Intelligence to the NIST Compliance Framework Full Text
Abstract
Using the NIST Framework, organizations assess their current security posture, agree to organizational goals, understand their gaps, and develop plans to optimize their security posture.Cyware
December 12, 2022
Australia Aims to Be World’s ‘Most Cyber-Secure’ Country Full Text
Abstract
A top Australian official vowed to transform the country into "the world’s most cyber-secure country by 2030" after a wave of data breaches revealed the personal data of millions of residents.Cyware
December 10, 2022
US HHS warns healthcare orgs of Royal Ransomware attacks Full Text
Abstract
The US Department of Health and Human Services (HHS) warns healthcare organizations of Royal ransomware attacks. The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars....Security Affairs
December 08, 2022
US Health Dept warns of Royal Ransomware targeting healthcare Full Text
Abstract
The U.S. Department of Health and Human Services (HHS) issued a new warning today for the country's healthcare organizations regarding ongoing attacks from a relatively new operation, the Royal ransomware gang.BleepingComputer
December 7, 2022
Maryland bans use of TikTok, other products by state agencies Full Text
Abstract
The state of Maryland banned the use of TikTok and other Chinese and Russian products by state agencies, citing reporting by NBC News about hackers linked to the Chinese government stealing millions in Covid benefits from U.S. state governments.Cyware
December 05, 2022
CISA orders agencies to patch exploited Google Chrome bug by Dec 26th Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) has added one more security vulnerability to its list of bugs known to be exploited in attacks.BleepingComputer
December 4, 2022
US DHS Cyber Safety Board will review Lapsus$ gang’s operations Full Text
Abstract
US DHS Cyber Safety Review Board will review attacks linked to the Lapsus$ extortion gang that hit multiple high-profile companies. The Department of Homeland Security (DHS) Cyber Safety Review Board announced that it will review cyberattacks linked...Security Affairs
December 3, 2022
FBI warns about Cuba, no, not that one — the ransomware gang Full Text
Abstract
The Cuba gang has hit more than 100 organizations worldwide, demanding over $145 million in payments and successfully extorting at least $60 million since August, according to a joint FBI and CISA advisory.Cyware
Dec 02, 2022
CISA Warns of Multiple Critical Vulnerabilities Affecting Mitsubishi Electric PLCs Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week released an Industrial Control Systems (ICS) advisory warning of multiple vulnerabilities in Mitsubishi Electric GX Works3 engineering software. "Successful exploitation of these vulnerabilities could allow unauthorized users to gain access to the MELSEC iQ-R/F/L series CPU modules and the MELSEC iQ-R series OPC UA server module or to view and execute programs," the agency said . GX Works3 is an engineering workstation software used in ICS environments, acting as a mechanism for uploading and downloading programs from/to the controller, troubleshooting software and hardware issues, and performing maintenance operations. The wide range of functions also makes them an attractive target for threat actors looking to compromise such systems to commandeer the managed PLCs . Three of the 10 shortcomings relate to cleartext storage of sensitive data, four relate to the use of a hard-coded cryptograpThe Hacker News
December 02, 2022
DHS Cyber Safety Board to review Lapsus$ gang’s hacking tactics Full Text
Abstract
The Department of Homeland Security (DHS) Cyber Safety Review Board will review attacks linked to an extortion group known as Lapsus$, which breached multiple high-profile companies in recent attacks.BleepingComputer
December 01, 2022
FBI: Cuba ransomware raked in $60 million from over 100 victims Full Text
Abstract
The FBI and CISA revealed in a new joint security advisory that the Cuba ransomware gang raked in over $60 million in ransoms as of August 2022 after breaching more than 100 victims worldwide.BleepingComputer
November 29, 2022
Defense Department Releases Zero Trust Strategy Full Text
Abstract
On Nov. 22, the U.S. Department of Defense released their Zero Trust Strategy, a new approach to countering cyberattacks. The new framework employs a “‘never trust, always verify’” mindset, deviating from the Defense Department’s previously used perimeter defense model. The strategy is prompted by the “rapid growth” of offensive cyber threats and aims to fully implement the department-wide model by fiscal year 2027.Lawfare
November 29, 2022
CISA Adds Two Actively Exploited Flaws to its Catalog Full Text
Abstract
The CISA urged users' attention toward a high-severity bug in Oracle Fusion Middleware that is under heavy exploitation by hackers. A hacker could completely take over Access Manager instances by abusing the flaw. The CISA has also added s Google Chrome bug that can be abused to take control of sys ... Read MoreCyware Alerts - Hacker News
November 29, 2022
CISA adds Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
CISA added a critical flaw impacting Oracle Fusion Middleware, tracked as CVE-2021-35587, to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) a critical vulnerability impacting Oracle Fusion...Security Affairs
November 29, 2022
CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical flaw impacting Oracle Fusion Middleware to its Known Exploited Vulnerabilities ( KEV ) Catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2021-35587 , carries a CVSS score of 9.8 and impacts Oracle Access Manager (OAM) versions 11.1.2.3.0, 12.2.1.3.0, and 12.2.1.4.0. Successful exploitation of the remote command execution bug could enable an unauthenticated attacker with network access to completely compromise and take over Access Manager instances. "It may give the attacker access to OAM server, to create any user with any privileges, or just get code execution in the victim's server," Vietnamese security researcher Nguyen Jang ( Janggggg ), who reported the bug alongside peterjson , noted earlier this March. The issue was addressed by Oracle as part of its Critical Patch Update in January 2022. Additional details regarding the natuThe Hacker News
November 28, 2022
US effectively bans imports of Chinese telecoms products Full Text
Abstract
The US Federal Communications Commission (FCC) has barred itself from authorizing the import or sale of Chinese telecoms and video surveillance products from Huawei, ZTE, Hytera Communications, Hikvision, and Dahua, on national security grounds.The Register
November 28, 2022
US bans sales of Huawei, Hikvision, ZTE, and Dahua equipment Full Text
Abstract
The United States government, through the Federal Communications Commission (FCC), has banned the sale of equipment from Chinese telecommunications and video surveillance vendor Huawei, ZTE, Hytera, Hikvision, and Dahua due "unacceptable risks to national security".BleepingComputer
November 28, 2022
Census Bureau disputes Inspector General claim that hacking team gained unauthorized access Full Text
Abstract
The U.S. Census Bureau disputed a report from the Office of Inspector General (OIG) that found the organization vulnerable to cyberattacks, claiming that they knowingly allowed a “red team” of hired hackers to access their systems.The Record
November 27, 2022
US FCC bans the import of electronic equipment from Chinese firms Full Text
Abstract
The U.S. Federal Communications Commission announced it will completely ban the import of electronic equipment from Huawei, ZTE, Hytera, Hikvision, and Dahua. The U.S. Federal Communications Commission (FCC) announced the total ban for telecom and surveillance...Security Affairs
November 26, 2022
U.S. Bans Chinese Telecom Equipment and Surveillance Cameras Over National Security Risk Full Text
Abstract
The U.S. Federal Communications Commission (FCC) formally announced it will no longer authorize electronic equipment from Huawei, ZTE, Hytera, Hikvision, and Dahua, deeming them an "unacceptable" national security threat. All these Chinese telecom and video surveillance companies were previously included in the Covered List as of March 12, 2021. "The FCC is committed to protecting our national security by ensuring that untrustworthy communications equipment is not authorized for use within our borders, and we are continuing that work here," FCC Chairwoman Jessica Rosenworcel said in a Friday order. "These new rules are an important part of our ongoing actions to protect the American people from national security threats involving telecommunications." Pursuant to the ban, Hytera, Hikvision, and Dahua are required to document the safeguards the firms are putting in place on the sale of their devices for government use and surveillance of critical iThe Hacker News
November 25, 2022
UK urges to disconnect Chinese security cameras in government buildings Full Text
Abstract
The British government banned the installation of Chinese-linked security cameras at sensitive facilities due to security risks. Reuters reports that the British government ordered its departments to stop installing Chinese security cameras at sensitive...Security Affairs
November 23, 2022
Meta links U.S. military with covert Facebook influence operation Full Text
Abstract
Meta has removed several accounts on Facebook and Instagram associated with the U.S. military, saying they were used as part of covert influence operations targeting the Middle East and Russia.BleepingComputer
November 22, 2022
How Xi Jinping leveled-up China’s hacking teams Full Text
Abstract
A year after coming to power in 2013, Xi began to prioritize cybersecurity as a matter of government policy, focusing the bureaucracy, universities, and security services on purposefully cultivating talent and funding cybersecurity research.CyberScoop
November 19, 2022
Indian Government Publishes Draft of Digital Personal Data Protection Bill 2022 Full Text
Abstract
The Indian government on Friday released a draft version of the much-awaited data protection regulation, making it the fourth such effort since it was first proposed in July 2018. The Digital Personal Data Protection Bill, 2022 , as it's called, aims to secure personal data, while also seeking users' consent in what the draft claims is "clear and plain language" describing the exact kinds of information that will be collected and for what purpose. The draft is open for public consultation until December 17, 2022. India has over 760 million active internet users, necessitating that data generated and used by online platforms are subject to privacy rules to prevent abuse and increase accountability and trust. "The Bill will establish the comprehensive legal framework governing digital personal data protection in India," the government said . "The Bill provides for the processing of digital personal data in a manner that recognizes the right of inThe Hacker News
November 18, 2022
Australia Unveils Plan to Counter Global Cybercrime Problem Full Text
Abstract
Australia Cyber Security Minister Clare O'Neil announced the formation of the Joint Standing Operation task force, which brings together experts from the Australian Federal Police and the Australian Signals Directorate.Bank Info Security
November 17, 2022
Russia’s cyber personnel has ‘underperformed’ in Ukraine: U.S. Defense official Full Text
Abstract
A senior Pentagon official on Wednesday said that Russia’s cyber personnel “underperformed” during the initial invasion of Ukraine, prompting it to ultimately rely less on digital attacks during the now months-long conflict than was expected.The Record
November 17, 2022
FBI: Hive ransomware extorted $100M from over 1,300 victims Full Text
Abstract
The Federal Bureau of Investigation (FBI) said today that the notorious Hive ransomware gang has successfully extorted roughly $100 million from over a thousand companies since June 2021.BleepingComputer
November 16, 2022
FBI Warns of PC and Tech Support Scams Stealing Huge Sums of Money from Unsuspecting Users Full Text
Abstract
The PSA by the FBI warns that there have been instances across the US recently of scammers posing as service representatives of software company tech support or computer repair services in attempts to trick victims into following instructions.ZDNet
November 14, 2022
CERT-UA warns of multiple Somnia ransomware attacks against organizations in Ukraine Full Text
Abstract
Russian threat actors employed a new ransomware family called Somnia in attacks against multiple organizations in Ukraine. The Government Computer Emergency Response Team of Ukraine CERT-UA is investigating multiple attacks against organizations in Ukraine...Security Affairs
November 14, 2022
Venus Ransomware Targets Healthcare - Warns HHS Full Text
Abstract
The HHS raised an alarm regarding the increased threats on the country's healthcare organizations from the Venus ransomware operators. Officials claimed they are aware of at least one incident of the ransomware infection. Unfortunately, there’s no known data leak site (or maybe there isn’t any) per ... Read MoreCyware Alerts - Hacker News
November 14, 2022
NSA Publishes Guidance on Mitigating Software Memory Safety Issues Full Text
Abstract
Caused by how programs manage or allocate memory, logic errors, incorrect order of operations, or the use of uninitialized variables, software memory safety issues are often exploited for remote code execution (RCE).Security Week
November 14, 2022
CISA warns unpatched Zimbra users to assume breach Full Text
Abstract
Multiple threat actors are launching attacks against unpatched users of Zimbra Collaboration Suite, a business productivity software and email platform, the Cybersecurity and Infrastructure Security Agency said in a warning last Thursday.Cybersecurity Dive
November 12, 2022
CISA Releases Decision Tree Model to Help Companies Prioritize Vulnerability Patching Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) announced the release of a Stakeholder-Specific Vulnerability Categorization (SSVC) guide that can help organizations prioritize vulnerability patching using a decision tree model.Security Week
November 10, 2022
No Cyberattacks Affected US Vote Counting, Officials Say Full Text
Abstract
No instances of digital interference are known to have affected the counting of the midterm vote after a tense Election Day in which officials were closely monitoring domestic and foreign threats.Security Week
November 10, 2022
FBI warns scammers now impersonate refund payment portals Full Text
Abstract
The FBI warns that tech support scammers are now impersonating financial institutions' refund payment portals to harvest victims' sensitive information and add legitimacy.BleepingComputer
November 9, 2022
US Department of Health and Human Services Warns of Iranian Threats to Healthcare Sector Full Text
Abstract
The Department of Health and Human Services' Health Sector Cybersecurity Coordinating Center in a Thursday threat briefing says Tehran-backed hackers often rely on social engineering to penetrate targets that include hospitals.Bank Info Security
November 9, 2022
Pentagon to unveil zero-trust cyber strategy Full Text
Abstract
The U.S. Department of Defense’s zero-trust strategy will be published in the coming days, giving the public a fresh look at its plan to achieve a new level of cybersecurity.C4ISRNET
November 7, 2022
UK NCSC govt agency is scanning the Internet for flawed devices in the UK Full Text
Abstract
The UK National Cyber Security Centre (NCSC) announced that is scanning all Internet-exposed devices hosted in the UK for vulnerabilities. The United Kingdom's National Cyber Security Centre (NCSC) is scanning all Internet-exposed devices hosted in the United...Security Affairs
November 04, 2022
FBI: Hacktivist DDoS attacks had minor impact on critical orgs Full Text
Abstract
The Federal Bureau of Investigation (FBI) said on Friday that distributed denial-of-service (DDoS) attacks coordinated by hacktivist groups have little to no impact.BleepingComputer
November 04, 2022
British govt is scanning all Internet devices hosted in UK Full Text
Abstract
The United Kingdom's National Cyber Security Centre (NCSC), the government agency that leads the country's cyber security mission, is now scanning all Internet-exposed devices hosted in the UK for vulnerabilities.BleepingComputer
November 04, 2022
CISA Warns of Critical Vulnerabilities in 3 Industrial Control System Software Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published three Industrial Control Systems (ICS) advisories about multiple vulnerabilities in software from ETIC Telecom, Nokia, and Delta Industrial Automation. Prominent among them is a set of three flaws affecting ETIC Telecom's Remote Access Server (RAS), which "could allow an attacker to obtain sensitive information and compromise the vulnerable device and other connected machines," CISA said. This includes CVE-2022-3703 (CVSS score: 9.0), a critical flaw that stems from the RAS web portal's inability to verify the authenticity of firmware, thereby making it possible to slip in a rogue package that grants backdoor access to the adversary. Two other flaws relate to a directory traversal bug in the RAS API (CVE-2022-41607, CVSS score: 8.6) and a file upload issue (CVE-2022-40981, CVSS score: 8.3) that can be exploited to read arbitrary files and upload malicious files that can compromise thThe Hacker News
November 3, 2022
US Electric Cooperatives Awarded $15 Million to Expand ICS Security Capabilities Full Text
Abstract
The US Department of Energy has awarded $15 million to the National Rural Electric Cooperative Association (NRECA) in an effort to help electric cooperatives expand their cybersecurity capabilities for industrial control systems (ICS).Security Week
November 02, 2022
U.S. govt employees exposed to mobile attacks from outdated Android, iOS Full Text
Abstract
Roughly half of all Android-based mobile phones used by state and local government employees are running outdated versions of the operating system, exposing them to hundreds of vulnerabilities threat actors can leverage to perform cyberattacks.BleepingComputer
October 31, 2022
NSA shares supply chain security tips for software suppliers Full Text
Abstract
NSA, CISA, and the Office of the Director of National Intelligence (ODNI) have shared a new set of suggested practices that software suppliers (vendors) can follow to secure the supply chain.BleepingComputer
October 27, 2022
German cyber agency warns threat situation is ‘higher than ever’ Full Text
Abstract
Germany’s federal cybersecurity office BSI warned on Tuesday that ransomware, political hacking, and other cybersecurity threats facing the country are “higher than ever.”The Record
October 26, 2022
CISA Seeks Feedback on Baseline Measures to Secure Cloud Configuration Full Text
Abstract
The CISA is inviting public comment—particularly from agencies—on what it’s proposing as the bare minimum set of actions organizations should take to control access to their assets in cloud environments, and how to implement them.Nextgov
October 25, 2022
CISA Warns of Attacks Exploiting Cisco, Gigabyte Vulnerabilities Full Text
Abstract
The Cisco product vulnerabilities both impact the AnyConnect Secure Mobility Client for Windows. They can be exploited by a local, authenticated attacker to execute arbitrary code and copy files to arbitrary locations with elevated privileges.Security Week
October 24, 2022
Cuba ransomware affiliate targets Ukraine, CERT-UA warns Full Text
Abstract
The Ukraine Computer Emergency Response Team (CERT-UA) warns of Cuba Ransomware attacks against critical networks in the country. The Ukraine Computer Emergency Response Team (CERT-UA) warns of potential Cuba Ransomware attacks against local critical...Security Affairs
October 24, 2022
FBI Warns of Iranian Cyber Firm’s Hack-and-Leak Operations Full Text
Abstract
Previously known as Eeleyanet Gostar and Net Peygard Samavat, Emennet Pasargad is an organization that often changes its name to avoid US sanctions, and which is known for providing cybersecurity services to government entities in Iran.Security Week
October 24, 2022
CISA Warns of Daixin Team Hackers Targeting Health Organizations With Ransomware Full Text
Abstract
U.S. cybersecurity and intelligence agencies have published a joint advisory warning of attacks perpetrated by a cybercrime gang known as the Daixin Team primarily targeting the healthcare sector in the country. "The Daixin Team is a ransomware and data extortion group that has targeted the HPH Sector with ransomware and data extortion operations since at least June 2022," the agencies said . The alert was published Friday by the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS). Over the past four months, the group has been linked to multiple ransomware incidents in the Healthcare and Public Health (HPH) sector, encrypting servers related to electronic health records, diagnostics, imaging, and intranet services. It's also said to have exfiltrated personal identifiable information (PII) and patient health information (PHI) as part of a double extortion scheme to seThe Hacker News
October 24, 2022
Norway PM warns of Russia cyber threat to oil and gas industry Full Text
Abstract
Norway ’s prime minister warned last week that Russia poses “a real and serious threat” to the country’s oil and gas industry. Norway ’s prime minister Jonas Gahr Støre warned that Russia poses “a real and serious threat” to the country’s...Security Affairs
October 22, 2022
Daixin Team targets health organizations with ransomware, US agencies warn Full Text
Abstract
US government agencies warned that the Daixin Team cybercrime group is actively targeting the U.S. Healthcare and Public Health sector with ransomware. CISA, the FBI, and the Department of Health and Human Services (HHS) warned that the Daixin Team...Security Affairs
October 21, 2022
US govt warns of Daixin Team targeting health orgs with ransomware Full Text
Abstract
CISA, the FBI, and the Department of Health and Human Services (HHS) warned that a cybercrime group known as Daixin Team is actively targeting the U.S. Healthcare and Public Health (HPH) Sector sector in ransomware attacks.BleepingComputer
October 21, 2022
CISA adds Linux kernel flaw CVE-2021-3493 to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
CISA added a Linux kernel vulnerability, tracked as CVE-2021-3493, to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week added a Linux kernel vulnerability, tracked...Security Affairs
October 21, 2022
A Quick Look at the “Strengthening America’s Cybersecurity” Initiative Full Text
Abstract
Acknowledging that you have a problem is the first step to addressing the problem in a serious way. This seems to be the reasoning for the White House recently announcing its "Strengthening America's Cybersecurity" initiative. The text of the announcement contains several statements that anyone who's ever read about cybersecurity will have heard many times over: increasing resilience, greater awareness, countering ransomware attacks – the list goes on. There are some novel aspects to the text as well, including a realization that cybersecurity is not, has never been, and will never be something that can be solved at the nation-state level. The White House also pointed to IoT warning labels as a solution – and reminded us all (and we do need reminding) about the importance of cybersecurity education. Let's take a look. International cooperation is critical A key point that the White House statement makes very clear is that cyberattacks are asymmetric in theThe Hacker News
October 20, 2022
Biden Administration Issues New Cybersecurity Requirements for Rail Operators Full Text
Abstract
The new directive from the Transportation Security Administration requires rail companies to report hacking incidents to the Department of Homeland Security and to have a plan to keep a cybersecurity incident from hampering their operations.CNN Money
October 20, 2022
FBI Warning: Beware of Student Loan Forgiveness Scammers Full Text
Abstract
The scam the FBI is warning about involves cybercriminals and fraudsters purporting to provide entrance to the Federal Student Loan Forgiveness program. Fraudsters could contact potential victims via phone, email, text, websites, or chat services.ZDNet
October 19, 2022
CISA Warns of Critical Flaws Affecting Industrial Appliances from Advantech and Hitachi Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday released two Industrial Control Systems (ICS) advisories pertaining to severe flaws in Advantech R-SeeNet and Hitachi Energy APM Edge appliances. This consists of three weaknesses in the R-SeeNet monitoring solution, successful exploitation of which "could result in an unauthorized attacker remotely deleting files on the system or allowing remote code execution." The list of issues, which affect R-SeeNet Versions 2.4.17 and prior, is as follows - CVE-2022-3385 and CVE-2022-3386 (CVSS scores: 9.8) - Two stack-based buffer overflow flaws that could lead to remote code execution CVE-2022-3387 (CVSS score: 6.5) - A path traversal flaw that could enable a remote attacker to delete arbitrary PDF files Patches have been made available in version R-SeeNet version 2.4.21 released on September 30, 2022. Also published by CISA is an update to a December 2021 advisory about multiple flaws in HitacThe Hacker News
October 18, 2022
FBI: Scammers likely to target US Student Loan Debt Relief applicants Full Text
Abstract
The FBI has released a warning that scammers may be targeting individuals seeking to enroll in the Federal Student Aid program to steal their personal information, payment details, and money.BleepingComputer
October 14, 2022
CISA releases open-source ‘RedEye’ C2 log visualization tool Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security (CISA) agency has announced RedEye, an open-source analytic tool for operators to visualize and report command and control (C2) activity.BleepingComputer
October 14, 2022
Cobalt Strike Infections Haunt Healthcare - Warns HHS Full Text
Abstract
Tens of thousands of organizations each year are now affected by a hack involving Cobalt Strike, warned HHS. Apart from using Cobalt Strike, threat actors are using PowerShell, Mimikatz, Sysinternals, Brute Ratel, and Anydesk against healthcare facilities. State-sponsored threat actors, mostly the ... Read MoreCyware Alerts - Hacker News
October 11, 2022
Feds Warn Healthcare Over Cobalt Strike Infections Full Text
Abstract
Cobalt Strike, whose legitimate user base consists of white hat hackers, is being abused "with increasing frequency" against many industries, including the healthcare and public health sector, by ransomware gangs and various APT groups, HC3 writes.Bank Info Security
October 11, 2022
UK Spy Chief to Warn of ‘Huge’ China Tech Threat Full Text
Abstract
Britain's GCHQ spy agency chief will warn Western countries Tuesday of the "huge threat" from China seeking to exploit its tech dominance to control its own citizens and gain influence abroad.Security Week
October 10, 2022
The head of the Federal Cyber Security Authority (BSI) faces dismissal Full Text
Abstract
The German Interior Minister wants to dismiss the head of the Federal Cyber Security Authority (BSI), Arne Schoenbohm, due to possible contacts with Russian security services. German Interior Minister Nancy Faeser wants to dismiss the head of the Federal...Security Affairs
October 06, 2022
FBI warns of disinformation threats before 2022 midterm elections Full Text
Abstract
The Federal Bureau of Investigation (FBI) warned today of foreign influence operations that might spread disinformation to affect the results of this year's midterm elections.BleepingComputer
October 06, 2022
US govt shares top flaws exploited by Chinese hackers since 2020 Full Text
Abstract
NSA, CISA, and the FBI revealed today the top security vulnerabilities most exploited by hackers backed by the People's Republic of China (PRC) to target U.S. government and critical infrastructure networks.BleepingComputer
October 6, 2022
Maryland Adds Directors of State, Local Cybersecurity Full Text
Abstract
Maryland added two new high-level cyber roles to the roster, appointing a director of state cybersecurity and director of local cybersecurity, the governor’s office announced. Both positions are part of the IT department and report to the state CISO.Government Technology
October 05, 2022
FBI: Cyberattacks targeting election systems unlikely to affect results Full Text
Abstract
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) in a public service announcement says that cyber activity attempting to compromise election infrastructure is unlikely to cause a massive disruption or prevent voting.BleepingComputer
October 05, 2022
FBI, CISA, and NSA Reveal How Hackers Targeted a Defense Industrial Base Organization Full Text
Abstract
U.S. cybersecurity and intelligence agencies on Tuesday disclosed that multiple nation-state hacking groups potentially targeted a "Defense Industrial Base (DIB) Sector organization's enterprise network" as part of a cyber espionage campaign. "[Advanced persistent threat] actors used an open-source toolkit called Impacket to gain their foothold within the environment and further compromise the network, and also used a custom data exfiltration tool, CovalentStealer, to steal the victim's sensitive data," the authorities said . The joint advisory , which was authored by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA), said the adversaries likely had long-term access to the compromised environment. The findings are the result of CISA's incident response efforts in collaboration with a trusted third-party security firm from November 2021 through January 20The Hacker News
October 04, 2022
US Govt: Hackers stole data from US defense org using new malware Full Text
Abstract
The U.S. Government today released an alert about state-backed hackers using a custom CovalentStealer malware and the Impacket framework to steal sensitive data from a U.S. organization in the Defense Industrial Base (DIB) sector.BleepingComputer
October 04, 2022
FBI warns of “Pig Butchering” cryptocurrency investment schemes Full Text
Abstract
The Federal Bureau of Investigation (FBI) warns of a rise in 'Pig Butchering' cryptocurrency scams used to steal ever-increasing amounts of crypto from unsuspecting investors.BleepingComputer
October 04, 2022
CISA Orders Federal Agencies to Regularly Track Network Assets and Vulnerabilities Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new Binding Operational Directive (BOD) that directs federal agencies in the country to keep track of assets and vulnerabilities on their networks six months from now. To that end, Federal Civilian Executive Branch (FCEB) enterprises have been tasked with two sets of activities: Asset discovery and vulnerability enumeration, which are seen as essential steps to gain "greater visibility into risks facing federal civilian networks." This involves carrying out automated asset discovery every seven days and initiating vulnerability enumeration across those discovered assets every 14 days by April 3, 2023, in addition to having the capabilities to do so on an on-demand basis within 72 hours of receiving a request from CISA. Similar baseline vulnerability enumeration obligations have also been put in place for Android and iOS devices as well as other devices that reside outside of agency on-premiseThe Hacker News
October 3, 2022
Finnish intelligence warns of Russia’s cyberespionage activities Full Text
Abstract
The Finnish Security Intelligence Service (Suojelupoliisi or SUPO) warns of a highly likely intensification of cyberespionage activities conducted by Russia-linked threat actors over the winter.Security Affairs
October 3, 2022
Finnish intelligence warns of Russia’s cyberespionage activities Full Text
Abstract
The Finnish Security Intelligence Service (SUPO) warns Russia will highly likely intensify its cyber activity over the winter. The Finnish Security Intelligence Service (Suojelupoliisi or SUPO) warn of a highly likely intensification of cyberespionage...Security Affairs
October 02, 2022
Russians dodging mobilization behind flourishing scam market Full Text
Abstract
Ever since Russian president Vladimir Putin ordered partial mobilization after facing setbacks on the Ukrainian front, men in Russia and the state's conscript officers are playing a 'cat and mouse' game involving technology and cybercrime services.BleepingComputer
October 01, 2022
CISA Warns of Hackers Exploiting Critical Atlassian Bitbucket Server Vulnerability Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed critical flaw impacting Atlassian's Bitbucket Server and Data Center to the Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active exploitation. Tracked as CVE-2022-36804 , the issue relates to a command injection vulnerability that could allow malicious actors to gain arbitrary code execution on susceptible installations by sending a specially crafted HTTP request. Successful exploitation, however, banks on the prerequisite that the attacker already has access to a public repository or possesses read permissions to a private Bitbucket repository. "All versions of Bitbucket Server and Datacenter released after 6.10.17 including 7.0.0 and newer are affected, this means that all instances that are running any versions between 7.0.0 and 8.3.0 inclusive are affected by this vulnerability," Atlassian noted in a late August 2022 advisory. CISA didThe Hacker News
October 1, 2022
CISA adds Atlassian Bitbucket Server flaw to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
CISA added a recently disclosed flaw in Atlassian Bitbucket Server, tracked as CVE-2022-36804, to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week added a recently disclosed...Security Affairs
September 30, 2022
CISA: Hackers exploit critical Bitbucket Server flaw in attacks Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) has added three more security flaws to its list of bugs exploited in attacks, including a Bitbucket Server RCE and two Microsoft Exchange zero-days.BleepingComputer
September 30, 2022
US DoD announced the results of the Hack US bug bounty challenge Full Text
Abstract
The US Department of Defense (DoD) shared the results of the Hack US bug bounty program that took place in July. On July 4, 2022, the US Department of Defense (DoD) and HackerOne started the Hack US, a one-week bug bounty challenge, which...Security Affairs
September 28, 2022
IRS warns Americans of massive rise in SMS phishing attacks Full Text
Abstract
The Internal Revenue Service (IRS) warned Americans of an exponential rise in IRS-themed text message phishing attacks trying to steal their financial and personal information in the last few weeks.BleepingComputer
September 28, 2022
EU’s cybersecurity agency chief warns to keep guard up Full Text
Abstract
While there has been no radical change in cyber threats since the beginning of the war in Ukraine, attacks have become more intense and sophisticated, said Juhan Lepassaar, executive director of the EU cybersecurity agency, ENISA, on Monday.Euractiv
September 27, 2022
Ukraine Says Russia Planning Massive Cyberattacks on its Critical Infrastructures Full Text
Abstract
The Ukrainian government on Monday warned of "massive cyberattacks" by Russia targeting critical infrastructure facilities located in the country and that of its allies. The attacks are said to be targeting the energy sector, the Main Directorate of Intelligence of the Ministry of Defense of Ukraine (GUR) said. "By the cyberattacks, the enemy will try to increase the effect of missile strikes on electricity supply facilities, primarily in the eastern and southern regions of Ukraine," the agency said in a brief advisory. GUR also cautioned of intensified distributed denial-of-service (DDoS) attacks aimed at the critical infrastructure of Ukraine's closest allies, chiefly Poland and the Baltic states of Estonia, Latvia, and Lithuania. It's not immediately clear what prompted the intelligence agency to issue the notice, but Ukraine has been at the receiving end of disruptive and destructive cyberattacks since the onset of the Russo-Ukrainian war earliThe Hacker News
September 27, 2022
Ukraine warns of ‘massive cyberattacks’ coming from Russia on critical infrastructure sites Full Text
Abstract
The Russian government is planning “massive cyberattacks” against Ukrainian critical infrastructure facilities to “increase the effect of missile strikes on electrical supply facilities,” the Ukrainian government said Monday.CyberScoop
September 26, 2022
Russia prepares massive cyberattacks on the critical infrastructure of Ukraine and its allies Full Text
Abstract
The Ukrainian military intelligence warns that Russia is planning to escalate cyberattacks targeting Ukraine and Western allies. The Main Directorate of Intelligence of the Ministry of Defence of Ukraine (HUR MO) warns that Russia is planning to escalate...Security Affairs
September 26, 2022
Ukraine warns allies of Russian plans to escalate cyberattacks Full Text
Abstract
The Ukrainian military intelligence service warned today that Russia is planning "massive cyber-attacks" targeting the critical infrastructure of Ukraine and its allies.BleepingComputer
September 24, 2022
Iranian State Actors Conduct Cyber Operations Against the Government of Albania Full Text
Abstract
In July 2022, Iranian state cyber actors—identifying as “HomeLand Justice”—launched a destructive cyber attack against the Government of Albania which rendered websites and services unavailable.US CERT
September 23, 2022
CISA adds Zoho ManageEngine flaw to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
CISA added a security flaw in Zoho ManageEngine, tracked as CVE-2022-35405, to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a recently disclosed security flaw in Zoho ManageEngine,...Security Affairs
September 23, 2022
CISA Warns of Hackers Exploiting Recent Zoho ManageEngine Vulnerability Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a recently disclosed security flaw in Zoho ManageEngine to its Known Exploited Vulnerabilities ( KEV ) Catalog, citing evidence of active exploitation. "Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus contain an unspecified vulnerability which allows for remote code execution," the agency said in a notice. The critical vulnerability , tracked as CVE-2022-35405 , is rated 9.8 out of 10 for severity on the CVSS scoring system, and was patched by Zoho as part of updates released on June 24, 2022. Although the exact nature of the flaw remains unknown, the India-based enterprise solutions company said it addressed the issue by removing the vulnerable components that could lead to the remote execution of arbitrary code. Zoho has also warned of the public availability of a proof-of-concept (PoC) exploit for the vulnerability, making it imperative that customers moveThe Hacker News
September 22, 2022
CISA warns of critical ManageEngine RCE bug used in attacks Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical severity Java deserialization vulnerability affecting multiple Zoho ManageEngine products to its catalog of bugs exploited in the wild.BleepingComputer
September 22, 2022
NSA shares guidance to help secure OT/ICS critical infrastructure Full Text
Abstract
The National Security Agency (NSA) and CISA have issued guidance on how to secure operational technology (OT) and industrial control systems (ICSs) part of U.S. critical infrastructure.BleepingComputer
September 22, 2022
Malaysia: Cyber security awareness master plan to be ready in 2023, says NSC Full Text
Abstract
The cyber security awareness master plan is expected to be completed next year as the primary reference in the implementation of cyber security awareness programs at the national level, says the National Security Council (NSC).The Star
September 21, 2022
India: CERT-In warns of vulnerabilities in Zoom Full Text
Abstract
The cyber security agency said that vulnerabilities can be exploited by a remote attacker to join meetings they are authorized to join without appearing to other participants.The Times Of India
September 21, 2022
U.S. gov adds more Chinese Telecom firms to the Covered List Full Text
Abstract
The U.S. Federal Communications Commission (FCC) has added more Chinese telecom firms to the Covered List. The U.S. Federal Communications Commission (FCC) has added Pacific Network Corp, ComNet (USA) LLC, and China Unicom (Americas) Operations Limited,...Security Affairs
September 21, 2022
FBI: Iranian hackers lurked in Albania’s govt network for 14 months Full Text
Abstract
The Federal Bureau of Investigation (FBI) and CISA said that one of the Iranian threat groups behind the destructive attack on the Albanian government's network in July lurked inside its systems for roughly 14 months.BleepingComputer
September 21, 2022
U.S. Adds 2 More Chinese Telecom Firms to National Security Threat List Full Text
Abstract
The U.S. Federal Communications Commission (FCC) has added Pacific Network Corp, along with its subsidiary ComNet (USA) LLC, and China Unicom (Americas) Operations Limited, to the list of communications equipment and services that have been deemed a threat to national security. The agency said the companies are subject to the Chinese government's exploitation, influence, and control, and could be forced to comply with requests for intercepting and misrouting communications, without the ability to challenge such requests. The Public Safety and Homeland Security Bureau further noted that equipment and services from ComNet and China Unicom could present an opportunity for the Chinese government to carry out espionage operations and gather intelligence against the U.S. Alternatively, they could also provide the Chinese government with a strategic capability to "target, collect, alter, block, and reroute network traffic." China Unicom also earned a place on the list foThe Hacker News
September 21, 2022
Cyberspace Solarium Commission members push to advance remaining recommendations Full Text
Abstract
A new report released Wednesday shows the Cyberspace Solarium Commission is on track to have 85% of all of its recommendations implemented with the remaining either facing some hurdles or “significant barriers.”CyberScoop
September 20, 2022
CISA Plans to Measure the Effect of Coming Standards on Industry’s Cybersecurity Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency will spend the next three years measuring the success of the government’s effort to protect both publicly and privately controlled critical infrastructure from cyberattacks.Nextgov
September 20, 2022
US government rejects ransom payment ban to spur disclosure Full Text
Abstract
Ultimately, U.S. officials decided against an outright ban, Anne Neuberger, deputy national security advisor for cyber and emerging technology on the National Security Council, said earlier this month at the Code Conference.Cybersecurity Dive
September 19, 2022
India: CERT-In issues advisory of ‘Best Practices’ to protect against online fraud while using smartphones Full Text
Abstract
The advisory asks users to be cautious while downloading applications. It can be harmful to download apps from sources other than the official app stores only; Google Play Store and App Store.Hindustan Times
September 17, 2022
CISA adds Stuxnet bug to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds new vulnerabilities to its Known Exploited Vulnerabilities Catalog, including the bug used in the Stuxnet attacks. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)...Security Affairs
September 16, 2022
Biden admin launches $1B cyber grant program for state, local governments Full Text
Abstract
The Biden administration on Friday launched a long-awaited federal cybersecurity grant program that will funnel up to $1 billion to state and local governments to upgrade their digital defenses.The Record
September 16, 2022
White House gives U.S. agencies 90 days to create inventory of all software Full Text
Abstract
Now that NIST has finished creating its guidance, the OMB wants all agencies to implement it for any third-party software used with an organization’s computer systems. The rules do not apply to software developed by agencies themselves.The Record
September 16, 2022
CISA orders agencies to patch vulnerability used in Stuxnet attacks Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added half a dozen vulnerabilities to its catalog of Known Exploited Vulnerabilities and is ordering federal agencies to follow vendor's instructions to fix them.BleepingComputer
September 16, 2022
CISA Sets Strategic Plan for 2023-2025, Eyes Unity of Efforts Full Text
Abstract
The first three goals in the plan focus on how the agency will “reduce risk and build resilience to cyber and physical threats,” while the fourth goal pledges an internal focus to unify as “One CISA.”Meritalk
September 15, 2022
FBI: Millions in Losses resulted from attacks against Healthcare payment processors Full Text
Abstract
The FBI has issued an alert about threat actors targeting healthcare payment processors in an attempt to hijack the payments. The Federal Bureau of Investigation (FBI) has issued an alert about cyber attacks against healthcare payment processors to redirect...Security Affairs
September 14, 2022
FBI: Hackers steal millions from healthcare payment processors Full Text
Abstract
The Federal Bureau of Investigation (FBI) has issued an alert about hackers targeting healthcare payment processors to route payments to bank accounts controlled by the attacker.BleepingComputer
September 14, 2022
CISA added 2 more security flaws to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
CISA added more security flaws to its Known Exploited Vulnerabilities Catalog, including Windows and iOS flaws. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added 2 new vulnerabilities to its Known Exploited Vulnerabilities...Security Affairs
September 14, 2022
Twitter former head of security told the Senate of severe security failings by the company Full Text
Abstract
Twitter whistleblower, and former head of security, Peiter Zatko, told the US Congress that the platform ignored his security concerns. Peiter ‘Mudge’ Zatko, former head of security, testified in front of Congress on Tuesday, sustaining that...Security Affairs
September 14, 2022
CISA Requests Input on Terms Already Defined by Incident Reporting Law Full Text
Abstract
The CISA is casting the widest net possible to get feedback for its implementation of the Cyber Incident Reporting for Critical Infrastructure Act, asking stakeholders to opine on the most basic of terms used in the legislation.Nextgov
September 14, 2022
CISA orders agencies to patch Windows, iOS bugs used in attacks Full Text
Abstract
CISA added two new vulnerabilities to its list of security bugs exploited in the wild today, including a Windows privilege escalation vulnerability and an arbitrary code execution flaw affecting iPhones and Macs.BleepingComputer
September 14, 2022
US govt sanctions ten Iranians linked to ransomware attacks Full Text
Abstract
The Treasury Department's Office of Foreign Assets Control (OFAC) announced sanctions today against ten individuals and two entities affiliated with Iran's Islamic Revolutionary Guard Corps (IRGC) for their involvement in ransomware attacks.BleepingComputer
September 13, 2022
FBI warns of vulnerabilities in medical devices following several CISA alerts Full Text
Abstract
“Cyber threat actors exploiting medical device vulnerabilities adversely impact healthcare facilities’ operational functions, patient safety, data confidentiality, and data integrity,” the alert said.The Record
September 13, 2022
CISA launches solicitation for public feedback on incident reporting rule Full Text
Abstract
CISA also will hold a series of listening sessions across the country in the coming months to collect additional input, with events slated in cities like Oakland, Boston, Atlanta, and Chicago.The Record
September 13, 2022
FCC proposes cybersecurity changes to emergency alert system Full Text
Abstract
FCC chairwoman Jessica Rosenworcel has proposed several changes to the U.S. Emergency Alert System (EAS) and Wireless Emergency Alerts designed to beef up the cybersecurity of the systems following the discovery of vulnerabilities last month.The Record
September 10, 2022
U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania Full Text
Abstract
The U.S. Treasury Department on Friday announced sanctions against Iran's Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence, Esmaeil Khatib, for engaging in cyber-enabled activities against the nation and its allies. "Since at least 2007, the MOIS and its cyber actor proxies have conducted malicious cyber operations targeting a range of government and private-sector organizations around the world and across various critical infrastructure sectors," the Treasury said . The agency also accused Iranian state-sponsored actors of staging disruptive attacks aimed at Albanian government computer systems in mid-July 2022, an incident that forced the latter to temporarily suspend its online services. The development comes months nearly nine months after the U.S. Cyber Command characterized the advanced persistent threat (APT) known as MuddyWater as a subordinate element within MOIS. It also comes almost two years following the Treasury's saThe Hacker News
September 9, 2022
US Treasury sanctioned Iran ’s Ministry of Intelligence over Albania cyberattack Full Text
Abstract
The U.S. Treasury Department sanctioned Iran 's Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence over the Albania cyberattack. The U.S. Treasury Department announced sanctions against Iran 's Ministry of Intelligence and Security...Security Affairs
September 09, 2022
US sanctions Iran’s Ministry of Intelligence over Albania cyberattack Full Text
Abstract
The U.S. Treasury Department announced sanctions today against Iran's Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence for their role in the July cyberattack against the government of Albania, a U.S. ally and a NATO member state.BleepingComputer
September 9, 2022
Traffic Safety Agency Issues Final Guidelines for Vehicle Cybersecurity Full Text
Abstract
The National Highway Traffic Safety Administration will announce its final cybersecurity guidelines draft Friday as modern vehicles become more technologically integrated.Nextgov
September 8, 2022
CISA adds 12 new flaws to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
CISA added 12 more security flaws to its Known Exploited Vulnerabilities Catalog including four D-Link vulnerabilities. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added 12 new vulnerabilities to its Known Exploited Vulnerabilities...Security Affairs
September 8, 2022
India: SEBI rejigs panel on cyber security, expands to six members Full Text
Abstract
Notably, the high-powered steering committee has been entrusted with the task of overseeing and providing overall guidance on cyber security initiatives for SEBI as well as for the entire capital market.Live Mint
September 08, 2022
CISA orders agencies to patch Chrome, D-Link flaws used in attacks Full Text
Abstract
CISA has added 12 more security flaws to its list of bugs exploited in attacks, including two critical D-Link vulnerabilities and two (now-patched) zero-days in Google Chrome and the Photo Station QNAP software.BleepingComputer
September 08, 2022
Chinese Hackers Target Government Officials in Europe, South America, and Middle East Full Text
Abstract
A Chinese hacking group has been attributed to a new campaign aimed at infecting government officials in Europe, the Middle East, and South America with a modular malware known as PlugX. Cybersecurity firm Secureworks said it identified the intrusions in June and July 2022, once again demonstrating the adversary's continued focus on espionage against governments around the world. "PlugX is modular malware that contacts a command and control (C2) server for tasking and can download additional plugins to enhance its capability beyond basic information gathering," Secureworks Counter Threat Unit (CTU) said in a report shared with The Hacker News. Bronze President is a China-based threat actor active since at least July 2018 and is likely estimated to be a state-sponsored group that leverages a mix of proprietary and publicly available tools to compromise and collect data from its targets. It's also publicly documented under other names such as HoneyMyte, Mustang PThe Hacker News
September 8, 2022
Albania interrupted diplomatic ties with Iran over the mid-July attack Full Text
Abstract
Albania interrupted diplomatic ties with Iran and expelled the country’s embassy staff over the mid-July attack. Albanian Prime Minister Edi Rama announced that Albania interrupted diplomatic ties with Iran and expelled the country’s embassy staff...Security Affairs
September 06, 2022
FBI warns of Vice Society ransomware attacks on school districts Full Text
Abstract
FBI, CISA, and MS-ISAC warned today of U.S. school districts being increasingly targeted by the Vice Society ransomware group, with more attacks expected after the new school year start.BleepingComputer
September 6, 2022
China accuses the US of cyberattacks Full Text
Abstract
China accuses the United States of conducting tens of thousands of cyberattacks on its country, including cyberespionage campaigns. The Government of Beijing accused the United States of launching tens of thousands of cyberattacks on China. The attacks...Security Affairs
September 5, 2022
Election Officials Have Been Largely Successful in Deterring Cyber Threats, CISA Official Says Full Text
Abstract
The head of CISA’s National Risk Management Center pointed to public-private partnerships and enhanced resource-sharing activities as key to defending against outside threats to voting systems.Nextgov
September 2, 2022
FBI: Crooks stole $1b+ in cryptocurrency already this year Full Text
Abstract
The FBI has urged people to be cautious and heavily research a DeFi – decentralized finance – provider before putting your money into it, after more than a billion dollars was stolen from these providers in three months.The Register
September 01, 2022
NSA and CISA share tips to secure the software supply chain Full Text
Abstract
The U.S. National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released guidance today with tips on how to secure the software supply chain.BleepingComputer
September 1, 2022
FBI is helping Montenegro in investigating the ongoing cyberattack Full Text
Abstract
A team of cybersecurity experts from the US FBI will help the authorities in Montenegro to investigate the recent massive cyberattack. A team of cybersecurity experts from the FBI is heading to Montenegro to help local authorities in investigating...Security Affairs
September 1, 2022
US Army to create new offensive cyber and space program office Full Text
Abstract
The new colonel-led, or O-6 level, program office will be under Program Executive Office Intelligence Electronic Warfare and Sensors and will be aptly called Program Manager Cyber and Space, officials told reporters on Tuesday.Fed Scoop
August 30, 2022
FBI Warns Investors to Take Precautions with Decentralized Financial Platforms Full Text
Abstract
The U.S. Federal Bureau of Investigation (FBI) on Monday warned of cyber criminals increasingly exploiting flaws in decentralized finance (DeFi) platforms to plunder cryptocurrency. "The FBI has observed cyber criminals exploiting vulnerabilities in the smart contracts governing DeFi platforms to steal investors' cryptocurrency," the agency said in a notification. Attackers are said to have used different methods to hack and steal cryptocurrency from DeFi platforms, including initiating flash loans that trigger exploits in the platforms' smart contracts and exploiting signature verification flaws in their token bridge to withdraw all investments. The agency has also observed criminals defrauding the platforms by manipulating cryptocurrency price pairs – assets that can be traded for each other on an exchange – by exploiting a series of vulnerabilities to bypass slippage checks and steal roughly $35 million in digital funds. It further said that the threat acThe Hacker News
August 30, 2022
Australia Invests AU$9.9 Billion in Cybersecurity Full Text
Abstract
According to the REDSPICE Blueprint, the purpose of the initiative is to build on Australia’s strong cybersecurity foundation by expanding the range and sophistication of the country’s intelligence and offensive and defensive cyber capabilities.Security Intelligence
August 29, 2022
FBI: Hackers increasingly exploit DeFi bugs to steal cryptocurrency Full Text
Abstract
The U.S. Federal Bureau of Investigation (FBI) is warning investors that cyber criminals increasingly exploiting security vulnerabilities in Decentralized Finance (DeFi) platforms to steal cryptocurrency.BleepingComputer
August 29, 2022
U.S. and Israel Strengthen Cybersecurity Partnership Full Text
Abstract
Treasury and Israel’s Ministry of Finance have maintained a partnership in cybersecurity matters since 2021 through a bilateral task force to help protect the financial sector.Nextgov
August 29, 2022
CISA adds 10 new flaws to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added 10 new flaws to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added 10 new vulnerabilities to its Known Exploited...Security Affairs
August 29, 2022
CISA Adds 10 New Known Actively Exploited Vulnerabilities to its Catalog Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added 10 new actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , including a high-severity security flaw affecting industrial automation software from Delta Electronics. The issue, tracked as CVE-2021-38406 (CVSS score: 7.8), impacts DOPSoft 2 versions 2.00.07 and prior. A successful exploitation of the flaw may lead to arbitrary code execution. "Delta Electronics DOPSoft 2 lacks proper validation of user-supplied data when parsing specific project files (improper input validation) resulting in an out-of-bounds write that allows for code execution," CISA said in an alert. It's worth noting that CVE-2021-38406 was originally disclosed as part of an industrial control systems (ICS) advisory published in September 2021. However, there are no patches that address the vulnerability, with CISA noting that the "impacted product is end-of-life and shoulThe Hacker News
August 27, 2022
CISA: Prepare now for quantum computers, not when hackers use them Full Text
Abstract
Although quantum computing is not commercially available, CISA (Cybersecurity and Infrastructure Security Agency) urges organizations to prepare for the dawn of this new age, which is expected to bring groundbreaking changes in cryptography, and how we protect our secrets.BleepingComputer
August 26, 2022
CISA Warns of Vulnerability in Delta Electronics ICS Software Exploited in Attacks Full Text
Abstract
A vulnerability affecting industrial automation software from Delta Electronics appears to have been exploited in attacks, and the US CISA is urging organizations to take action as soon as possible.Security Week
August 25, 2022
U.S. Government Spending Billions on Cybersecurity Full Text
Abstract
In recent months, the House of Representatives has been hard at work drafting various spending bills for the 2023 fiscal year. While these bills provide funding for a vast array of government programs and agencies, there was one thing that really stands out. Collectively, the bills that are making their way through the house allocate a staggering $15.6 billion to cybersecurity spending . As you could probably guess, the lion's share of this spending ($11.2 billion) is being allocated to the Department of Defense. It is worth noting, however, that nearly $3 billion is going to the Cyber Security and Infrastructure Security Agency (CISA). Although it may be tempting to think of these cybersecurity budget allocations as just another example of excessive government spending, it's worth considering what a $15.6 billion cash infusion will mean for the IT security industry. It's equally important to consider why the US government finds it necessary to ramp up its cybersecurityThe Hacker News
August 23, 2022
CISA adds Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
US Cybersecurity and Infrastructure Security Agency (CISA) added a flaw, tracked as CVE-2022-0028, affecting Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities Catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA)...Security Affairs
August 22, 2022
CISA is warning of high-severity PAN-OS DDoS flaw used in attacks Full Text
Abstract
A recent vulnerability found in Palo Alto Networks' PAN-OS has been added to the catalog of Known Exploitable Vulnerabilities from the U.S. Cybersecurity and Infrastructure Security Agency (CISA).BleepingComputer
August 22, 2022
FBI warns of residential proxies used in credential stuffing attacks Full Text
Abstract
The Federal Bureau of Investigation (FBI) warns of a rising trend of cybercriminals using residential proxies to conduct large-scale credential stuffing attacks without being tracked, flagged, or blocked.BleepingComputer
August 22, 2022
U.S. Cyber Command deploys defensive operators to Croatia to hunt for malicious cyber activity Full Text
Abstract
“This kind of partnership in cybersecurity is essential in today’s world as it expands our reach and capabilities,” said Director of the Croatian Security and Intelligence Agency Daniel Marki?.Help Net Security
August 20, 2022
CISA Adds 7 New Actively Exploited Vulnerabilities to Catalog Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday moved to add a critical SAP security flaw to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. The issue in question is CVE-2022-22536 , which has received the highest possible risk score of 10.0 on the CVSS vulnerability scoring system and was addressed by SAP as part of its Patch Tuesday updates for February 2022. Described as an HTTP request smuggling vulnerability, the shortcoming impacts the following product versions - SAP Web Dispatcher (Versions - 7.49, 7.53, 7.77, 7.81, 7.85, 7.22EXT, 7.86, 7.87) SAP Content Server (Version - 7.53) SAP NetWeaver and ABAP Platform (Versions - KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT, 7.49) "An unauthenticated attacker can prepend a victim's request with arbitrary data, allowing for function execution impersonating the victimThe Hacker News
August 20, 2022
CISA added 7 new flaws to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added 7 new flaws to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week added seven new flaws to its Known Exploited...Security Affairs
August 20, 2022
FBI Warns of Proxies and Configurations Used in Credential Stuffing Attacks Full Text
Abstract
The Federal Bureau of Investigation (FBI) has raised an alarm for cybercriminals using proxies and configurations to hide and automate credential stuffing attacks against companies in the United States.Security Week
August 19, 2022
CISA added SAP flaw to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
US CISA added a critical SAP flaw to its Known Exploited Vulnerabilities Catalog after its details were disclosed at the Black Hat and Def Con conferences. The US Cybersecurity and Infrastructure Security Agency (CISA) added a critical SAP vulnerability,...Security Affairs
August 19, 2022
CISA adds 7 vulnerabilities to list of bugs exploited by hackers Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added seven vulnerabilities to its list of bugs actively exploited by hackers, with the new flaws disclosed by Apple. Microsoft, SAP, and Google.BleepingComputer
August 19, 2022
S. Korea, US Agree to Upgrade Cyber Cooperation, Regularize Cyber Exercises Full Text
Abstract
Both sides discussed recent cyber threats, countermeasures and ways to develop cyber cooperation between Seoul and Washington. The cyber commands also signed a memorandum of understanding on “cooperation and development in cyberspace operations.Korea Herald
August 14, 2022
CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI are warning of Zeppelin ransomware attacks. The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have published a joint...Security Affairs
August 11, 2022
FBI: Zeppelin ransomware may encrypt devices multiple times in attacks Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned US organizations today that attackers deploying Zeppelin ransomware might encrypt their files multiple times.BleepingComputer
August 10, 2022
CISA adds UnRAR and Windows flaws to Known Exploited Vulnerabilities Catalog Full Text
Abstract
US Critical Infrastructure Security Agency (CISA) adds vulnerabilities in the UnRAR utility to its Known Exploited Vulnerabilities Catalog. The Cybersecurity & Infrastructure Security Agency (CISA) has added a recently disclosed security flaw,...Security Affairs
August 09, 2022
CISA Issues Warning on Active Exploitation of UnRAR Software for Linux Systems Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw in the UnRAR utility to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. Tracked as CVE-2022-30333 (CVSS score: 7.5), the issue concerns a path traversal vulnerability in the Unix versions of UnRAR that can be triggered upon extracting a maliciously crafted RAR archive. This means that an adversary could exploit the flaw to drop arbitrary files on a target system that has the utility installed simply by decompressing the file. The vulnerability was revealed by SonarSource researcher Simon Scannell in late June. "RARLAB UnRAR on Linux and UNIX contains a directory traversal vulnerability, allowing an attacker to write to files during an extract (unpack) operation," the agency said in an advisory. Not much is known about the nature of the attacks, but the disclosure is evidence of a growing trend wherein threat actoThe Hacker News
August 09, 2022
CISA warns of Windows and UnRAR flaws exploited in the wild Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two more flaws to its catalog of Known Exploited Vulnerabilities, based on evidence of active exploitation.BleepingComputer
August 5, 2022
U.S. CISA and Australia’s ACSC Release List of 2021’s Top Malware Strains Full Text
Abstract
As per the advisory, the top malware strains of 2021 include Agent Tesla, AZORult, Formbook, Ursnif, LokiBot, MOUSEISLAND, NanoCore, Qakbot, Remcos, TrickBot and GootLoader.US CERT
August 5, 2022
DHS warns of critical flaws in Emergency Alert System encoder/decoder devices Full Text
Abstract
The U.S. DHS warns of critical security vulnerabilities in Emergency Alert System (EAS) encoder/decoder devices. The Department of Homeland Security (DHS) warned of critical security vulnerabilities in Emergency Alert System (EAS) encoder/decoder...Security Affairs
August 5, 2022
CISA adds Zimbra email bug to Known Exploited Vulnerabilities Catalog Full Text
Abstract
US Critical Infrastructure Security Agency (CISA) adds a recently disclosed flaw in the Zimbra email suite to its Known Exploited Vulnerabilities Catalog. The Cybersecurity & Infrastructure Security Agency (CISA) has added a recently disclosed...Security Affairs
August 04, 2022
CISA Adds Zimbra Email Vulnerability to its Exploited Vulnerabilities Catalog Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a recently disclosed high-severity vulnerability in the Zimbra email suite to its Known Exploited Vulnerabilities Catalog , citing evidence of active exploitation . The issue in question is CVE-2022-27924 (CVSS score: 7.5), a command injection flaw in the platform that could lead to the execution of arbitrary Memcached commands and theft of sensitive information. "Zimbra Collaboration (ZCS) allows an attacker to inject memcached commands into a targeted instance which causes an overwrite of arbitrary cached entries," CISA said. Specifically, the bug relates to a case of insufficient validation of user input that, if successfully exploited, could enable attackers to steal cleartext credentials from users of targeted Zimbra instances. The issue was disclosed by SonarSource in June, with patches released by Zimbra on May 10, 2022, in versions 8.8.15 P31.1 and 9.0.0 P24.1. CISA hasnThe Hacker News
August 04, 2022
DHS warns of critical flaws in Emergency Alert System devices Full Text
Abstract
The Department of Homeland Security (DHS) warned that attackers could exploit critical security vulnerabilities in unpatched Emergency Alert System (EAS) encoder/decoder devices to send fake emergency alerts via TV and radio networks.BleepingComputer
August 3, 2022
Singapore takes formal step towards setting up cyber defence unit Full Text
Abstract
First mooted in March, the new digital and intelligence service (DIS) unit would be set up as a fourth service under the Singapore Armed Forces (SAF) and responsible for combating online attacks.ZDNet
August 1, 2022
US Federal Communications Commission (FCC) warns of the rise of smishing attacks Full Text
Abstract
The Federal Communications Commission (FCC) warned Americans of the rising threat of smishing (robotexts) attacks. The Federal Communications Commission (FCC) issued an alert to warn Americans of the rising threat of smishing (robotexts) attacks aimed...Security Affairs
July 30, 2022
CISA orders to patch an actively exploited flaw in Confluence servers Full Text
Abstract
US Critical Infrastructure Security Agency (CISA) adds the critical Confluence flaw, tracked as CVE-2022-26138, to its Known Exploited Vulnerabilities Catalog. US CISA has added the recently disclosed Confluence vulnerability, tracked as CVE-2022-26138, to...Security Affairs
July 29, 2022
CISA Warns of Atlassian Confluence Hard-Coded Credential Bug Exploited in Attacks Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added the recently disclosed Atlassian security flaw to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2022-26138 , concerns the use of hard-coded credentials when the Questions For Confluence app is enabled in Confluence Server and Data Center instances. "A remote unauthenticated attacker can use these credentials to log into Confluence and access all content accessible to users in the confluence-users group," CISA notes in its advisory. Depending on the page restrictions and the information a company has in Confluence, successful exploitation of the shortcoming could lead to the disclosure of sensitive information. Although the bug was addressed by the Atlassian software company last week in versions 2.7.38 and 3.0.5, it has since come under active exploitation , cybersecurity firm Rapid7 disclosed this week. &quoThe Hacker News
July 29, 2022
CISA warns of critical Confluence bug exploited in attacks Full Text
Abstract
CISA has added a critical Confluence vulnerability tracked as CVE-2022-26138 to its list of bugs abused in the wild, a flaw that can provide remote attackers with hardcoded credentials following successful exploitation.BleepingComputer
July 29, 2022
US govt warns Americans of escalating SMS phishing attacks Full Text
Abstract
The Federal Communications Commission (FCC) warned Americans of an increasing wave of SMS (Short Message Service) phishing attacks attempting to steal their personal information and money.BleepingComputer
July 29, 2022
U.S. Justice Department Probing Cyber Breach of Federal Court Records System Full Text
Abstract
The U.S. Justice Department is investigating a cyber breach involving the federal court records management system, the department's top national security attorney told lawmakers on Thursday.Reuters
July 27, 2022
U.S. Offers $10 Million Reward for Information on North Korean Hackers Full Text
Abstract
The U.S. State Department has announced rewards of up to $10 million for any information that could help disrupt North Korea's cryptocurrency theft, cyber-espionage, and other illicit state-backed activities. "If you have information on any individuals associated with the North Korean government-linked malicious cyber groups (such as Andariel, APT38, Bluenoroff, Guardians of Peace, Kimsuky, or Lazarus Group) and who are involved in targeting U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act, you may be eligible for a reward," the department said in a tweet. The amount is double the bounty the agency publicized in March 2022 for specifics regarding the financial mechanisms employed by state-sponsored actors working on behalf of the North Korean government. The development comes a week after the Justice Department disclosed the seizure of $500,000 worth of Bitcoin from North Korean hackers who extorted digital payments by using a new rThe Hacker News
July 27, 2022
Ransomware Hackers Will Still Target Smaller Critical Infrastructure, CISA Director Warns Full Text
Abstract
Leadership at the Cybersecurity and Infrastructure Security Agency confirmed that ransomware hackers are not exclusively targeting large organizations and businesses, but smaller entities as well.Nextgov
July 23, 2022
TSA revises and reissues cybersecurity requirements for pipeline owners and operators Full Text
Abstract
The Transportation Security Administration (TSA) announced the revision of its Security Directive regarding oil and natural gas pipeline security that will continue the effort to build cybersecurity resiliency for the nation’s critical pipelines.tsa
July 19, 2022
FBI Warning: Fake Apps Defraud Investors of Over $42 Million Full Text
Abstract
A new alert by the FBI is cautioning users against downloading malicious apps for investing in cryptocurrency assets. Hackers are operating under fraudulent company names to lure potential investors. To verify if the company behind such apps is genuine or not, always visit the official websit ... Read MoreCyware Alerts - Hacker News
July 18, 2022
CISA Urges Patch of Exploited Windows 11 Bug by Aug. 2 Full Text
Abstract
Feds urge U.S. agencies to patch a Microsoft July Patch Tuesday 2022 bug that is being exploited in the wild by August 2.Threatpost
July 18, 2022
FBI Warns of Fake Cryptocurrency Apps Stealing Millions from Investors Full Text
Abstract
The U.S. Federal Bureau of Investigation (FBI) has warned of cyber criminals building rogue cryptocurrency-themed apps to defraud investors in the virtual assets space. "The FBI has observed cyber criminals contacting U.S. investors, fraudulently claiming to offer legitimate cryptocurrency investment services, and convincing investors to download fraudulent mobile apps, which the cyber criminals have used with increasing success over time to defraud the investors of their cryptocurrency," the agency said [PDF]. The illicit scheme, which aims to take advantage of increased interest in the crypto sector, is believed to have netted 244 victims, with losses estimated at $42.7 million between October 4, 2021, and May 13, 2022. According to the law enforcement authority, threat actors are misusing the names, logos, and other identifying information of legitimate businesses to create fake websites in an attempt to lure potential investors. In three instances highlighted byThe Hacker News
July 18, 2022
FBI warns of fake cryptocurrency apps used to defraud investors Full Text
Abstract
The FBI warned that cybercriminals are creating and using fraudulent cryptocurrency investment applications to steal funds from US cryptocurrency investors.BleepingComputer
July 16, 2022
CISA urges to fix multiple critical flaws in Juniper Networks products Full Text
Abstract
CISA urges admins to apply recently released fixes in Juniper Networks products, including Junos Space, Contrail Networking and NorthStar Controller. CISA urges users and administrators to review the Juniper Networks security advisories page and...Security Affairs
July 14, 2022
The First Cyber Safety Review Board Report is Out Full Text
Abstract
Last year, President Biden created the Cyber Safety Review Board, with the intention that (akin to the National Transportation Safety Board) the new organization would review cyber incidents, examine root causes and, where necessary, make recommendations.Lawfare
July 14, 2022
U.S. House Appropriators OK $15.6B in Cybersecurity Funding Full Text
Abstract
The largest chunk of cybersecurity spending, $11.2 billion, would go to the Defense Department, followed by $2.9 billion for the Cybersecurity and Infrastructure Security Agency, or CISA.Government Technology
July 13, 2022
U.S. FTC Vows to Crack Down on illegal Use and Sharing of Citizens’ Sensitive Data Full Text
Abstract
The U.S. Federal Trade Commission (FTC) warned this week that it will crack down on tech companies' illegal use and sharing of highly sensitive data and false claims about data anonymization. "While many consumers may happily offer their location data in exchange for real-time crowd-sourced advice on the fastest route home, they likely think differently about having their thinly-disguised online identity associated with the frequency of their visits to a therapist or cancer doctor," FTC's Kristin Cohen said . The sensitive nature of information about users' health and their precise whereabouts has prompted the agency to caution against opaque practices in the "shadowy ad tech and data broker ecosystem ," with consumers having little to no knowledge of how their personal data is harvested, used, and processed. What's more, mobile apps are known to embed software development kits (SDKs) that claim to collect and share anonymized user informationThe Hacker News
July 13, 2022
India Calls for Stricter Actions Against Cybercriminals Full Text
Abstract
In a Saturday meeting with northwestern state officials, Home Affairs Minister Amit Shah said New Delhi will collaborate with states on a strategy even as he urged local governments to take strict action against cybercriminals.Bank Info Security
July 12, 2022
CISA orders agencies to patch new Windows zero-day used in attacks Full Text
Abstract
CISA has added an actively exploited local privilege escalation vulnerability in the Windows Client/Server Runtime Subsystem (CSRSS) to its list of bugs abused in the wild.BleepingComputer
July 12, 2022
White House backed fund promises to accelerate ‘deep tech’ advancements in cybersecurity Full Text
Abstract
America’s Frontier Fund (AFF) will be a hub for what the CEO Gilman Louie calls the Quad Investor Network (QIN), a partnership that AFF will lead with other global democracies to invest jointly in emerging technology.CyberScoop
July 5, 2022
CISA Warns Against Exploitation of PwnKit Linux Vulnerability Full Text
Abstract
Federal agencies have been ordered to patch their Linux servers against PwnKit within three weeks. The most astounding part is that it remained hidden for over 12 years since pkexec's first release. Successful exploitation of the flaw could induce pkexec to execute arbitrary code. O ... Read MoreCyware Alerts - Hacker News
July 4, 2022
CISA Warns About MedusaLocker Ransomware’s Latest Activity Full Text
Abstract
As of May 2022, the operators of the ransomware are heavily relying on vulnerabilities in Remote Desktop Protocol (RDP) endpoints to access victims’ networks.Cyware Alerts - Hacker News
July 4, 2022
CISA orders federal agencies to patch CVE-2022-26925 by July 22 Full Text
Abstract
US Critical Infrastructure Security Agency (CISA) adds CVE-2022-26925 Windows LSA flaw to its Known Exploited Vulnerabilities Catalog. In May the US CISA removed the CVE-2022-26925 Windows LSA vulnerability from its Known Exploited Vulnerabilities...Security Affairs
July 01, 2022
CISA orders agencies to patch Windows LSA bug exploited in the wild Full Text
Abstract
CISA has re-added a security bug affecting Windows devices to its list of bugs exploited in the wild after removing it in May due to Active Directory (AD) certificate authentication issues caused by Microsoft's May 2022 updates.BleepingComputer
June 30, 2022
U.S. FCC Commissioner Asks Apple and Google to Remove TikTok from App Stores Full Text
Abstract
One of the commissioners of the U.S. Federal Communications Commission (FCC) has renewed calls asking for Apple and Google to boot the popular video-sharing platform TikTok from their app stores citing "its pattern of surreptitious data practices." "It is clear that TikTok poses an unacceptable national security risk due to its extensive data harvesting being combined with Beijing's apparently unchecked access to that sensitive data," Brendan Carr, a Republican member of the FCC, wrote in a letter to Apple and Google's chief executives. TikTok, in September 2021, disclosed that there are one billion people who use its app every month, making it one of the largest social media platforms after Facebook, YouTube, WhatsApp, Instagram, and WeChat. Carr further emphasized that the short-form video service is far from just an app for sharing funny videos or memes, calling out its features as "sheep's clothing" intended to mask its core functThe Hacker News
June 29, 2022
CISA warns of hackers exploiting PwnKit Linux vulnerability Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity Linux vulnerability known as PwnKit to its list of bugs exploited in the wild.BleepingComputer
June 29, 2022
CISA warns orgs to switch to Exchange Online Modern Auth until October Full Text
Abstract
CISA has urged government agencies and private sector organizations using Microsoft's Exchange cloud email platform to expedite the switch from Basic Authentication legacy authentication methods without multifactor authentication (MFA) support to Modern Authentication alternatives.BleepingComputer
June 28, 2022
CISA Warns of Active Exploitation of ‘PwnKit’ Linux Vulnerability in the Wild Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week moved to add a Linux vulnerability dubbed PwnKit to its Known Exploited Vulnerabilities Catalog , citing evidence of active exploitation. The issue, tracked as CVE-2021-4034 (CVSS score: 7.8), came to light in January 2022 and concerns a case of local privilege escalation in polkit's pkexec utility, which allows an authorized user to execute commands as another user. Polkit (formerly called PolicyKit) is a toolkit for controlling system-wide privileges in Unix-like operating systems, and provides a mechanism for non-privileged processes to communicate with privileged processes. Successful exploitation of the flaw could induce pkexec to execute arbitrary code, granting an unprivileged attacker administrative rights on the target machine and compromising the host. It's not immediately clear how the vulnerability is being weaponized in the wild, nor is there any information on the identity ofThe Hacker News
June 28, 2022
House Passes ICS Cybersecurity Training Bill Full Text
Abstract
The bill aims to provide the IT workforce with free ICS security training. This includes virtual and in-person training and courses that would be available at different skill levels to help participants develop and strengthen their skills.Security Week
June 28, 2022
Cyber Command urges private sector to share intelligence, aid defensive digital operations Full Text
Abstract
U.S. Cyber Command wants more private companies to share more cybersecurity intelligence so that the organization can improve its defensive capabilities, Cyber Command Executive Director Dave Frederick said in an interview Monday.CyberScoop
June 28, 2022
NIST Releases New macOS Security Guidance for Organizations Full Text
Abstract
The guidance is derived from the macOS Security Compliance Project (mSCP), an open source effort aimed at creating customized security baselines to meet the cybersecurity needs of various organizations.Security Week
June 28, 2022
FBI: Stolen PII and deepfakes used to apply for remote tech jobs Full Text
Abstract
The Federal Bureau of Investigation (FBI) warns of an increase in complaints that cybercriminals are using Americans' stolen Personally Identifiable Information (PII) and deepfakes to apply for remote work positions.BleepingComputer
June 28, 2022
FTC Takes Action Against CafePress Over Massive Data Breach, Cover-Up Full Text
Abstract
The FTC on Friday announced that it has finalized an order against CafePress, requiring it to improve its security posture following a cybersecurity incident that the company attempted to cover up.Security Week
June 26, 2022
LGBTQ+ community warned of extortionists abusing dating apps Full Text
Abstract
The U.S. Federal Trade Commission (FTC) has warned this week of extortion scammers targeting the LGBTQ+ community by abusing online dating apps like Grindr and Feeld.BleepingComputer
June 24, 2022
Cyber security threats are biggest risk to India’s national security: NCSC Full Text
Abstract
Cyber security threats are the biggest risk to National security, and building cyber hygiene is very important, National Cyber Security Coordinator Rajesh Pant said on Thursday, June 23 ,2022.The Hindu
June 23, 2022
CISA: Log4Shell exploits still being used to hack VMware servers Full Text
Abstract
CISA warned today that threat actors including state-backed hacking groups are still targeting VMware Horizon and Unified Access Gateway (UAG) servers using the Log4Shell (CVE-2021-44228) remote code execution vulnerability.BleepingComputer
June 22, 2022
NSA shares tips on securing Windows devices with PowerShell Full Text
Abstract
The National Security Agency (NSA) and cybersecurity partner agencies issued an advisory today recommending system administrators to use PowerShell to prevent and detect malicious activity on Windows machines.BleepingComputer
June 20, 2022
Energy Department Releases Strategy to Build Cyber-Resilient Energy Systems Full Text
Abstract
The Department of Energy this week released its national Cyber-Informed Engineering Strategy that provides guidance for building resilient energy systems that can withstand cyberattacks.Nextgov
June 13, 2022
FBI, DOJ say less than 25% of NetWalker ransomware victims reported incidents Full Text
Abstract
The FBI and DOJ officials were able to obtain a trove of information on the group after seizing NetWalker’s backend servers in Bulgaria during an investigation throughout 2020.The Record
June 9, 2022
Feds Forced Travel Firms to Share Surveillance Data on Hacker Full Text
Abstract
Sabre and Travelport had to report the weekly activities of former “Cardplanet” cybercriminal Aleksei Burkov for two years, info that eventually led to his arrest and prosecution.Threatpost
June 9, 2022
Multifactor authentication could be long haul for some federal agencies, CISA official says Full Text
Abstract
Congressional exasperation with the slow pace of agencies deploying MFA emerged at a House hearing last month. The May executive order had “aggressive but achievable” deadlines, a White House official said last year.CyberScoop
June 9, 2022
Experts, NSA cyber director say ransomware could threaten campaigns in 2022 Full Text
Abstract
With the 2022 election season around the corner, campaigns of all sizes need to be prepared for a widened set of potential cybersecurity risks, experts and a top intelligence official said.CyberScoop
June 9, 2022
CISA director promotes collaboration and trust at RSAC 2022 Full Text
Abstract
CISA Director Jen Easterly said there's growing momentum for stronger collaboration and communication between government agencies like CISA and private-sector cybersecurity companies.Tech Target
June 9, 2022
CISA Clarifies Criteria for Adding Vulnerabilities to ‘Must Patch’ List Full Text
Abstract
Some of the vulnerabilities added by CISA to its Must Patch list were discovered more than a decade ago and for some flaws there do not appear to be any public reports describing malicious exploitation.Security Week
June 08, 2022
U.S. Agencies Warn About Chinese Hackers Targeting Telecoms and Network Service Providers Full Text
Abstract
U.S. cybersecurity and intelligence agencies have warned about China-based state-sponsored cyber actors leveraging network vulnerabilities to exploit public and private sector organizations since at least 2020. The widespread intrusion campaigns aim to exploit publicly identified security flaws in network devices such as Small Office/Home Office (SOHO) routers and Network Attached Storage (NAS) devices with the goal of gaining deeper access to victim networks. In addition, the actors used these compromised devices as route command-and-control (C2) traffic to break into other targets at scale, the U.S. National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) said in a joint advisory. The perpetrators, besides shifting their tactics in response to public disclosures, are known to employ a mix of open-source and custom tools for reconnaissance and vulnerability scanning as well as to obscure and bleThe Hacker News
June 8, 2022
CISA Issues Warning on Chinese Cyber Espionage Attacks Full Text
Abstract
Attackers are exploiting vulnerabilities affecting Cisco devices, four affecting QNAP devices, two affecting Pulse Secure devices, and one each in devices from Citrix, D-Link, Fortinet, Netgear, MikroTik, and DrayTek.Cyware Alerts - Hacker News
June 7, 2022
Karakurt Steals Data and Demands Ransom - FBI Warns Full Text
Abstract
As a part of the extortion routine, the attackers send ransom notes to the employees of the victim firm, threatening to leak the stolen information. The twist is that although there is a deadline for paying the ransom, the hackers do not sit and wait.Cyware Alerts - Hacker News
June 06, 2022
CISA Warned About Critical Vulnerabilities in Illumina’s DNA Sequencing Devices Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Food and Drug Administration (FDA) have issued an advisory about critical security vulnerabilities in Illumina's next-generation sequencing ( NGS ) software. Three of the flaws are rated 10 out of 10 for severity on the Common Vulnerability Scoring System ( CVSS ), with two others having severity ratings of 9.1 and 7.4. The issues impact software in medical devices used for "clinical diagnostic use in sequencing a person's DNA or testing for various genetic conditions, or for research use only," according to the FDA . "Successful exploitation of these vulnerabilities may allow an unauthenticated malicious actor to take control of the affected product remotely and take any action at the operating system level," CISA said in an alert. "An attacker could impact settings, configurations, software, or data on the affected product and interact through the affected product with the cThe Hacker News
June 3, 2022
CISA Warns of Critical Vulnerabilities in Illumina Genetic Analysis Devices Full Text
Abstract
The flaws affect Illumina Local Run Manager (LRM), which is used by sequencing instruments designed for clinical diagnostic use in the sequencing of a person's DNA, testing for various genetic conditions, as well as research.Security Week
June 01, 2022
US govt: Paying Karakurt extortion ransoms won’t stop data leaks Full Text
Abstract
Several U.S. federal agencies warned organizations today against paying ransom demands made by the Karakurt gang since that will not prevent their stolen data from being sold to others.BleepingComputer
June 1, 2022
FBI Warns of Scammers Soliciting Donations Related to the Crisis in Ukraine Full Text
Abstract
Although the Ukrainian Government and other private organizations do maintain official donation mechanisms, people must be cautious and verify information about entities purporting to solicit aid for causes linked to the crisis in Ukraine.IC3
May 31, 2022
FBI warns of Ukrainian charities impersonated to steal donations Full Text
Abstract
Scammers are claiming to be collecting donations to help Ukrainian refugees and war victims while impersonating legitimate Ukrainian humanitarian aid organizations, according to the Federal Bureau of Investigation (FBI).BleepingComputer
May 30, 2022
Credentials of Higher Education Institutions Available For Sale: FBI Warns Full Text
Abstract
The FBI alerted that credentials stolen from the higher education sector are being sold on multiple public and dark web marketplaces. In some cases, VPN and network access credentials are being sold for thousands of dollars. The FBI recommends colleges and universities pay special attention to conn ... Read MoreCyware Alerts - Hacker News
May 28, 2022
CISA adds 75 actively exploited bugs to its must-patch list in just a week Full Text
Abstract
The US cybersecurity authority is urging everyone to patch a number of software flaws, including some older ones in Microsoft's Silverlight plug-in and Adobe Flash Player.ZDNet
May 27, 2022
FBI warns of hackers selling credentials for U.S. college networks Full Text
Abstract
Cybercriminals are offering to sell for thousands of U.S. dollars network access credentials for higher education institutions based in the United States.BleepingComputer
May 27, 2022
FBI: Compromised US academic credentials available on various cybercrime forums Full Text
Abstract
The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. The FBI issued an alert to inform the higher education sector about the availability of login...Security Affairs
May 26, 2022
Italy announced its National Cybersecurity Strategy 2022/26 Full Text
Abstract
Italy announced its National Cybersecurity Strategy for 2022/26, a crucial document to address cyber threats and increase the resilience of the country. Italy presented its National Cybersecurity Strategy for 2022/26 and reinforce the government's...Security Affairs
May 25, 2022
CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
US Critical Infrastructure Security Agency (CISA) adds 41 new vulnerabilities to its Known Exploited Vulnerabilities Catalog. The Cybersecurity & Infrastructure Security Agency (CISA) has added 41 flaws to its Known Exploited Vulnerabilities Catalog,...Security Affairs
May 24, 2022
CISA adds 41 vulnerabilities to list of bugs used in cyberattacks Full Text
Abstract
The Cybersecurity & Infrastructure Security Agency (CISA) has added 41 vulnerabilities to its catalog of known exploited flaws over the past two days, including flaws for the Android kernel and Cisco IOS XR.BleepingComputer
May 24, 2022
US Senate: Govt’s ransomware fight hindered by limited reporting Full Text
Abstract
A report published today by U.S. Senator Gary Peters, Chairman of the Senate Homeland Security and Governmental Affairs Committee, says law enforcement and regulatory agencies lack insight into ransomware attacks to fight against them effectively.BleepingComputer
May 23, 2022
South Korea and US agree to cooperate on combating on North Korea’s cyber-offensives Full Text
Abstract
Last month, the US government offered a reward of up to $5 million for information to disrupt North Korea's cryptocurrency theft, cyber-espionage, and other illicit state-backed activities.The Register
May 19, 2022
Legislation Promoting Cyber Collaboration Between DHS and States Awaits Biden Signature Full Text
Abstract
Having cleared the Senate in January, the State and Local Government Cybersecurity Act passed the House of Representatives Tuesday and now awaits President Joe Biden’s signature.Nextgov
May 19, 2022
Agencies Showcase Federal Cyber Progress, Outline Future Threats Full Text
Abstract
Lawmakers explored courses of action to help bolster and secure the federal government’s digital networks, primarily through ongoing security software implementation and steady federal funding to protect sensitive U.S. data.Nextgov
May 19, 2022
CISA orders federal agencies to fix VMware CVE-2022-22972 and CVE-2022-22973 flaws Full Text
Abstract
CISA orders federal agencies to fix VMware CVE-2022-22972 and CVE-2022-22973 vulnerabilities by May 23, 2022. The Cybersecurity and Infrastructure Security Agency (CISA) issued the Emergency Directive 22-03 to order federal agencies to fix VMware...Security Affairs
May 18, 2022
DHS orders federal agencies to patch VMware bugs within 5 days Full Text
Abstract
The Department of Homeland Security's cybersecurity unit ordered Federal Civilian Executive Branch (FCEB) agencies today to urgently update or remove VMware products from their networks by Monday due to an increased risk of attacks.BleepingComputer
May 18, 2022
U.S. Warns Against North Korean Hackers Posing as IT Freelancers Full Text
Abstract
Highly skilled software and mobile app developers from the Democratic People's Republic of Korea (DPRK) are posing as "non-DPRK nationals" in hopes of landing freelance employment in an attempt to enable the regime's malicious cyber intrusions . That's according to a joint advisory from the U.S. Department of State, the Department of the Treasury, and the Federal Bureau of Investigation (FBI) issued on Monday. Targets include financial, health, social media, sports, entertainment, and lifestyle-focused companies located in North America, Europe, and East Asia, with most of the dispatched workers situated in China, Russia, Africa, and Southeast Asia. The goal, the U.S. agencies warn, is to generate a constant stream of revenue that sidesteps international sanctions imposed on the nation and help serve its economic and security priorities, including the development of nuclear and ballistic missiles. "The North Korean government withholds up to 90 perceThe Hacker News
May 18, 2022
CISA shares guidance to block ongoing F5 BIG-IP attacks Full Text
Abstract
In a joint advisory issued today, CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) warned admins of active attacks targeting a critical F5 BIG-IP network security vulnerability (CVE-2022-1388).BleepingComputer
May 17, 2022
North Korean devs pose as US freelancers and aid DRPK govt hackers Full Text
Abstract
The U.S. government is warning that the Democratic People's Republic of Korea (DPRK) is dispatching its IT workers to get freelance jobs at companies across the world to obtain privileged access that is sometimes used to facilitate cyber intrusions.BleepingComputer
May 17, 2022
Beware of North Korean IT workers with fake credentials, US government warns Full Text
Abstract
The federal agencies said the freelancers often send money back to North Korea, contributing to its weapons programs, which have earned broad sanctions from the U.S. and United Nations.The Record
May 17, 2022
CISA adds CVE-2022-30525 flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
US Critical Infrastructure Security Agency (CISA) adds critical CVE-2022-30525 RCE flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency added the recently disclosed...Security Affairs
May 17, 2022
FBI Warns of Hackers Using Malicious PHP Code to Steal Credit Card Data Full Text
Abstract
The attackers began targeting US businesses in September 2020 by inserting malicious PHP code into the customized online checkout pages. But earlier this year, the actors changed tactics using a different PHP function.ZDNet
May 16, 2022
CISA warns not to install May Windows updates on domain controllers Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has removed a Windows security flaw from its catalog of known exploited vulnerabilities due to Active Directory (AD) authentication issues caused by the May 2022 updates that patch it.BleepingComputer
May 16, 2022
CISA Removes Windows Vulnerability From ‘Must-Patch’ List Due to Buggy Update Full Text
Abstract
The CISA has temporarily removed a Windows flaw from its Known Exploited Vulnerabilities Catalog after it was informed by Microsoft that a recent update can cause problems on some types of systems.Security Week
May 12, 2022
The Stakes ‘Could Not be Any Higher’: CISA Chief Talks About the Tech Challenges Ahead Full Text
Abstract
Security by design needs to be ingrained in software development and innovative thinking is required to help secure society against cyber attacks as technology become a bigger part of our everyday lives.ZDNet
May 12, 2022
Five Eyes agencies warn of attacks on MSPs Full Text
Abstract
Cybersecurity authorities from Five Eye warn of threats targeting managed service providers (MSPs) and potential supply chain attacks through them. Multiple cybersecurity authorities from Australia, Canada, New Zealand, the U.K., and the U.S. this...Security Affairs
May 11, 2022
Government Agencies Warn of Increase in Cyberattacks Targeting MSPs Full Text
Abstract
Multiple cybersecurity authorities from Australia, Canada, New Zealand, the U.K., and the U.S. on Wednesday released a joint advisory warning of threats targeting managed service providers (MSPs) and their customers. Key among the recommendations include identifying and disabling accounts that are no longer in use, enforcing multi-factor authentication (MFA) on MSP accounts that access customer environments, and ensuring transparency in ownership of security roles and responsibilities. MSPs have emerged as an attractive attack route for cybercriminals to scale their attacks, as a vulnerable provider can be weaponized as an initial access vector to breach several downstream customers at once. The spillover effects of such intrusions, as witnessed in the wake of high-profile breaches aimed at SolarWinds and Kaseya in recent years, have once again underlined the need to secure the software supply chain. The targeting of MSPs by malicious cyber actors in an effort to "explThe Hacker News
May 11, 2022
CISA adds CVE-2022-1388 flaw in F5 BIG-IP to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
US Critical Infrastructure Security Agency (CISA) adds critical CVE-2022-1388 flaw in F5 BIG-IP products to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added critical CVE-2022-1388...Security Affairs
May 11, 2022
CISA tells federal agencies to fix actively exploited F5 BIG-IP bug Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a new security vulnerability to its list of actively exploited bugs, the critical severity CVE-2022-1388 affecting BIG-IP network devices.BleepingComputer
May 11, 2022
FBI, CISA, and NSA warn of hackers increasingly targeting MSPs Full Text
Abstract
Members of the Five Eyes (FVEY) intelligence alliance today warned managed service providers (MSPs) and their customers that they're increasingly targeted by supply chain attacks.BleepingComputer
May 11, 2022
E.U. Blames Russia for Cyberattack on KA-SAT Satellite Network Operated by Viasat Full Text
Abstract
The Five Eyes nations comprising Australia , Canada , New Zealand , the U.K. , and the U.S. , along with Ukraine and the European Union, formally pinned Russia for masterminding an attack on an international satellite communication ( SATCOM ) provider that had "spillover" effects across Europe. The cyber offensive , which took place one hour before the Kremlin's military invasion of Ukraine on February 24, targeted the KA-SAT satellite network operated by telecommunications company Viasat, crippling the operations of wind farms and internet users in central Europe. Viasat, in late March, disclosed that it had shipped nearly 30,000 modems to distributors to restore service to customers whose modems were rendered unusable. "This cyberattack had a significant impact causing indiscriminate communication outages and disruptions across several public authorities, businesses and users in Ukraine, as well as affecting several E.U. Member States," the CounciThe Hacker News
May 11, 2022
EU condemns Russian cyber operations against Ukraine Full Text
Abstract
The European Union condemns the cyberattacks conducted by Russia against Ukraine, which targeted the satellite KA-SAT network. The European Union accused Russia of the cyberattack that hit the satellite KA-SAT network in Ukraine, operated by Viasat,...Security Affairs
May 11, 2022
New Malspam Campaigns Propagate Jester Infostealer - Warns CERT-UA Full Text
Abstract
The CERT-UA warned against a phishing campaign that deploys Jester Stealer for data exfiltration from infected users’ devices. The email campaign carries the subject line chemical attack. The malware cannot be analyzed in virtual machines as the malware developers have implemented anti-analysis cap ... Read MoreCyware Alerts - Hacker News
May 10, 2022
UK cybersecurity center sent 33 million alerts to companies Full Text
Abstract
The NCSC (National Cyber Security Centre) in the UK reports having served 33 million alerts to organizations signed up for its "Early Warning" service. Additionally, the government agency has dealt with a record number of online scams in 2021, removing more than 2.7 million from the internet.BleepingComputer
May 10, 2022
US, EU blame Russia for cyberattack on satellite modems in Ukraine Full Text
Abstract
The European Union formally accused Russia of coordinating the cyberattack that hit satellite Internet modems in Ukraine on February 24, roughly one hour before Russia invaded Ukraine.BleepingComputer
May 9, 2022
FBI: Rise in Business Email-based Attacks is a $43B Headache Full Text
Abstract
A huge spike in fraudulent activities related to attacks leveraging business email accounts is a billion-dollar-problem.Threatpost
May 09, 2022
SHIELDS UP in bite sized chunks Full Text
Abstract
Unless you are living completely off the grid, you know the horrifying war in Ukraine and the related geopolitical tensions have dramatically increased cyberattacks and the threat of even more to come. The Cybersecurity and Infrastructure Security Agency (CISA) provides guidance to US federal agencies in their fight against cybercrime, and the agency's advice has proven so valuable that it's been widely adopted by commercial organizations too. In February, CISA responded to the current situation by issuing an unusual " SHIELDS UP! " warning and advisory. According to CISA, "Every organization—large and small—must be prepared to respond to disruptive cyber incidents." The announcement from CISA consisted of a range of recommendations to help organizations and individuals reduce the likelihood of a successful attack and limit damage in case the worst happens. It also contains general advice for C-level leaders, as well as a tip sheet on how to respond to rThe Hacker News
May 8, 2022
NIST published updated guidance for supply chain risks Full Text
Abstract
The National Institute of Standards and Technology (NIST) has released updated guidance for defending against supply-chain attacks. The National Institute of Standards and Technology (NIST) has released updated guidance for defending against supply...Security Affairs
May 8, 2022
US DoS offers a reward of up to $15M for info on Conti ransomware gang Full Text
Abstract
The US Government offers up to $15 million for information that helps identify and locate leadership and co-conspirators of the Conti ransomware gang. The US Department of State offers up to $15 million for information that helps identify and locate...Security Affairs
May 06, 2022
U.S. Sanctions Cryptocurrency Mixer Blender for Helping North Korea Launder Millions Full Text
Abstract
The U.S. Treasury Department on Friday moved to sanction virtual currency mixer Blender.io, marking the first time a mixing service has been subjected to economic blockades. The move signals continued efforts on the part of the government to prevent North Korea's Lazarus Group from laundering the funds stolen from the unprecedented hack of Ronin Bridge in late March. The newly imposed sanctions, issued by the U.S. Office of Foreign Assets Control (OFAC), target 45 Bitcoin addresses linked to Blender.io and four new wallets linked to Lazarus Group, an advanced persistent with ties to the Democratic People's Republic of Korea (DPRK). "Blender was used in processing over $20.5 million of the illicit proceeds," the Treasury said , adding it was utilized by DPRK to "support its malicious cyber activities and money-laundering of stolen virtual currency." Cryptocurrency mixers, also called tumblers , are privacy-focused services that allow users to move crThe Hacker News
May 05, 2022
NIST Releases Updated Cybersecurity Guidance for Managing Supply Chain Risks Full Text
Abstract
The National Institute of Standards and Technology (NIST) on Thursday released an updated cybersecurity guidance for managing risks in the supply chain, as it increasingly emerges as a lucrative attack vector. "It encourages organizations to consider the vulnerabilities not only of a finished product they are considering using, but also of its components — which may have been developed elsewhere — and the journey those components took to reach their destination," NIST said in a statement. The new directive outlines major security controls and practices that entities should adopt to identify, assess, and respond to risks at different stages of the supply chain, including the possibility of malicious functionality, flaws in third-party software, insertion of counterfeit hardware, and poor manufacturing and development practices. The development follows an Executive Order issued by the U.S. President on " Improving the Nation's Cybersecurity (14028) " lasThe Hacker News
May 05, 2022
Ukraine’s IT Army is disrupting Russia’s alcohol distribution Full Text
Abstract
Hacktivists operating on the side of Ukraine have focused their DDoS attacks on a portal that is considered crucial for the distribution of alcoholic beverages in Russia.BleepingComputer
May 05, 2022
NIST updates guidance for defending against supply-chain attacks Full Text
Abstract
The National Institute of Standards and Technology (NIST) has released updated guidance on securing the supply chain against cyberattacks.BleepingComputer
May 04, 2022
SEC Plans to Hire More Staff in Crypto Enforcement Unit to Fight Frauds Full Text
Abstract
The U.S. Securities and Exchange Commission (SEC) on Tuesday announced that it will expand and rebrand its Cyber Unit to fight against cyber-related threats and protect investors in cryptocurrency markets. To that end, the SEC is renaming the Cyber Unit within the Division of Enforcement to Crypto Assets and Cyber Unit and plans to infuse 20 additional positions with the goal of investigating wrongdoing in the crypto markets. The goal, per the agency, is to tackle cryptocurrency fraud and crackdown on malicious actors attempting to profit from crypto marketplaces. The Cyber Unit was instituted in September 2017 with a focus on addressing cyber-based threats and protecting retail investors. But given the dramatic evolution of the digital assets markets in recent years, the new unit is expected to focus on securities law violations pertaining to - Crypto asset offerings Crypto asset exchanges Crypto asset lending and staking products Decentralized finance (DeFi) platformsThe Hacker News
May 4, 2022
SEC nearly doubles size of crypto and cyber enforcement unit Full Text
Abstract
The unit, formerly known as the cyber unit, will be renamed as the crypto assets and cyber unit and will continue to reside in the Division of Enforcement. It will also gain 20 additional team members, taking the unit's total headcount to 50.ZDNet
May 04, 2022
FBI says business email compromise is a $43 billion scam Full Text
Abstract
The Federal Bureau of Investigation (FBI) said today that the amount of money lost to business email compromise (BEC) scams continues to grow each year, with a 65% increase in the identified global exposed losses between July 2019 and December 2021.BleepingComputer
May 03, 2022
Google: Chinese state hackers keep targeting Russian govt agencies Full Text
Abstract
Google said today that a Chinese-sponsored hacking group linked to China's People's Liberation Army Strategic Support Force (PLA SSF) is targeting Russian government agencies.BleepingComputer
April 29, 2022
India to require cybersecurity incident reporting within six hours Full Text
Abstract
The Indian government has issued new directives requiring organizations to report cybersecurity incidents to CERT-IN within six hours, even if those incidents are port or vulnerability scans of computer systems.BleepingComputer
April 28, 2022
Indian Govt Orders Organizations to Report Security Breaches Within 6 Hours to CERT-In Full Text
Abstract
India's computer and emergency response team, CERT-In, on Thursday published new guidelines that require service providers, intermediaries, data centers, and government entities to compulsorily report cybersecurity incidents, including data breaches, within six hours. "Any service provider, intermediary, data center, body corporate and Government organization shall mandatorily report cyber incidents [...] to CERT-In within six hours of noticing such incidents or being brought to notice about such incidents," the government said in a release. The types of incidents that come under the ambit include, inter alia, compromise of critical systems, targeting scanning, unauthorized access to computers and social media accounts, website defacements, malware deployments, identity theft, DDoS attacks, data breaches and leaks, rogue mobile apps, and attacks against servers and network appliances like routers and IoT devices. The government said it was taking these steps to ensThe Hacker News
April 28, 2022
CISA published 2021 Top 15 most exploited software vulnerabilities Full Text
Abstract
Cybersecurity and Infrastructure Security Agency (CISA) published a list of 2021's top 15 most exploited software vulnerabilities Cybersecurity and Infrastructure Security Agency (CISA) published the list of 2021's top 15 most exploited software vulnerabilities This...Security Affairs
April 27, 2022
US Department of State offers $10M reward for info to locate six Russian Sandworm members Full Text
Abstract
The U.S. government offers up to $10 million for info that allows to identify or locate six Russian GRU hackers who are members of the Sandworm APT group. The US Department of State is offering up to $10 million for info that allows to identify or locate...Security Affairs
April 26, 2022
US offers $10 million reward for tips on Russian Sandworm hackers Full Text
Abstract
The U.S. is offering up to $10 million to identify or locate six Russian GRU hackers who are part of the notorious Sandworm hacking group.BleepingComputer
April 26, 2022
CISA adds new Microsoft, Linux, and Jenkins flaws to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
US Critical Infrastructure Security Agency (CISA) adds seven new flaws to its Known Exploited Vulnerabilities Catalog, including Microsoft, Linux, and Jenkins bugs. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added seven vulnerabilities...Security Affairs
April 25, 2022
CISA adds 7 vulnerabilities to list of bugs exploited in attacks Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added seven vulnerabilities to its list of actively exploited security issues, including those from Microsoft, Linux, and Jenkins.BleepingComputer
April 25, 2022
Iran announced to have foiled massive cyberattacks on public services Full Text
Abstract
State television announced that Iran has foiled massive cyberattacks that targeted public services operated by both government and private organizations. According to the Iran state television, the attack attempts took place in recent days and aimed...Security Affairs
April 24, 2022
FBI Warns of BlackCat Ransomware That Breached Over 60 Organisations Worldwide Full Text
Abstract
The U.S. Federal Bureau of Investigation (FBI) is sounding the alarm on the BlackCat ransomware-as-a-service (RaaS), which it said victimized at least 60 entities worldwide between as of March 2022 since its emergence last November. Also called ALPHV and Noberus , the ransomware is notable for being the first-ever malware written in the Rust programming language that's known to be memory safe and offer improved performance. "Many of the developers and money launderers for BlackCat/ALPHV are linked to DarkSide / BlackMatter , indicating they have extensive networks and experience with ransomware operations," the FBI said in an advisory published last week. The disclosure comes weeks after twin reports from Cisco Talos and Kasperksy uncovered links between BlackCat and BlackMatter ransomware families, including the use of a modified version of a data exfiltration tool dubbed Fendr that's been previously only observed in BlackMatter-related activity. "The Hacker News
April 22, 2022
US govt grants academics $12M to develop cyberattack defense tools Full Text
Abstract
The US Department of Energy (DOE) has announced that it will provide $12 million in funding to six university teams to develop defense and mitigation tools to protect US energy delivery systems from cyberattacks.BleepingComputer
April 22, 2022
NIST revamps aging enterprise patch management guidance Full Text
Abstract
Whereas the previous, 2013 iteration focused on helping organizations to deploy patch management technologies, the new edition centers on developing strategies for patch management.The Daily Swig
April 21, 2022
Ukraine Ramps Up Cyber Defenses to Slow Surge in Attacks Full Text
Abstract
Ukraine is now issuing physical security keys to as many government agencies as possible, said Oleksandr Potii, deputy chief of the State Service of Special Communication and Information Protection.Bloomberg Quint
April 21, 2022
US, Australia, Canada, New Zealand, and the UK warn of Russia-linked threat actors’ attacks Full Text
Abstract
Cybersecurity agencies of the Five Eyes intelligence alliance warn of cyberattacks conducted by Russia-linked threat actors on critical infrastructure. Cybersecurity agencies of the Five Eyes intelligence alliance (United States, Australia, Canada,...Security Affairs
April 21, 2022
FBI: BlackCat ransomware breached at least 60 entities worldwide Full Text
Abstract
The Federal Bureau of Investigation (FBI) says the Black Cat ransomware gang, also known as ALPHV, has breached the networks of at least 60 organizations worldwide, between November 2021 and March 2022.BleepingComputer
April 21, 2022
Australia: AUSTRAC outlines how to spot ransomware and detect abuse of digital currencies Full Text
Abstract
Australia's financial intelligence and regulatory body Austrac has released two financial crime guides to help businesses detect and prevent criminal abuse of digital currencies and ransomware.ZDNet
April 20, 2022
Five Eyes Nations Warn of Russian Cyber Attacks Against Critical Infrastructure Full Text
Abstract
The Five Eyes nations have released a joint cybersecurity advisory warning of increased malicious attacks from Russian state-sponsored actors and criminal groups targeting critical infrastructure organizations amidst the ongoing military siege on Ukraine. "Evolving intelligence indicates that the Russian government is exploring options for potential cyberattacks," authorities from Australia, Canada, New Zealand, the U.K., and the U.S. said . "Russia's invasion of Ukraine could expose organizations both within and beyond the region to increased malicious cyber activity. This activity may occur as a response to the unprecedented economic costs imposed on Russia as well as material support provided by the United States and U.S. allies and partners." The advisory follows another alert from the U.S. government cautioning of nation-state actors deploying specialized malware to maintain access to industrial control systems (ICS) and supervisory control anThe Hacker News
April 20, 2022
FBI warns of ransomware attacks targeting US agriculture sector Full Text
Abstract
The US Federal Bureau of Investigation (FBI) warned Food and Agriculture (FA) sector organizations today of an increased risk that ransomware gangs "may be more likely" to attack them during the harvest and planting seasons.BleepingComputer
April 20, 2022
CISA adds Windows Print Spooler to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
US Critical Infrastructure Security Agency (CISA) adds a Windows Print Spooler vulnerability to its Known Exploited Vulnerabilities Catalog. The Cybersecurity and Infrastructure Security Agency (CISA) added the Windows Print Spooler, tracked as CVE-2022-22718,...Security Affairs
April 20, 2022
US and allies warn of Russian hacking threat to critical infrastructure Full Text
Abstract
Today, Five Eyes cybersecurity authorities warned critical infrastructure network defenders of an increased risk that Russia-backed hacking groups could target organizations within and outside Ukraine's borders.BleepingComputer
April 20, 2022
FBI Warns of Ransomware Attacks on Farming Co-ops During Planting, Harvest Seasons Full Text
Abstract
While some of the incidents resulted in only administrative operations getting disrupted, others affected production. In some of the attacks reported in September and October 2021, the victim had to completely shut down production.Security Week
April 18, 2022
FBI, U.S. Treasury and CISA Warn of North Korean Hackers Targeting Blockchain Companies Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI) and the Treasury Department, warned of a new set of ongoing cyber attacks carried out by the Lazarus Group targeting blockchain companies. Calling the activity cluster TraderTraitor , the infiltrations involve the North Korean state-sponsored advanced persistent threat (APT) actor striking entities operating in the Web3.0 industry since at least 2020. Targeted organizations include cryptocurrency exchanges, decentralized finance (DeFi) protocols, play-to-earn cryptocurrency video games, cryptocurrency trading companies, venture capital funds investing in cryptocurrency, and individual holders of large amounts of cryptocurrency or valuable non-fungible tokens (NFTs). The attack chains commence with the threat actor reaching out to victims via different communication platforms to lure them into downloading weaponized cryptocurrency apps for Windows and macOS, subseThe Hacker News
April 18, 2022
CISA adds VMware, Chrome flaws to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
US CISA adds a VMware privilege escalation flaw and a Google Chrome type confusion issue to its Known Exploited Vulnerabilities Catalog. The Cybersecurity and Infrastructure Security Agency (CISA) added a VMware privilege escalation flaw (CVE-2022-22960)...Security Affairs
April 18, 2022
U.S. Cyber Command gives Congress $236M unfunded priorities wish list Full Text
Abstract
The wish list shared with Congress shows $236 million worth of unfunded priorities, including about $168 million to support its Cyber Mission Force, a group of 6,200 personnel charged with conducting offensive and defensive cyber operations.CyberScoop
April 15, 2022
CISA orders agencies to fix actively exploited VMware, Chrome bugs Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) has added nine more security flaws to its list of actively exploited bugs, including a VMware privilege escalation flaw and a Google Chrome zero-day that could be used for remote code execution.BleepingComputer
April 14, 2022
Cyberspace and War in Ukraine: Prepare for Worse Full Text
Abstract
Russia’s relatively weaker position within the global financial system has limited Putin’s punitive options in response to Western economic and financial sanctions. Cyberspace offers attractive alternative options for hackers and security planners in Moscow.Lawfare
April 14, 2022
US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices Full Text
Abstract
The US government agencies warned of threat actors that are targeting ICS and SCADA systems from various vendors. The Department of Energy (DOE), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal...Security Affairs
April 14, 2022
CISA adds Windows CLFS Driver Privilege Escalation flaw to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
The U.S. CISA added the CVE-2022-24521 Microsoft Windows CLFS Driver Privilege Escalation Vulnerability to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2022-24521 privilege...Security Affairs
April 14, 2022
FBI: Payment app users targeted in social engineering attacks Full Text
Abstract
Cybercriminals are attempting to trick American users of digital payment apps into making instant money transfers in social engineering attacks using text messages with fake bank fraud alerts.BleepingComputer
April 14, 2022
CISA Issues Warning About Malicious Tools Targeting ICS/SCADA Devices Full Text
Abstract
The advisory highlights that OPC Unified Architecture (OPC UA) servers and multiple versions of Programmable Logic Controllers (PLCs) from Schneider Electric, and OMRON are vulnerable to such attacks.Cyware Alerts - Hacker News
April 14, 2022
FBI links largest crypto hack ever to North Korean hackers Full Text
Abstract
The Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned the address that received the cryptocurrency stolen in the largest cryptocurrency hack ever, the hack of Axie Infinity's Ronin network bridge.BleepingComputer
April 14, 2022
FBI Memphis Field Office Warns of Increase in Sextortion Schemes Targeting Teenage Boys Full Text
Abstract
The FBI is receiving an increasing number of reports of adults posing as age-appropriate females coercing young boys through social media to produce sexual images and videos and then extorting money from them.FBI
April 13, 2022
CISA warns orgs to patch actively exploited Windows LPE bug Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) has added ten new security bugs to its list of actively exploited vulnerabilities, including a high severity local privilege escalation bug in the Windows Common Log File System Driver.BleepingComputer
April 13, 2022
CISA Warns Against Russian Hackers Exploiting a Critical Bug Full Text
Abstract
The CISA issued an order urging federal civilian agencies and organizations to fix the actively exploited bug impacting WatchGuard Firebox and XTM appliances. Cyclops Blink, before getting disrupted, targeted nearly one percent WatchGuard Firebox firewall appliances with CVE-2022-23176 exploit ... Read MoreCyware Alerts - Hacker News
April 13, 2022
US warns of govt hackers targeting industrial control systems Full Text
Abstract
A joint cybersecurity advisory issued by CISA, NSA, FBI, and the Department of Energy (DOE) warns of government-backed hacking groups being able to hijack multiple industrial devices using a new ICS-focused malware toolkit.BleepingComputer
April 12, 2022
CISA adds WatchGuard flaw to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
The U.S. CISA added the CVE-2022-23176 flaw in WatchGuard Firebox and XTM appliances to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2022-23176 flaw in WatchGuard Firebox...Security Affairs
April 11, 2022
CISA warns orgs of WatchGuard bug exploited by Russian state hackers Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal civilian agencies and urged all US organizations on Monday to patch an actively exploited bug impacting WatchGuard Firebox and XTM firewall appliances.BleepingComputer
April 11, 2022
Lawmakers ask Energy Department to take point on sector digital security Full Text
Abstract
A bipartisan group of House and Senate lawmakers late last week urged the head of the U.S. Energy Department to take the lead in shaping the massive energy sector’s cybersecurity.The Record
April 06, 2022
Ukraine Warns of Cyber attack Aiming to Hack Users’ Telegram Messenger Accounts Full Text
Abstract
Ukraine's technical security and intelligence service is warning of a new wave of cyber attacks that are aimed at gaining access to users' Telegram accounts. "The criminals sent messages with malicious links to the Telegram website in order to gain unauthorized access to the records, including the possibility to transfer a one-time code from SMS," the State Service of Special Communication and Information Protection (SSSCIP) of Ukraine said in an alert. The attacks , which have been attributed to a threat cluster called "UAC-0094," originate with Telegram messages alerting recipients that a login had been detected from a new device located in Russia and urging the users to confirm their accounts by clicking on a link. The URL, in reality a phishing domain, prompts the victims to enter their phone numbers as well as the one-time passwords sent via SMS that are then used by the threat actors to take over the accounts. The modus operandi mirrors thatThe Hacker News
April 6, 2022
Australia to develop a data security framework Full Text
Abstract
The Australian Department of Home Affairs has commenced work on a new national data security action plan as part of the federal government's wider digital economy strategy.ZDNet
April 06, 2022
U.S. Treasury Department Sanctions Russia-based Hydra Darknet Marketplace Full Text
Abstract
The U.S. Treasury Department on Tuesday sanctioned Hydra, the same day German law enforcement authorities disrupted the world's largest and longest-running dark web marketplace following a coordinated operation in partnership with U.S. officials. The sanctions are part of an "international effort to disrupt proliferation of malicious cybercrime services, dangerous drugs, and other illegal offerings available through the Russia-based site," the Treasury Department said in a statement. Along with the sanctions, the Office of Foreign Assets Control (OFAC) disclosed a list of more than 100 virtual currency addresses that have been identified as associated with the entity's operations to conduct illicit transactions. The sanctions come as Germany's Federal Criminal Police Office shut down the online criminal marketplace that it said specialized in narcotics trade, seizing its servers and 543 bitcoins worth 23 million euros ($25.3 million). Hydra was a RussiThe Hacker News
April 05, 2022
CISA Warns of Active Exploitation of Critical Spring4Shell Vulnerability Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added the recently disclosed remote code execution (RCE) vulnerability affecting the Spring Framework, to its Known Exploited Vulnerabilities Catalog based on "evidence of active exploitation." The critical severity flaw, assigned the identifier CVE-2022-22965 (CVSS score: 9.8) and dubbed "Spring4Shell", impacts Spring model–view–controller (MVC) and Spring WebFlux applications running on Java Development Kit 9 and later. "Exploitation requires an endpoint with DataBinder enabled (e.g., a POST request that decodes data from the request body automatically) and depends heavily on the servlet container for the application," Praetorian researchers Anthony Weems and Dallas Kaman noted last week. Although exact details of in-the-wild abuse remain unclear, information security company SecurityScorecard said "active scanning for this vulnerability has been observed coming froThe Hacker News
April 3, 2022
Mar 27 – Apr 02 Ukraine – Russia the silent cyber conflict Full Text
Abstract
This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective. Apr 02 - Anonymous leaked 15 GB of data allegedly stolen from the Russian Orthodox Church Anonymous claims to have hacked...Security Affairs
April 1, 2022
Congress Invests in National Cyber Resilience but Misses Important Opportunities in the Consolidated Appropriations Act Full Text
Abstract
The new appropriations bill is sound overall, but it addresses only half of the federal government’s cybersecurity mandate.Lawfare
April 1, 2022
CISA adds Sophos firewall bug to Known Exploited Vulnerabilities Catalog Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Sophos firewall flaw and seven other issues to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)...Security Affairs
March 31, 2022
Russia warns of ‘grave consequences’ after U.S. reaffirms threat of sanctions over Ukraine Full Text
Abstract
President Biden reaffirmed the U.S. threat of new sanctions against Russia in case of an escalation or invasion, to which Putin responded with a warning of his own that such a U.S. move could lead to a complete rupture of ties.CBC
March 30, 2022
US national emergency extended due to elevated malicious cyber activity Full Text
Abstract
US President Joe Biden today has extended the state of national emergency declared to deal with increasingly prevalent and severe malicious cyber threats to the United States national security, foreign policy, and economy.BleepingComputer
March 30, 2022
House sends bipartisan cyber crime bill to Biden Full Text
Abstract
The House passed bipartisan cybersecurity legislation on Tuesday that would improve the way the federal government tracks, measures and analyzes cyber crime.The Hill
March 30, 2022
CISA and DoE warns of attacks targeting UPS devices Full Text
Abstract
The US CISA and the Department of Energy issued guidance on mitigating attacks against uninterruptible power supply (UPS) devices. The US Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy published joint guidance...Security Affairs
March 30, 2022
Singapore, US to establish dialogue to strengthen cooperation in cybersecurity Full Text
Abstract
The United States-Singapore Cyber Dialogue, as it is called, will bring together senior government officials from the cyber operational, technical, and policy units of various agencies on both sides.Channel News Asia
March 29, 2022
CISA Warns of Ongoing Cyber Attacks Targeting Internet-Connected UPS Devices Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy (DoE) are jointly warning of attacks against internet-connected uninterruptible power supply (UPS) devices by means of default usernames and passwords. "Organizations can mitigate attacks against their UPS devices, which provide emergency power in a variety of applications when normal power sources are lost, by removing management interfaces from the internet," the agencies said in a bulletin published Tuesday. UPS devices, in addition to offering power backups in mission-critical environments, are also equipped with an internet of things (IoT) capability, enabling the administrators to carry out power monitoring and routine maintenance. But as is often the case, such features can also open the door to malicious attacks. To mitigate against such threats, CISA and DoE are advising organizations to enumerate and disconnect all UPS systems from the internet and gate them behind aThe Hacker News
March 29, 2022
Russia accuses US of leading massive cyber campaign Full Text
Abstract
Russia's Ministry of Foreign Affairs on Tuesday accused the U.S. of attacking the country's critical infrastructure and network systems in a massive cyberattack, claims the U.S. government has called false and part of Russia's disinformation campaign.The Hill
March 29, 2022
CISA adds Chrome, Redis bugs to the Known Exploited Vulnerabilities Catalog Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Chrome and Redis flaws to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chome zero-day (CVE-2022-1096)...Security Affairs
March 29, 2022
FBI warns election officials of credential phishing attacks Full Text
Abstract
The Federal Bureau of Investigation (FBI) warned US election officials on Tuesday of an ongoing and widespread phishing campaign trying to steal their credentials since at least October 2021.BleepingComputer
March 29, 2022
CISA warns of attacks targeting Internet-connected UPS devices Full Text
Abstract
In a joint advisory with the Department of Energy, the Cybersecurity and Infrastructure Security Agency (CISA) warned U.S. organizations today to secure Internet-connected UPS devices from ongoing attacks.BleepingComputer
March 28, 2022
CISA warns orgs to patch actively exploited Chrome, Redis bugs Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal civilian agencies to patch a Google Chome zero-day and a critical Redis vulnerability actively exploited in the wild within the next three weeks.BleepingComputer
March 27, 2022
CISA adds 66 new flaws to the Known Exploited Vulnerabilities Catalog Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) added 66 new flaws to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added 15 vulnerabilities to its Known Exploited...Security Affairs
March 26, 2022
FCC Adds Kaspersky and Chinese Telecom Firms to National Security Threat List Full Text
Abstract
The U.S. Federal Communications Commission (FCC) on Friday moved to add Russian cybersecurity company Kaspersky Lab to the " Covered List " of companies that pose an "unacceptable risk to the national security" of the country. The development marks the first time a Russian entity has been added to the list that's been otherwise dominated by Chinese telecommunications firms. Also added alongside Kaspersky were China Telecom (Americas) Corp and China Mobile International USA. The block list includes information security products, solutions, and services supplied, directly or indirectly, by the company or any of its predecessors, successors, parents, subsidiaries, or affiliates. The FCC said the decision was made pursuant to a Binding Operational Directive (BOD) issued by the Department of Homeland Security on September 11, 2017 that barred federal agencies from using Kaspersky-branded products in their information systems. The security services provider,The Hacker News
March 26, 2022
FCC adds Kaspersky to Covered List due to unacceptable risks to national security Full Text
Abstract
The Federal Communications Commission (FCC) added Kaspersky to its Covered List because it poses unacceptable risks to U.S. national security. The Federal Communications Commission (FCC) added multiple Kaspersky products and services to its Covered...Security Affairs
March 26, 2022
New Advisory Released by the CISA, the FBI, and the DOE on Russia Threat Activity Against Energy Sector Organizations Full Text
Abstract
This joint Cybersecurity Advisory coauthored by the CISA, the FBI, and the DOE provides information on multiple intrusion campaigns conducted by state-sponsored Russian cyber actors from 2011 to 2018 against Energy Sector organizations.US CERT
March 25, 2022
US officials say Russia behind hack of Ukrainian satellite communications at invasion start: report Full Text
Abstract
The Russian military spy service, the GRU, was behind a hack that affected the Ukrainian military’s communications at the start of Russia's invasion into the country, U.S. intelligence analysts say, The Washington Post reported, citing U.S. officials familiar.The Hill
March 25, 2022
Chinese threat actor Scarab targets Ukraine, CERT-UA warns Full Text
Abstract
Ukraine CERT (CERT-UA) released details about a campaign that SentinelLabs linked with the suspected Chinese threat actor tracked as Scarab. Ukraine CERT (CERT-UA) published technical details about a malicious activity tracked as UAC-0026, which SentinelLabs...Security Affairs
March 23, 2022
FBI warns of growing risks of Russia-linked attacks on US energy firms Full Text
Abstract
The FBI is warning of risks related to cyber attacks aimed at energy companies of Russia-linked threat actors. The FBI is warning energy companies of the risks of cyber attacks carried out by Russia-linked threat actors, reported The Associated Press. The...Security Affairs
March 23, 2022
FBI ‘concerned’ about possible Russian cyberattacks on critical infrastructure Full Text
Abstract
FBI Director Christopher Wray on Tuesday warned the private sector to prepare for potential cyberattacks, saying U.S. agents were "particularly focused on the destructive cyber threat" from Russian agents.The Hill
March 23, 2022
FBI Warns of Growing Russian Hacking Activity Targeting US Energy Firms Full Text
Abstract
The FBI advisory shares 140 internet protocol, or IP, addresses that it says have been associated with the scanning of critical infrastructure in the U.S. since at least March 2021.Security Week
March 22, 2022
Hillicon Valley — Biden’s child privacy call gets backers Full Text
Abstract
Today is Tuesday. Welcome to Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Subscribe here.The Hill
March 22, 2022
White House shares checklist to counter Russian cyberattacks Full Text
Abstract
The White House is urging U.S. organizations to shore up their cybersecurity defenses after new intelligence suggests that Russia is preparing to conduct cyberattacks in the near future.BleepingComputer
March 22, 2022
U.S. Government Warns Companies of Potential Russian Cyber Attacks Full Text
Abstract
The U.S. government on Monday once again cautioned of potential cyber attacks from Russia in retaliation for economic sanctions imposed by the west on the country following its military assault on Ukraine last month. "It's part of Russia's playbook," U.S. President Joe Biden said in a statement , citing "evolving intelligence that the Russian Government is exploring options." The development comes as the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned of "possible threats" to U.S. and international satellite communication (SATCOM) networks in the wake of a cyber attack targeting Viasat KA-SAT network , used extensively by the Ukrainian military, roughly around the time when Russian armed forces invaded Ukraine on February 24. "Successful intrusions into SATCOM networks could create risk in SATCOM network providers' customer environments," the agencies said . TThe Hacker News
March 21, 2022
White House warns Russia prepping possible cyberattacks against US Full Text
Abstract
The White House on Monday urged private companies to bolster their cyber defenses, citing evolving intelligence suggesting the Russian government is exploring “options for potential cyberattacks” targeting U.S. critical infrastructure.The Hill
March 21, 2022
White House Statement and Briefing on Nation’s Cybersecurity Full Text
Abstract
President Biden's statement warns U.S. companies to prepare for possible Russian cyberattacks.Lawfare
March 20, 2022
Mar 13- Mar 19 Ukraine – Russia the silent cyber conflict Full Text
Abstract
This post provides a timeline of the events related to the Russia invasion of Ukraine from the cyber security perspective. Below is the timeline of the events related to the previous weeks: March 18 - China-linked threat actors are targeting the government...Security Affairs
March 20, 2022
EU and US agencies warn that Russia could attack satellite communications networks Full Text
Abstract
FBI, CISA, and the European Union Aviation Safety Agency (EASA) warn of possible threats to international satellite communication (SATCOM) networks. Satellite communication (SATCOM) networks are critical infrastructure for modern society, US and EU agencies...Security Affairs
March 19, 2022
FBI: Avoslocker ransomware targets US critical infrastructure Full Text
Abstract
The Federal Bureau of Investigation (FBI) warns of AvosLocker ransomware being used in attacks targeting multiple US critical infrastructure sectors.BleepingComputer
March 17, 2022
CISA, FBI warn US critical orgs of threats to SATCOM networks Full Text
Abstract
CISA and the FBI warned US critical infrastructure organizations of potential threats targeting satellite communication (SATCOM) networks in the US and worldwide.BleepingComputer
March 17, 2022
Dev Sabotages Popular NPM Package to Protest Russian Invasion Full Text
Abstract
In the latest software supply-chain attack, the code maintainer added malicious code to the hugely popular node-ipc library to replace files with a heart emoji and a peacenotwar module.Threatpost
March 17, 2022
Russian ministry says it’s ‘recording unprecedented attacks’ on government websites Full Text
Abstract
Russia’s digital development and communications ministry said in a statement on Thursday it is “recording unprecedented attacks” on government websites and state-run news outlets amid Russia’s invasion in Ukraine, The Washington Post reported.The Hill
March 16, 2022
CISA adds 15 new flaws to the Known Exploited Vulnerabilities Catalog Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) added 15 new flaws to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added 15 vulnerabilities to its Known Exploited...Security Affairs
March 16, 2022
CISA adds 15 vulnerabilities to list of flaws exploited in attacks Full Text
Abstract
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added fifteen additional flaws to its list of actively exploited vulnerabilities known to be used in cyberattacks.BleepingComputer
March 15, 2022
Cyberattacks Against Israeli Government Sites: ‘Largest in the Country’s History’ Full Text
Abstract
DDoS attacks against Israel telecom companies took down government sites, sparking a temporary state of emergency.Threatpost
March 15, 2022
Ukraine claims to have arrested ‘hacker’ helping Russians Full Text
Abstract
The Security Service of Ukraine (SSU) claimed on Tuesday that a “hacker” who had assisted Russia had been detained by officials.The Hill
March 15, 2022
FBI warns of MFA flaw used by state hackers for lateral movement Full Text
Abstract
The FBI says Russian state-backed hackers gained access to a non-governmental organization (NGO) cloud after enrolling their own device in the organization's Duo MFA following the exploitation of misconfigured default multifactor authentication (MFA) protocols.BleepingComputer
March 15, 2022
German government advises against using Kaspersky antivirus Full Text
Abstract
BSI, the federal cybersecurity authority in Germany, has issued a public statement to warn critical entities in the country against using Kaspersky antivirus software products.BleepingComputer
March 14, 2022
Intel chair ‘amazed’ Russia hasn’t launched full-scale cyberwarfare Full Text
Abstract
Sen. Mark Warner (D-Va.), chairman of the Senate Intelligence Committee, said on Monday he was surprised Russia hasn’t launched more destructive cyberattacks against Ukraine and the West despite having the capability to do so.The Hill
March 14, 2022
Bipartisan group of senators press Mayorkas on US readiness for Russian cyberthreat Full Text
Abstract
A bipartisan group of senators is pressing Homeland Security Secretary Alejandro Mayorkas on the U.S.’s readiness for Russian cyberattacks amid Moscow’s invasion of Ukraine.The Hill
March 13, 2022
Mar 06- Mar 12 Ukraine – Russia the silent cyber conflict Full Text
Abstract
This post provides a timeline of the events related to the Russia invasion of Ukraine from the cyber security perspective. March 12 - Russian Internet watchdog Roskomnadzor is going to ban Instagram Russian Internet watchdog Roskomnadzor is going...Security Affairs
March 12, 2022
Russian Internet watchdog Roskomnadzor is going to ban Instagram Full Text
Abstract
Russian Internet watchdog Roskomnadzor is going to ban Instagram in Russia to prevent the spreading of info related to the Ukraine invasion. Russia will ban Instagram, the decision was announced by Russian Internet watchdog Roskomnadzor. Officially...Security Affairs
March 11, 2022
Spending bill includes large funding increase to boost cybersecurity Full Text
Abstract
The government funding bill sent to President Biden includes a surge in funding to the agency that oversees the nation’s cybersecurity infrastructure and includes language that requires companies in critical sectors to alert the government of potential hacks.The Hill
March 11, 2022
Russian Pushing New State-run TLS Certificate Authority to Deal With Sanctions Full Text
Abstract
The Russian government has established its own TLS certificate authority ( CA ) to address issues with accessing websites that have arisen in the wake of sanctions imposed by the west following the country's unprovoked military invasion of Ukraine. According to a message posted on the Gosuslugi public services portal, the Ministry of Digital Development is expected to provide a domestic replacement to handle the issuance and renewal of TLS certificates should they get revoked or expired. The service is offered to all legal entities operating in Russia, with the certificates delivered to site owners upon request within 5 working days. TLS certificates are used to digitally bind a cryptographic key to an organization's details, enabling web browsers to confirm the domain's authenticity and ensure that the communication between a client computer and the target website is secure. The proposal comes as companies like DigiCert have been restricted from doing business inThe Hacker News
March 10, 2022
CISA added 98 domains to the joint alert related to Conti ransomware gang Full Text
Abstract
The U.S. CISA has updated the alert on Conti ransomware and added 98 domain names used by the criminal gang. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated the alert on Conti ransomware operations, the agency added 100 domain...Security Affairs
March 10, 2022
Conti Uses New Domains After Recent Code Leaks - Warns CISA Full Text
Abstract
The notoriety of the Conti ransomware group has come under the spotlight as the CISA shared an alert with IoCs consisting of close to 100 domain names. Organizations should follow mitigation strategies and recommendations provided in the alert. Besides, security admins can use provided IOCs for bet ... Read MoreCyware Alerts - Hacker News
March 10, 2022
Russia creates its own TLS certificate authority to bypass sanctions Full Text
Abstract
Russia has created its own trusted TLS certificate authority (CA) to solve website access problems that have been piling up after sanctions prevent certificate renewals.BleepingComputer
March 09, 2022
CISA updates Conti ransomware alert with nearly 100 domain names Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated the alert on Conti ransomware with indicators of compromise (IoCs) consisting of close to 100 domain names used in malicious operations.BleepingComputer
March 9, 2022
Ragnar Locker Breached 52 Organizations and Counting, FBI Warns Full Text
Abstract
The FBI issued an alert about the Ragnar Locker ransomware group that has claimed 52 entities as its victims across 10 critical infrastructure sectors in the U.S, so far. The IOCs in the alert has information from Bitcoin addresses where hackers collect the ransom to the email addresses of operator ... Read MoreCyware Alerts - Hacker News
March 09, 2022
US Treasury: Russia may bypass sanctions using ransomware payments Full Text
Abstract
The Treasury Department's Financial Crimes Enforcement Network (FinCEN) warned U.S. financial institutions this week to keep an eye out for attempts to evade sanctions and US-imposed restrictions following Russia's invasion of Ukraine.BleepingComputer
March 08, 2022
Angry Putin set to ‘double down’ in Ukraine, intel chiefs warn lawmakers Full Text
Abstract
Intelligence experts Tuesday painted a picture of an increasingly determined Vladimir Putin set to “double down” on his invasion of Ukraine despite being ill-prepared for the consequences to Russia’s economy and with little prospect for long-term success.The Hill
March 8, 2022
U.S. Cyber Command’s Annual Legal Conference Full Text
Abstract
A very timely opportunity: Cyber Command’s annual legal conference is online for all to see this Thursday, March 10, 2022.Lawfare
March 8, 2022
FBI Warns of the Impersonation of Law Enforcement and Government Officials Full Text
Abstract
The FBI is warning of ongoing widespread fraud schemes in which scammers impersonate law enforcement or government officials in attempts to extort money or steal personally identifiable information.IC3
March 8, 2022
CISA Adds 95 Flaws to Its Catalog, Urges For Quick Action Full Text
Abstract
The CISA added more than 60 flaws affecting Cisco and Microsoft products. All the Cisco vulnerabilities are rated critical as they can be abused by cybercriminals to run arbitrary code and for privilege escalation. Most vulnerabilities have a due date of March 24. The cybersecurity agency recommend ... Read MoreCyware Alerts - Hacker News
March 8, 2022
CISA urges to fix actively exploited Firefox zero-days by March 21 Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added recently disclosed Firefox zero-days to its Known Exploited Vulnerabilities Catalog. The Cybersecurity and Infrastructure Security Agency (CISA) added two critical security...Security Affairs
March 08, 2022
CISA: Patch actively exploited Firefox zero-days until March 21st Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal civilian agencies to patch two critical Firefox security vulnerabilities exploited in attacks within the next two weeks.BleepingComputer
March 07, 2022
US, Spain join forces in cyberwarfare amid Russia-Ukraine war Full Text
Abstract
The U.S. is partnering up with fellow NATO member Spain to fight cyberattacks in the wake of Russia’s invasion of Ukraine.The Hill
March 07, 2022
FBI: Govt officials impersonated in widespread extortion schemes Full Text
Abstract
Scammers are impersonating government officials and law enforcement in active and rampant extortion schemes targeting Americans' money or personally identifiable information (PII).BleepingComputer
March 04, 2022
Hillicon Valley — Tech moves to deplatform Russian state media Full Text
Abstract
Today is Friday. Welcome to Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Subscribe here: thehill.com/newsletter-signup.The Hill
March 4, 2022
Russian watchdog Roskomnadzor also blocked Facebook in Russia Full Text
Abstract
State communications watchdog Roskomnadzor has ordered to block access to Facebook in Russia amid the ongoing invasion of Ukraine. State communications watchdog Roskomnadzor ordered to block access to Facebook over its decision to ban Russian media...Security Affairs
March 04, 2022
White House sides with Congress over contentious cyber bill Full Text
Abstract
The White House has endorsed a cyber bill that has divided members of the Biden administration and Senate lawmakers.The Hill
March 4, 2022
CISA adds 95 flaws to the Known Exploited Vulnerabilities Catalog Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added 95 vulnerabilities to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added 95 vulnerabilities to its Known...Security Affairs
March 04, 2022
Ukraine to join NATO intel-sharing cyberdefense hub Full Text
Abstract
While Ukraine is yet to become a member of the North Atlantic Treaty Organization (NATO), the country has been accepted as a contributing participant to the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE).BleepingComputer
March 4, 2022
Russia-Ukraine, who are the soldiers that crowd cyberspace? Full Text
Abstract
While Russia is invading Ukraine, multiple forces are joining in the conflict, especially in the cyber space, let's analyze them The analysis of the current scenario in cyberspace is not easy due to the presence of multiple threat actors and the difficulty...Security Affairs
March 04, 2022
CISA warns organizations to patch 95 actively exploited bugs Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added 95 vulnerabilities to its list of actively exploited security issues, the largest number since issuing the binding operational directive (BOD) last year.BleepingComputer
March 03, 2022
DOJ officials criticize Senate-passed cyber bill Full Text
Abstract
Senior officials at the Department of Justice (DOJ) have knocked a Senate-passed cybersecurity bill as having “serious flaws,” criticizing it over a lack of direct reporting to the FBI.The Hill
March 3, 2022
US Senate approves cyber incident reporting bill amid worries about Russian threats Full Text
Abstract
The cyber incident reporting bill would mandate that critical infrastructure operations alert the DHS within 72 hours of a hack and 24 hours if the organization made a ransomware payment.The Record
March 02, 2022
Senate passes cybersecurity bill amid fears of Russian cyberattacks Full Text
Abstract
The Senate unanimously passed cybersecurity legislation on Tuesday that would require companies in critical sectors to alert the government of potential hacks or ransomware.The Hill
March 2, 2022
A cyberattack on Russian satellites is an act of war, the invasion of Ukraine no Full Text
Abstract
Russia considers it legitimate to invade another country but warns it will consider cyberattacks on its satellites an act of war. Anonymous and the numerous hacker groups that declared war on Russia continue to target Russian government entities and private...Security Affairs
March 02, 2022
Russian space agency says hacking satellites is an act of war Full Text
Abstract
Russia will consider any cyberattacks targeting Russian satellite infrastructure an act of war, as the country's space agency director said in a TV interview.BleepingComputer
March 1, 2022
CISA and FBI warn of potential data wiping attacks spillover Full Text
Abstract
US CISA and the FBI warned US organizations that data wiping attacks targeting Ukraine entities could spill over to targets worldwide. The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) published...Security Affairs
February 28, 2022
CISA Warns of High-Severity Flaws in Schneider and GE Digital’s SCADA Software Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) last week published an industrial control system ( ICS ) advisory related to multiple vulnerabilities impacting Schneider Electric's Easergy medium voltage protection relays. "Successful exploitation of these vulnerabilities may disclose device credentials, cause a denial-of-service condition, device reboot, or allow an attacker to gain full control of the relay," the agency said in a bulletin on February 24, 2022. "This could result in loss of protection to your electrical network." The two high-severity weaknesses impact Easergy P3 versions prior to v30.205 and Easergy P5 versions before v01.401.101. Details of the flaws are as follows – CVE-2022-22722 (CVSS score: 7.5) – Use of hardcoded credentials that could be abused to observe and manipulate traffic associated with the device. CVE-2022-22723 and CVE-2022-22725 (CVSS score: 8.8) – A buffer overflow vulnerability that could resuThe Hacker News
February 28, 2022
CISA and FBI warn of potential data wiping attacks spillover Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned US organizations that data wiping attacks targeting Ukraine could spill over to targets from other countries.BleepingComputer
February 27, 2022
Feb 7- Feb 27 Ukraine – Russia the silent cyber conflict Full Text
Abstract
This post provides a timeline of the events related to the Russia invasion of Ukraine from the cyber security perspective. Below is the timeline of Russia - Ukraine cyber dispute February 27 - Ukraine: Volunteer IT Army is going to hit tens of Russian...Security Affairs
February 27, 2022
Ukraine: Volunteer IT Army is going to hit tens of Russian targets from this list Full Text
Abstract
Ukraine is recruiting a volunteer IT army composed of white hat hackers to launch attacks on a list of Russian entities. Ukraine is recruiting a volunteer IT army of cyber security experts and white hat hackers to launch cyberattacks on a list of Russian...Security Affairs
February 26, 2022
Cyber officials urge agencies to armor up for potential Russian attacks Full Text
Abstract
U.S. cybersecurity officials are urging federal agencies and large organizations to remain vigilant against the threat of Russian cyberattacks amid the country’s ongoing invasion of Ukraine.The Hill
February 26, 2022
Ukraine recruits “IT Army” to hack Russian entities, lists 31 targets Full Text
Abstract
Ukraine is recruiting a volunteer "IT army" of security researchers and hackers to conduct cyberattacks on thirty-one Russian entities, including government agencies, critical infrastructure, and banks.BleepingComputer
February 26, 2022
Russia restricts Twitter in the country amid conflict with Ukraine Full Text
Abstract
Global internet monitor working group NetBlocks reported that Twitter has been restricted in Russia amid conflict with Ukraine. Global internet monitor working organization NetBlocks shared its metrics confirming the restriction of Twitter in Russia...Security Affairs
February 26, 2022
UK’s NHS Digital warns of an RCE in Okta Advanced Server Access client Full Text
Abstract
The UK's NHS Digital agency warns of an RCE in the Windows client for the Okta Advanced Server Access authentication management platform. The UK's NHS Digital agency published a security advisory to warn organizations of a remote code execution flaw,...Security Affairs
February 25, 2022
Ukraine calls on independent hackers to defend against Russia, Russian underground responds Full Text
Abstract
While Ukraine calls for hacker underground to defend against Russia, ransomware gangs make their moves. Ukraine's government is asking for volunteers from the hacker underground to provide their support in protecting critical infrastructure and carry...Security Affairs
February 25, 2022
Putin Warns Russian Critical Infrastructure to Brace for Potential Cyber Attacks Full Text
Abstract
The Russian government on Thursday warned of cyber attacks aimed at domestic critical infrastructure operators, as the country's full-blown invasion of Ukraine enters the second day. In addition to cautioning of the "threat of an increase in the intensity of computer attacks," Russia's National Computer Incident Response and Coordination Center said that the "attacks can be aimed at disrupting the functioning of important information resources and services, causing reputational damage, including for political purposes." "Any failure in the operation of [critical information infrastructure] objects due to a reason that is not reliably established, first of all, should be considered as the result of a computer attack," the agency added. Furthermore, it notified of possible influence operations undertaken to "form a negative image of the Russian Federation in the eyes of the world community," echoing a similar alert released by the UThe Hacker News
February 25, 2022
NHS urges orgs to apply security update for Okta Client RCE bug Full Text
Abstract
The UK's NHS Digital agency is warning organizations to apply new security updates for a remote code execution vulnerability in the Windows client for the Okta Advanced Server Access authentication management platform.BleepingComputer
February 25, 2022
CISA warns of actively exploited vulnerabilities in Zabbix servers Full Text
Abstract
A notification from the U.S. Cybersecurity Infrastructure and Security Agency (CISA) warns that threat actors are exploiting vulnerabilities in the Zabbix open-source tool for monitoring networks, servers, virtual machines, and cloud services.BleepingComputer
February 24, 2022
CISA adds two Zabbix flaws to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
US CISA added two flaws impacting Zabbix infrastructure monitoring tool to its Known Exploited Vulnerabilities Catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added two new vulnerabilities impacting the Zabbix infrastructure...Security Affairs
February 24, 2022
Top US senator warns Putin cyberattacks could trigger bigger war Full Text
Abstract
The recent DDoS attacks in Ukraine were significant, but nowhere near the scale of the massive Russian cyberattacks U.S. officials fear could stop communications and shut down critical infrastructure.Axios
February 24, 2022
CISA Alerts on Actively Exploited Flaws in Zabbix Network Monitoring Platform Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of two security flaws impacting Zabbix open-source enterprise monitoring platform, adding them to its Known Exploited Vulnerabilities Catalog . On top of that, CISA is also recommending that Federal Civilian Executive Branch (FCEB) agencies patch all systems against the vulnerabilities by March 8, 2022 to reduce their exposure to potential cyberattacks. Tracked as CVE-2022-23131 (CVSS score: 9.8) and CVE-2022-23134 (CVSS score: 5.3), the shortcomings could lead to the compromise of complete networks, enabling a malicious unauthenticated actor to escalate privileges and gain admin access to the Zabbix Frontend as well as make configuration changes. Thomas Chauchefoin from SonarSource has been credited with discovering and reporting the two flaws, which affect Zabbix Web Frontend versions up to and including 5.4.8, 5.0.18 and 4.0.36. The issues have since been addressed in versThe Hacker News
February 23, 2022
CISA Warns of Attacks Exploiting Recent Vulnerabilities in Zabbix Monitoring Tool Full Text
Abstract
Tracked as CVE-2022-23131 and CVE-2022-23134, the two flaws could be exploited to bypass authentication and gain admin privileges, which could then allow an attacker to execute arbitrary commands.Security Week
February 23, 2022
USA to attack bad cyber actors if it protects victims Full Text
Abstract
The DoJ has revealed new policies that may see it undertake pre-emptive action against cyber threats. Such actions will be undertaken if the DoJ feels that action can reduce risks for victims.The Register
February 22, 2022
Cybersecurity Tools Lie Unused in Federal Agencies’ Toolboxes Full Text
Abstract
Many federal agencies have existing authority that could be leveraged to improve the cybersecurity of private actors under their jurisdiction.Lawfare
February 19, 2022
Russia denies accusations of false flag operation, cyber attacks on Ukraine Full Text
Abstract
Russia denied it was responsible for cyber attacks on Ukrainian banks and the country's Ministry of Defense and accusations that it is looking for a pretext to invade Ukraine.The Hill
February 19, 2022
CISA compiles list of free cybersecurity tools and services Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a list of free cybersecurity services and tools to help organizations increase their security capabilities and better defend against cyberattacks.BleepingComputer
February 19, 2022
Justice Department Appoints First Director of National Cryptocurrency Enforcement Team Full Text
Abstract
The U.S. Department of Justice (DoJ) earlier this week appointed Eun Young Choi to serve as the first Director of the National Cryptocurrency Enforcement Team (NCET) it established last year. The NCET was created to tackle the criminal misuse of cryptocurrencies and digital assets," with a focus on illegal activities in virtual currency exchanges, mixing and tumbling services, and money laundering infrastructure actors to fuel cyberattacks and ransomware and extortion schemes. "The NCET will serve as the focal point for the department's efforts to tackle the growth of crime involving [digital assets and distributed ledger] technologies," said Assistant Attorney General Kenneth A. Polite Jr. of the Justice Department's Criminal Division. Separately, the Federal Bureau of Investigation (FBI) said it's launching a new effort of its own called the Virtual Asset Exploitation Unit (VAXU) dedicated to tracking and seizing illicit cryptocurrencies as part oThe Hacker News
February 19, 2022
CISA warns of hybrid operations threat to US critical infrastructure Full Text
Abstract
CISA urged leaders of U.S. critical infrastructure organizations on Friday to increase their orgs' resilience against a growing risk of being targeted by foreign influence operations using misinformation, disinformation, and malformation (MDM) tactics.BleepingComputer
February 19, 2022
White House and UK Gov attribute DDoS attacks on Ukraine to Russia’s GRU Full Text
Abstract
The White House has linked the recent DDoS attacks against Ukraine 's banks and defense agencies to Russia's GRU. The White House has linked the recent DDoS attacks that took offline the sites of banks and defense agencies of Ukraine to Russia's Main...Security Affairs
February 19, 2022
US, Britain Accuse Russia of Cyberattacks Targeting Ukraine Full Text
Abstract
The White House blamed Russia for this week’s cyberattacks targeting Ukraine’s defense ministry and major banks and warned of the potential for more significant disruptions in the days ahead.Security Week
February 18, 2022
White House says Russia behind cyberattack on banks, ministry in Ukraine Full Text
Abstract
The Biden administration believes Russian government hackers were behind cyberattacks targeting Ukraine’s Ministry of Defense and banks in Ukraine earlier this week, a top White House official said Friday.The Hill
February 18, 2022
U.S. Cybersecurity Agency Publishes List of Free Security Tools and Services Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday published a repository of free tools and services to enable organizations to mitigate, detect, and respond effectively to malicious attacks and further improve their security posture. The " Free Cybersecurity Services and Tools " resource hub comprises a mix of services provided by CISA, open-source utilities, and other implements offered by private and public sector organizations across the cybersecurity community. "Many organizations, both public and private, are target rich and resource poor," CISA Director, Jen Easterly, said in a statement. "The resources on this list will help such organizations improve their security posture, which is particularly critical in the current heightened threat environment." The tools catalog is the latest in a string of initiatives launched by CISA to combat cyber threats and help organizations adopt foundational measures to maximize resiliThe Hacker News
February 17, 2022
Hillicon Valley — FBI forms crypto unit Full Text
Abstract
Today is Thursday. Welcome to Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Subscribe here: thehill.com/newsletter-signup.The Hill
February 17, 2022
FBI Warns of Increase in Fraudulent Payments Due to BEC Scams Full Text
Abstract
The FBI said it had seen an increase in the use of virtual meeting platforms as a way to trick organizations into sending payments to the wrong accounts as part of a type of attack known as BEC scams.The Record
February 16, 2022
U.S. Says Russian Hackers Stealing Sensitive Data from Defense Contractors Full Text
Abstract
State-sponsored actors backed by the Russian government regularly targeted the networks of several U.S. cleared defense contractors (CDCs) to acquire proprietary documents and other confidential information pertaining to the country's defense and intelligence programs and capabilities. The sustained espionage campaign is said to have commenced at least two years ago from January 2020, according to a joint advisory published by the U.S. Federal Bureau of Investigation (FBI), National Security Agency (NSA), and Cybersecurity and Infrastructure Security Agency (CISA). "These continued intrusions have enabled the actors to acquire sensitive, unclassified information, as well as CDC-proprietary and export-controlled technology," the agencies said . "The acquired information provides significant insight into U.S. weapons platforms development and deployment timelines, vehicle specifications, and plans for communications infrastructure and information technology."The Hacker News
February 16, 2022
CISA Identifies Next Set of Actively Exploited Vulnerabilities Full Text
Abstract
The CISA has added more flaws in its catalog of known exploited vulnerabilities. They were found in products of top tech giants, such as Microsoft, Oracle, Apache, and Apple. Also, there are some priority ones, for which the CISA has asked FCEB agencies to patch the vulnerabilities within February. ... Read MoreCyware Alerts - Hacker News
February 16, 2022
Hillicon Valley — Senators introduce online kids’ safety bill Full Text
Abstract
Today is Wednesday. Welcome to Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Subscribe here: thehill.com/newsletter-signup.The Hill
February 16, 2022
Cybersecurity Advisory on Russian Cyber Actors Targeting U.S. Contractors Full Text
Abstract
Over the past two years, Russian state-sponsored cyber actors have been targeting U.S. cleared defense contractors.Lawfare
February 16, 2022
Ukraine says Russia likely to blame for cyberattack Full Text
Abstract
Ukrainian officials blamed Russia for the Tuesday cyberattack that hit the country's defense ministry and at least two banks.The Hill
February 16, 2022
CISA added 9 new flaws to the Known Exploited Vulnerabilities Catalog, including Magento e Chrome bugs Full Text
Abstract
The U.S. CISA added to the Known Exploited Vulnerabilities Catalog another 9 security flaws actively exploited in the wild. US Cybersecurity and Infrastructure Security Agency (CISA) added nine new vulnerabilities to its Known Exploited Vulnerabilities...Security Affairs
February 16, 2022
New Zealand government mandates bug reporting process for federal agencies Full Text
Abstract
In its latest security manual, the GCSB said agencies should establish a process that would allow members of the public to report potential software vulnerabilities or other security problems.The Daily Swig
February 15, 2022
CISA tells federal agencies to patch actively exploited Chrome, Magento bugs Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) has added nine new flaws to its collection of actively exploited vulnerabilities, including two recently patched zero-days impacting Google Chrome and Adobe Commerce/Magento Open Source.BleepingComputer
February 15, 2022
CISA tells agencies to patch actively exploited Chrome, Magento bugs Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) has added nine new flaws to its collection of actively exploited vulnerabilities, including two recently patched zero-days impacting Google Chrome and Adobe Commerce/Magento Open Source.BleepingComputer
February 15, 2022
Experts Warn of Hacking Group Targeting Aviation and Defense Sectors Full Text
Abstract
Entities in the aviation, aerospace, transportation, manufacturing, and defense industries have been targeted by a persistent threat group since at least 2017 as part of a string of spear-phishing campaigns mounted to deliver a variety of remote access trojans (RATs) on compromised systems. The use of commodity malware such as AsyncRAT and NetWire, among others, has led enterprise security firm Proofpoint to a "cybercriminal threat actor" codenamed TA2541 that employs "broad targeting with high volume messages." The ultimate objective of the intrusions is unknown as yet. Social engineering lures used by the group does not rely on topical themes but rather leverages decoy messages related to aviation , logistics, transportation, and travel. That said, TA2541 did briefly pivot to COVID-19-themed lures in the spring of 2020, distributing emails concerning cargo shipments of personal protective equipment (PPE) or testing kits. "While TA2541 is consistent iThe Hacker News
February 14, 2022
European Central Bank tells banks to step up defences against nation-state attacks Full Text
Abstract
The European Central Bank is warning banks of possible Russia-linked cyber attack amid the rising crisis with Ukraine. The European Central Bank is warning banks of possible Russia-linked cyber attack amid the rising crisis with Ukraine and is inviting...Security Affairs
February 14, 2022
FTC warns VoIP providers: Share your robocall info or get sued Full Text
Abstract
The US Federal Trade Commission (FTC) said today that it will take legal action against Voice-over-Internet Protocol (VoIP) service providers who do not hand over information requested during robocall investigations.BleepingComputer
February 14, 2022
FBI: BlackByte ransomware breached US critical infrastructure Full Text
Abstract
The US Federal Bureau of Investigation (FBI) revealed that the BlackByte ransomware group has breached the networks of at least three organizations from US critical infrastructure sectors in the last three months.BleepingComputer
February 12, 2022
US cyber defense agency warns of possible Russian cyberattacks amid tensions Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a "Shields Up" alert for American organizations saying that U.S. systems could face Russian cyberattacks amid warnings from Biden administration officials that a Russian invasion of Ukraine could be imminent.The Hill
February 12, 2022
CISA, FBI, NSA warn of the increased globalized threat of ransomware Full Text
Abstract
CISA, FBI and NSA published a joint advisory warning of ransomware attacks targeting critical infrastructure organizations. Cybersecurity agencies from the U.K., the U.S. and Australia have published a joint advisory warning of an increased globalised...Security Affairs
February 11, 2022
CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
The U.S. CISA has added to the catalog of vulnerabilities another 15 security vulnerabilities actively exploited in the wild. The US Cybersecurity & Infrastructure Security Agency (CISA) has added fifteen more flaws to the Known Exploited...Security Affairs
February 11, 2022
CISA orders federal agencies to update iPhones until Feb 25th Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) has added a new flaw to its catalog of vulnerabilities exploited in the wild, an Apple WebKit remote code execution bug used to target iPhones, iPads, and Macs.BleepingComputer
February 11, 2022
CISA urges orgs to patch actively exploited Windows SeriousSAM bug Full Text
Abstract
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added to the catalog of vulnerabilities another 15 security issues actively used in cyberattacks.BleepingComputer
February 10, 2022
CISA, FBI, NSA Issue Advisory on Severe Increase in Ransomware Attacks Full Text
Abstract
Cybersecurity authorities from Australia, the U.K., and the U.S. have published a joint advisory warning of an increase in sophisticated, high-impact ransomware attacks targeting critical infrastructure organizations across the world in 2021. The incidents singled out a broad range of sectors, including defense, emergency services, agriculture, government facilities, IT, healthcare, financial services, education, energy, charities, legal institutions, and public services. "Ransomware tactics and techniques continued to evolve in 2021, which demonstrates ransomware threat actors' growing technological sophistication and an increased ransomware threat to organizations globally," the agencies said in the joint bulletin . Spear-phishing, stolen or brute-forced Remote Desktop Protocol (RDP) credentials, and exploitation of software flaws emerged as the top three initial infection vectors that were used to deploy ransomware on compromised networks, even as the criminalThe Hacker News
February 10, 2022
US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns Full Text
Abstract
The Federal Bureau of Investigation (FBI) warns of an escalation in SIM swap attacks that caused millions of losses. The Federal Bureau of Investigation (FBI) observed an escalation in SIM swap attacks aimed at stealing millions from the victims by hijacking...Security Affairs
February 10, 2022
US Federal Agencies Warn of Severe Increase in Ransomware Attacks Against Critical Infrastructure Full Text
Abstract
In 2021, cybersecurity authorities in the U.S., Australia, and the U.K observed an increase in sophisticated, high-impact ransomware incidents against critical infrastructure organizations globally.US CERT
February 9, 2022
CISA warns to address SAP ICMAD flaw immediately Full Text
Abstract
The US CISA warns to address a severe security vulnerability dubbed ICMAD impacting SAP business apps using ICM.. Internet Communication Manager Advanced Desync (ICMAD) is a memory pipes (MPI) desynchronization vulnerability tracked as CVE-2022-22536....Security Affairs
February 09, 2022
CISA warns admins to patch maximum severity SAP vulnerability Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) has warned admins to patch a set of severe security flaws dubbed ICMAD (Internet Communication Manager Advanced Desync) and impacting SAP business apps using Internet Communication Manager (ICM).BleepingComputer
February 9, 2022
FBI Received 1,600 SIM Swapping Complaints in 2021 Full Text
Abstract
The Federal Bureau of Investigation (FBI) this week announced that between 2018 and 2021 its Internet Crime Complaint Center (IC3) received more than 1,900 complaints related to SIM swapping.Security Week
February 09, 2022
FBI warns of criminals escalating SIM swap attacks to steal millions Full Text
Abstract
The Federal Bureau of Investigation (FBI) says criminals have escalated SIM swap attacks to steal millions by hijacking victims' phone numbers.BleepingComputer
February 8, 2022
FBI Issued Flash Alert on LockBit Ransomware Full Text
Abstract
The FBI released an alert containing technical details and IOCs associated with LockBit ransomware to restrict its action whenever spotted in a victim’s network. It also asked admins and cyber teams to share attack-related data, going forward. Follow the flash alert that offers defense tips to ... Read MoreCyware Alerts - Hacker News
February 06, 2022
CISA Orders Federal Agencies to Patch Actively Exploited Windows Vulnerability Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging federal agencies to secure their systems against an actively exploited security vulnerability in Windows that could be abused to gain elevated permissions on affected hosts. To that end, the agency has added CVE-2022-21882 (CVSS score: 7.0) to the Known Exploited Vulnerabilities Catalog , necessitating that Federal Civilian Executive Branch (FCEB) agencies patch all systems against this vulnerability by February 18, 2022. "These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise," CISA said in an advisory published last week. CVE-2022-21882 , which has been tagged with an "Exploitation More Likely" exploitability index assessment, concerns a case of elevation of privilege vulnerability affecting the Win32k component. The bug was addressed by Microsoft as part of its January 2022 Patch TuThe Hacker News
February 05, 2022
FBI shares Lockbit ransomware technical details, defense tips Full Text
Abstract
The Federal Bureau of Investigation (FBI) has released technical details and indicators of compromise associated with Lockbit ransomware attacks in a new flash alert published this Friday.BleepingComputer
February 5, 2022
FBI issued a flash alert on Lockbit ransomware operation Full Text
Abstract
The FBI released a flash alert containing technical details associated with the LockBit ransomware operation. The Federal Bureau of Investigation (FBI) has issued a flash alert containing technical details and indicators of compromise associated with...Security Affairs
February 5, 2022
CISA orders federal agencies to fix actively exploited CVE-2022-21882 Windows flaw Full Text
Abstract
US CISA ordered federal agencies to patch their systems against actively exploited CVE-2022-21882 Windows flaw. The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to address their systems against an actively...Security Affairs
February 4, 2022
US Federal Government Creates Cybersecurity Incident Review Board Full Text
Abstract
The Department of Homeland Security has announced a new Cyber Safety Review Board bringing together cybersecurity experts from public and private organizations to “review and assess significant cybersecurity events.”IT Security Guru
February 04, 2022
CISA orders federal agencies to patch actively exploited Windows bug Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch their systems against an actively exploited Windows vulnerability that enables attackers to gain SYSTEM privileges.BleepingComputer
February 03, 2022
CISA Warns of Critical Vulnerabilities Discovered in Airspan Networks Mimosa Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday published an Industrial Controls Systems Advisory (ICSA) warning of multiple vulnerabilities in the Airspan Networks Mimosa equipment that could be abused to gain remote code execution, create a denial-of-service (DoS) condition, and obtain sensitive information. "Successful exploitation of these vulnerabilities could allow an attacker to gain user data (including organization details) and other sensitive data, compromise Mimosa's AWS (Amazon Web Services) cloud EC2 instance and S3 Buckets, and execute unauthorized remote code on all cloud-connected Mimosa devices," CISA said in the alert. The seven flaws, which were discovered and reported to CISA by industrial cybersecurity company Claroty, affect the following products — Mimosa Management Platform ( MMP ) running versions prior to v1.0.3 Point-to-Point ( PTP ) C5c and C5x running versions prior to v2.8.6.1, and Point-to-Multipoint (The Hacker News
February 3, 2022
US State Department offers $10M for information on Iranian election interference Full Text
Abstract
The Department is offering a reward for information on two Iranian hackers who allegedly participated in state-sponsored cyber operations designed to interfere with the 2020 presidential election.Cyberscoop
February 02, 2022
FBI says Pegasus spyware was tested, not used in any investigation Full Text
Abstract
The FBI tested the NSO Group's Pegasus spyware for potential use in criminal investigations.The Hill
February 1, 2022
FBI: Use a Burner Phone at the Olympics Full Text
Abstract
The warning follows a Citizen Lab report that found the official, mandatory app has an encryption flaw that “can be trivially sidestepped.” Besides burners, here are more tips on staying cyber-safe at the Games.Threatpost
February 01, 2022
FBI warns of fake job postings used to steal money, personal info Full Text
Abstract
Scammers are trying to steal job seekers' money and personal information through phishing campaigns using fake advertisements posted on recruitment platforms.BleepingComputer
February 01, 2022
FBI says cyber actors could ‘disrupt’ Beijing Olympics, Paralympics Full Text
Abstract
The FBI’s cyber division warned in a private industry notification dated Monday that cyber actors could “disrupt” the 2022 Beijing Winter Olympics set to start on Friday, in addition to next month’s Paralympics.The Hill
February 01, 2022
Top White House cyber official to meet with Europeans amid Russia tensions Full Text
Abstract
The White House is dispatching its top cyber official to Europe for meetings with allies on countering cyberthreats from Russia, a senior Biden administration official said.The Hill
January 31, 2022
FBI warns of 2022 Beijing Olympics cyberattack, privacy risks Full Text
Abstract
The Federal Bureau of Investigation (FBI) warned today that threat actors could potentially target the February 2022 Beijing Winter Olympics and March 2022 Paralympics. However, evidence of such attacks being planned is yet to be uncovered.BleepingComputer
January 31, 2022
CISA adds 8 new vulnerabilities to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
The US CISA added eight more flaws to its Known Exploited Vulnerabilities Catalog that are known to be used in attacks in the wild. The US Cybersecurity & Infrastructure Security Agency (CISA) has added eight more flaws to the Known Exploited...Security Affairs
January 31, 2022
CISA adds 8 vulnerabilities to list of actively exploited bugs Full Text
Abstract
The US Cybersecurity & Infrastructure Security Agency (CISA) has added eight more flaws to its catalog of exploited vulnerabilities that are known to be used in attacks, and they're a mix of old and new.BleepingComputer
January 29, 2022
US FCC bans China Unicom Americas telecom over national security risks Full Text
Abstract
The Federal Communications Commission (FCC) revoked the license for the China Unicom Americas over serious national security concerns. The Federal Communications Commission (FCC) has revoked the license for China Unicom Americas over "serious national...Security Affairs
January 28, 2022
FBI Warns of Hacker Attacks Conducted by Iranian Cyber Firm Full Text
Abstract
The FBI this week issued a private industry notification to warn organizations about the malicious activities conducted by an Iranian cyber company named Emennet Pasargad.Security Week
January 28, 2022
White House, EPA release 100-day cybersecurity plan for water utility operators Full Text
Abstract
The White House, EPA, and CISA are rolling out a 100-day plan to improve the cybersecurity of the country's water systems, which faced a variety of attacks over the last year.ZDNet
January 28, 2022
US bans major Chinese telecom over national security risks Full Text
Abstract
The Federal Communications Commission (FCC) has revoked China Unicom Americas' license, one of the world's largest mobile service providers, over "serious national security concerns."BleepingComputer
January 28, 2022
NCSC alerts UK orgs to brace for destructive Russian cyberattacks Full Text
Abstract
The UK's National Cyber Security Centre (NCSC) is urging organizations to bolster security and prepare for a potential wave of destructive cyberattacks after recent breaches of Ukrainian entities.BleepingComputer
January 28, 2022
NCSC warns UK entities of potential destructive cyberattacks from Russia Full Text
Abstract
The UK’s National Cyber Security Centre (NCSC) urges organizations to improve cybersecurity due to the risk of imminent destructive cyberattacks from Russia-linked APT groups. The UK’s National Cyber Security Centre (NCSC) is urging organizations...Security Affairs
January 28, 2022
EU to create pan-European cyber incident coordination framework Full Text
Abstract
The European Systemic Risk Board (ESRB) proposed a new systemic cyber incident coordination framework that would allow EU relevant authorities to better coordinate when having to respond to major cross-border cyber incidents impacting the Union's financial sector.BleepingComputer
January 27, 2022
White House Releases Memo on Cybersecurity at Federal Agencies Full Text
Abstract
The White House Office of Management and Budget released a memo that announces new measures to strengthen cybersecurity within federal agencies.Lawfare
January 27, 2022
New Strategy Funds UK Public Services’ Cyber Resilience Full Text
Abstract
U.K. local authorities are to receive more than $50 million from the government to boost cyber resilience in essential public services and data in sectors such as housing benefits,Gov Info Security
January 26, 2022
White House moves to boost cybersecurity at federal agencies Full Text
Abstract
The White House announced on Wednesday new measures to boost cybersecurity within federal agencies following increased cyberattacks on private and public U.S. infrastructure.The Hill
January 26, 2022
Threat Actors Use Malicious QR Codes, Warns FBI Full Text
Abstract
Cybercriminals are meddling with QR codes to redirect users to malicious websites that steal their information, deflect their payments to attacker-controlled accounts, and install malware on their devices.Cyware Alerts - Hacker News
January 26, 2022
White House wants US govt to use a Zero Trust security model Full Text
Abstract
A newly released Federal strategy wants the US government to adopt a "zero trust" security model within the next two years to defend against current threats and boost cybersecurity defenses across federal agencies.BleepingComputer
January 25, 2022
Security Agencies Continue to Raise Red Flags Against Log4Shell Full Text
Abstract
The Log4Shell vulnerability has become a menace and poses a huge challenge to the security community. As more Log4Shell victims continue to surface, more security agencies release alerts about cybercriminals who continue to exploit the Log4j vulnerability in their attacks. Patch it if you haven't ... Read MoreCyware Alerts - Hacker News
January 25, 2022
UK govt releasing Nmap scripts to find unpatched vulnerabilities Full Text
Abstract
The United Kingdom's National Cyber Security Centre (NCSC), the government agency that leads UK's cyber security mission, is releasing NMAP Scripting Engine scripts to help defenders scan for and remediate vulnerable systems on their networks.BleepingComputer
January 24, 2022
DHS warns Russia could launch cyberattack on US Full Text
Abstract
The Department of Homeland Security (DHS) is warning that Russia may pursue a cyberattack against the U.S. as tensions escalate over Moscow's buildup of forces near the border with Ukraine.The Hill
January 24, 2022
Crooks tampering with QR Codes to steal victim money and info, FBI warns Full Text
Abstract
The FBI warns that cybercriminals are using malicious QR codes to steal their credentials and financial info. The Federal Bureau of Investigation (FBI) published a public service announcement (PSA) to warn that cybercriminals are using QR codes to steal...Security Affairs
January 23, 2022
FBI warns of malicious QR codes used to steal your money Full Text
Abstract
The Federal Bureau of Investigation (FBI) warned Americans this week that cybercriminals are using maliciously crafted Quick Response (QR) codes to steal their credentials and financial info.BleepingComputer
January 23, 2022
US CISA added 17 flaws to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
US CISA added seventeen new actively exploited vulnerabilities to the 'Known Exploited Vulnerabilities Catalog'. The 'Known Exploited Vulnerabilities Catalog' is a list of known vulnerabilities that threat actors have abused in attacks and that are required...Security Affairs
January 22, 2022
CISA adds 17 vulnerabilities to list of bugs exploited in attacks Full Text
Abstract
This week, the Cybersecurity and Infrastructure Security Agency (CISA) added seventeen actively exploited vulnerabilities to the 'Known Exploited Vulnerabilities Catalog.BleepingComputer
January 22, 2022
Pay attention to Log4j attacks, Dutch National Cybersecurity Centre (NCSC) warns Full Text
Abstract
The Dutch National Cybersecurity Centre (NCSC) warns organizations of risks associated with cyberattacks exploiting the Log4J vulnerability. The Dutch National Cybersecurity Centre (NCSC) warns organizations to remain vigilant on possible attacks...Security Affairs
January 20, 2022
FBI links Diavol ransomware to the TrickBot cybercrime group Full Text
Abstract
The FBI has formally linked the Diavol ransomware operation to the TrickBot Group, the malware developers behind the notorious TrickBot banking trojan.BleepingComputer
January 20, 2022
US sanctions former Ukrainian official for helping Russian cyberspies Full Text
Abstract
The U.S. Treasury Department announced today sanctions against Volodymyr Oliynyk, a former Ukrainian official, for collecting and sharing info on critical Ukrainian infrastructure with Russia's Federal Security Service (FSB).BleepingComputer
January 20, 2022
Biden signs memo to boost US national security systems’ defenses Full Text
Abstract
President Joe Biden signed a national security memorandum (NSM) on Wednesday to increase the security of national security systems part of critical US government networks used in military and intelligence activities when storing or transferring classified info.BleepingComputer
January 19, 2022
Hillicon Valley — Presented by Connected Commerce Council — Biden sets cyber standards Full Text
Abstract
Today is Wednesday. Welcome to Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Subscribe here: thehill.com/newsletter-signup.The Hill
January 19, 2022
Biden Signs Memo on Cybersecurity Full Text
Abstract
President Biden signed a national security memorandum on Jan. 19 to bolster the cybersecurity of the National Security, Department of Defense and Intelligence Community systems.Lawfare
January 19, 2022
Biden moves to boost security of sensitive national security systems Full Text
Abstract
President Biden signed a national security memorandum on Wednesday that sets new cybersecurity requirements for sensitive national security systems run by the Pentagon, intelligence community and other federal agencies.The Hill
January 19, 2022
UK NCSC shares guidance for organizations to secure their communications with customers Full Text
Abstract
UK NCSC has published new guidance for organizations to secure their communications with customers via SMS or phone calls. UK’s National Cyber Security Center (NCSC) has published new guidance for organizations for combatting telephone and SMS fraud....Security Affairs
January 19, 2022
NATO, Ukraine Sign Deal to ‘Deepen’ Cyber Cooperation Full Text
Abstract
NATO on Monday inked a deal to bolster its cyber support for Ukraine, after a sweeping hacking attack against Kyiv heightened tensions amid fears that Russia could be plotting an invasion.Security Week
January 19, 2022
CISA warns of potential critical threats following attacks against Ukraine Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned organizations about “potential critical threats” following the recent cyberattacks that hit Ukraine. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published...Security Affairs
January 19, 2022
CISA urges US orgs to prepare for data-wiping cyberattacks Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) urges U.S. organizations to strengthen their cybersecurity defenses against data-wiping attacks recently seen targeting Ukrainian government agencies and businesses.BleepingComputer
January 19, 2022
UK’s Cyber Security Center publishes new guidance to fight smishing Full Text
Abstract
UK's National Cyber Security Center (NCSC) has published new guidance for organizations to follow when communicating with customers via SMS or phone calls.BleepingComputer
January 16, 2022
Ukrainian Government Officially Accuses Russia of Recent Cyberattacks Full Text
Abstract
The government of Ukraine on Sunday formally accused Russia of masterminding the attacks that targeted websites of public institutions and government agencies this past week. "All the evidence points to the fact that Russia is behind the cyber attack," the Ministry of Digital Transformation said in a statement. "Moscow continues to wage a hybrid war and is actively building forces in the information and cyberspace." The purpose of the attack, said the ministry, "is not only to intimidate society," but to also "destabilize the situation in Ukraine by stopping the work of the public sector and undermining the confidence in the government on the part of Ukrainians." Russia, however, has denied it was behind the intrusion. "We have nothing to do with it, and Russia has nothing to do with these cyberattacks," Dmitry Peskov, press secretary for President Vladimir Putin, told CNN, adding "We are nearly accustomed to the fact thatThe Hacker News
January 16, 2022
European Union simulated a cyber attack on a fictitious Finnish power company Full Text
Abstract
The European Union simulated a cyber attack on a fictitious Finnish power company to test its cyber-defense capabilities. Cyber drills are essential to test the resilience of our infrastructure, the European Union simulated a cyber attack on a fictitious...Security Affairs
January 14, 2022
Hillicon Valley — States probe the tech giants Full Text
Abstract
Today is Friday. Welcome to Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Subscribe here: thehill.com/newsletter-signup.The Hill
January 14, 2022
Biden administration says Russia arrested Colonial Pipeline hacker Full Text
Abstract
A senior Biden administration official said Friday that one of the hackers recently arrested in Russia was responsible for the massive Colonial Pipeline cyberattack last year.The Hill
January 14, 2022
Russian government claims to have dismantled REvil ransomware gang Full Text
Abstract
Russia's FSB announced to have dismantled the REvil ransomware gang, the infamous group behind Kaseya and JBS USA. The Russian Federal Security Service (FSB) announced to have shut down the REvil ransomware gang, the group that is behind a long string...Security Affairs
January 14, 2022
White House reminds tech giants open source is a national security issue Full Text
Abstract
The White House wants government and private sector organizations to rally their efforts and resources to secure open-source software and its supply chain after the Log4J vulnerabilities exposed critical infrastructure to threat actors' attacks.BleepingComputer
January 13, 2022
Securing Taiwan Requires Immediate Unprecedented Cyber Action Full Text
Abstract
The prospect of a Chinese invasion of Taiwan echoes some of the most disastrous 20th century instances of great power expansion—reminiscent, perhaps, of Nazi Germany’s Anschluss or even its subsequent invasion of Poland. Given that the latter ignited World War II, America’s strategic community has been rightly fixated on the vast military and political contingencies of a Chinese invasion that would remake Asia.Lawfare
January 13, 2022
FCC wants new data breach reporting rules for telecom carriers Full Text
Abstract
The Federal Communications Commission (FCC) has proposed more rigorous data breach reporting requirements for telecom carriers in response to breaches that recently hit the telecommunications industry.BleepingComputer
January 13, 2022
US ties Iranian intelligence to hacking group Full Text
Abstract
U.S. Cyber Command on Wednesday said a hacking group known as MuddyWater is part of an Iranian intelligence agency responsible for widespread online attacks across the world.The Hill
January 12, 2022
Federal agencies warn of Russian hackers targeting critical infrastructure Full Text
Abstract
Federal agencies are warning about Russian hackers potentially targeting critical infrastructure in the United States.The Hill
January 12, 2022
New York AG Warns 17 Firms of Credential Attacks Full Text
Abstract
Sponsored: Password security is highlighted in attorney general warning to New York state businesses.Threatpost
January 12, 2022
FBI, NSA and CISA Warns of Russian Hackers Targeting Critical Infrastructure Full Text
Abstract
Amid renewed tensions between the U.S. and Russia over Ukraine and Kazakhstan , American cybersecurity and intelligence agencies on Tuesday released a joint advisory on how to detect, respond to, and mitigate cyberattacks orchestrated by Russian state-sponsored actors. To that end, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA) have laid bare the tactics, techniques, and procedures (TTPs) adopted by the adversaries, including spear-phishing, brute-force, and exploiting known vulnerabilities to gain initial access to target networks. The list of flaws exploited by Russian hacking groups to gain an initial foothold, which the agencies said are "common but effective," are below — CVE-2018-13379 (FortiGate VPNs) CVE-2019-1653 (Cisco router) CVE-2019-2725 (Oracle WebLogic Server) CVE-2019-7609 (Kibana) CVE-2019-9670 (Zimbra software) CVE-2019-10149 (Exim Simple Mail TransfThe Hacker News
January 12, 2022
CISA adds 15 exploited vulnerabilities from Google, IBM, Microsoft, Oracle and more to catalog Full Text
Abstract
The most urgent additions to the CISA list include a vulnerability in VMware vCenter Server, flaws in Hikvision products, and a FatPipe WARP, IPVPN, and MPVPN vulnerability.ZDNet
January 11, 2022
CISA alerts federal agencies of ancient bugs still being exploited Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its list of known exploited vulnerabilities with 15 new security issues that serve as a frequent attack vector against federal enterprises.BleepingComputer
January 11, 2022
US govt warns of Russian hackers targeting critical infrastructure Full Text
Abstract
The FBI, CISA, and the NSA have warned critical infrastructure network defenders to be ready to detect and block incoming attacks targeting organizations from US critical infrastructure sectors orchestrated by Russian-backed hacking groups.BleepingComputer
January 10, 2022
Europol Ordered to Delete Data of Individuals With No Proven Links to Crimes Full Text
Abstract
The European Union's data protection watchdog on Monday ordered Europol to delete a vast trove of personal data it obtained pertaining to individuals with no proven links to criminal activity. "Datasets older than six months that have not undergone this Data Subject Categorisation must be erased," the European Data Protection Supervisor ( EDPS ) said in a press statement. "This means that Europol will no longer be permitted to retain data about people who have not been linked to a crime or a criminal activity for long periods with no set deadline." EDPS' investigation into Europol's handling of sensitive data commenced in April 2019, with the authority noting that the storage of large volumes of data with no Data Subject Categorisation poses a risk to individuals' fundamental rights and amounts to mass surveillance. The cache is said to contain at least four petabytes, according to The Guardian. In addition, the ruling also imposed a six-monThe Hacker News
January 10, 2022
Hillicon Valley — Dems press privacy groups over kids’ safety Full Text
Abstract
Today is Monday. Welcome to Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Subscribe here: thehill.com/newsletter-signup.The Hill
January 10, 2022
Europol ordered to erase data on those not linked to crime Full Text
Abstract
The European Data Protection Supervisor (EDPS), an EU privacy and data protection independent supervisory authority, has ordered Europol to erase personal data on individuals that haven't been linked to criminal activity.BleepingComputer
January 9, 2022
US NCSC and DoS share best practices against surveillance tools Full Text
Abstract
The US NCSC and the Department of State published joint guidance on defending against attacks using commercial surveillance tools. The US National Counterintelligence and Security Center (NCSC) and the Department of State have published joint guidance...Security Affairs
January 9, 2022
Swiss army asks its personnel to use the Threema instant-messaging app Full Text
Abstract
The Swiss army has banned all instant messaging apps, including Signal, Telegram, and WhatsApp, recommending the use of the Threema app. The Swiss army has banned foreign instant messaging apps such as Signal, Telegram, and WhatsApp and only allows...Security Affairs
January 9, 2022
Russian submarines threatening undersea cables, UK defence chief warns Full Text
Abstract
Russian submarines threatening undersea network of undersea cables, says UK defence chief Sir Tony Radakin UK defence chief Sir Tony Radakin warns of Russian submarines threatening the undersea network of internet cables, which are critical infrastructure...Security Affairs
January 8, 2022
FBI: FIN7 hackers target US companies with BadUSB devices to install ransomware Full Text
Abstract
The FBI has said that FIN7, an infamous cybercrime group, has sent malicious USB devices to US companies over the past few months in the hopes of infecting their systems with malware and carrying out future attacks.The Record
January 07, 2022
NHS Warns of Hackers Targeting Log4j Flaws in VMware Horizon Full Text
Abstract
The digital security team at the U.K. National Health Service (NHS) has raised the alarm on active exploitation of Log4Shell vulnerabilities in unpatched VMware Horizon servers by an unknown threat actor to drop malicious web shells and establish persistence on affected networks for follow-on attacks. "The attack likely consists of a reconnaissance phase, where the attacker uses the Java Naming and Directory InterfaceTM (JNDI) via Log4Shell payloads to call back to malicious infrastructure," the non-departmental public body said in an alert. "Once a weakness has been identified, the attack then uses the Lightweight Directory Access Protocol (LDAP) to retrieve and execute a malicious Java class file that injects a web shell into the VM Blast Secure Gateway service." The web shell, once deployed, can serve as a conduit to carry out a multitude of post-exploitation activities such as deploying additional malicious software, data exfiltration, or deployment of rThe Hacker News
January 7, 2022
New York Attorney General Alerts Companies About Credential Stuffing Attacks Full Text
Abstract
Attorney General Letitia James highlighted that there are more than 15 billion stolen credentials being circulated across the internet which makes credential stuffing one of the top attack vectors online.Cyware Alerts - Hacker News
January 07, 2022
FBI: Hackers use BadUSB to target defense firms with ransomware Full Text
Abstract
The Federal Bureau of Investigation (FBI) warned US companies in a recently updated flash alert that the financially motivated FIN7 cybercriminal group targeted the US defense industry with packages containing malicious USB devices to deploy ransomware.BleepingComputer
January 07, 2022
NHS warns of hackers exploiting Log4Shell in VMware Horizon Full Text
Abstract
UK's National Health Service (NHS) has published a cyber alert warning of an unknown threat group targeting VMware Horizon deployments with Log4Shell exploits.BleepingComputer
January 06, 2022
NIST Cybersecurity Framework: A Quick Guide for SaaS Security Compliance Full Text
Abstract
When I want to know the most recently published best practices in cyber security, I visit The National Institute of Standards and Technology (NIST). From the latest password requirements (NIST 800-63) to IoT security for manufacturers (NISTIR 8259), NIST is always the starting point. NIST plays a key role as a US standard-setter, due to the organization's professionalism and the external experts who help to create NIST documents. The NIST Cybersecurity Framework (CSF) was initially released in 2014 and last updated in 2018. The framework enables organizations to improve the security and resilience of critical infrastructure with a well-planned and easy-to-use framework. The continuing growth in SaaS, and the major changes to the work environment due to COVID-19 bring new security challenges. Although the CSF was written and updated while SaaS was on the rise, it is still geared towards the classic legacy critical infrastructure security challenges. However, organizations can betThe Hacker News
January 06, 2022
Swiss army bans all chat apps but locally-developed Threema Full Text
Abstract
The Swiss army has banned foreign instant-messaging apps such as Signal, Telegram, and WhatsApp and requires army members to use the locally-developed Threema messaging app instead.BleepingComputer
January 05, 2022
Hillicon Valley — Progressives put pressure on Google Full Text
Abstract
Today is Wednesday. Welcome to Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Subscribe here: thehill.com/newsletter-signup.The Hill
January 5, 2022
FTC warns legal action against businesses who fail to mitigate Log4J attacks Full Text
Abstract
The US Federal Trade Commission (FTC) has warned legal action against companies who fail to secure their infrastructure against Log4Shell attacks. The US Federal Trade Commission (FTC) warns legal action against companies who protect their systems...Security Affairs
January 04, 2022
FTC warns companies to secure consumer data from Log4J attacks Full Text
Abstract
The US Federal Trade Commission (FTC) has warned today that it will go after any US company that fails to protect its customers' data against ongoing Log4J attacks.BleepingComputer
December 30, 2021
President enacts Ukraine’s Information Security Strategy Full Text
Abstract
Amid extreme concerns of cyber warfare from Russia, Ukraine’s President Volodymyr Zelensky announced the launch of a new information security strategy policy that came into effect earlier this week.Ukrinform
December 29, 2021
Indian authorities set to tighten data breach laws in 2022 Full Text
Abstract
Organizations will reportedly be forced to disclose data breaches within 72 hours, bringing India in line with territories such as the EU, which mandates breach disclosures under its GDPR regulations.The Daily Swig
December 28, 2021
State Workers to Be Paid on Time Despite Ransomware Attack Full Text
Abstract
State government workers in West Virginia will be paid on time this week despite a ransomware attack that affected a software provider that helps manage the state’s payroll system.Security Week
December 28, 2021
Congress zooms in on cybersecurity after banner year of attacks Full Text
Abstract
The past 12 months stand as a banner year in the severity of cyberattacks that wreaked havoc on organizations large and small.The Hill
December 27, 2021
An inside look at how CISA is building an agency for elite cybersecurity talent Full Text
Abstract
Kiersten Todt, CISA Chief of Staff, said that one of their key priorities right now is to build out our talented workforce and to really make CISA an elite agency for top-tier talent in cybersecurity.The Record
December 27, 2021
Albania Prime Minister apologizes over the recent massive leak of government data Full Text
Abstract
Albania’s prime minister Edi Rama apologized for the massive leak of personal records from a government database of state. Albania’s prime minister this week apologized for the massive leak of personal records from a government database of state....Security Affairs
December 23, 2021
CISA, FBI and NSA Publish Joint Advisory and Scanner for Log4j Vulnerabilities Full Text
Abstract
Cybersecurity agencies from Australia, Canada, New Zealand, the U.S., and the U.K. on Wednesday released a joint advisory in response to widespread exploitation of multiple vulnerabilities in Apache's Log4j software library by nefarious adversaries. "These vulnerabilities, especially Log4Shell, are severe," the intelligence agencies said in the new guidance . "Sophisticated cyber threat actors are actively scanning networks to potentially exploit Log4Shell , CVE-2021-45046 , and CVE-2021-45105 in vulnerable systems. These vulnerabilities are likely to be exploited over an extended period." An attacker can exploit Log4Shell (CVE-2021-44228) by submitting a specially crafted request to a vulnerable system that causes that system to execute arbitrary code. CVE-2021-45046, on the other hand, allows for remote code execution in certain non-default configurations, while CVE-2021-45105 could be leveraged by a remote attacker to cause a denial-of-service (DoSThe Hacker News
December 22, 2021
Harris calls for ‘cyber doctrine’ to address increasing attacks Full Text
Abstract
Vice President Harris is calling for a “cyber doctrine” and greater international coordination to address cybersecurity concerns after a year of mounting attacks.The Hill
December 22, 2021
China suspends deal with Alibaba for not sharing Log4j 0-day first with the government Full Text
Abstract
China's internet regulator, the Ministry of Industry and Information Technology (MIIT), has temporarily suspended a partnership with Alibaba Cloud, the cloud computing subsidiary of e-commerce giant Alibaba Group, for six months on account of the fact that it failed to promptly inform the government about a critical security vulnerability affecting the broadly used Log4j logging library. The development was disclosed by Reuters and South China Morning Post , citing a report from 21st Century Business Herald, a Chinese business-news daily newspaper. "Alibaba Cloud did not immediately report vulnerabilities in the popular, open-source logging framework Apache Log4j2 to China's telecommunications regulator," Reuters said. "In response, MIIT suspended a cooperative partnership with the cloud unit regarding cybersecurity threats and information-sharing platforms." Tracked as CVE-2021-44228 (CVSS score: 10.0) and codenamed Log4Shell or LogJam, the cataThe Hacker News
December 22, 2021
CISA releases a scanner to identify web services affected by Apache Log4j flaws Full Text
Abstract
US CISA release of a scanner for identifying web services affected by two Apache Log4j remote code execution vulnerabilities. The Cybersecurity and Infrastructure Security Agency (CISA) has announced the release of an open-source scanner for identifying...Security Affairs
December 22, 2021
Five Eyes nations warn of cyber threats from Apache vulnerability Full Text
Abstract
Federal agencies in the United States, as well as top cybersecurity agencies in the other countries that make up the Five Eyes intelligence alliance, warned Wednesday that hackers are “actively exploiting” a recently uncovered vulnerability in Apache logging library log4j.The Hill
December 22, 2021
Chinese Government Punishes Alibaba for Not Telling It First About Log4Shell Flaw: Report Full Text
Abstract
According to the South China Morning Post, which is owned by Alibaba, the Chinese government is displeased with the fact that it was not informed first about the Log4j vulnerability.Security Week
December 22, 2021
Ghana Government Agency Exposed Citizens’ Data Due to Cloud Misconfiguration Full Text
Abstract
The exposed AWS S3 bucket was discovered on September 29, 2021, and Ghana's National Service Secretariate (NSS) and CERT-GH were notified between October 6th and 12th, 2021.Hackread
December 21, 2021
DHS expands bug bounty program to encourage hunting down Apache vulnerability Full Text
Abstract
The Department of Homeland Security (DHS) is expanding its recently announced bug bounty program for cyber vulnerabilities to include incentives for hackers to hunt down issues related to the Apache logging library log4j vulnerability.The Hill
December 21, 2021
UAE agency put spyware on phone of Jamal Khashoggi’s wife prior to murder: report Full Text
Abstract
A United Arab Emirates (UAE) agency downloaded spyware from Israeli company NSO Group onto the phone of former reporter Jamal Khashoggi’s wife months before Khashoggi’s murder, new findings published Tuesday concluded.The Hill
December 20, 2021
Towards OECD Principles for Government Access to Data: Can Democracies Show the Way? Full Text
Abstract
Nascent OECD work to identify principles on government access to data for law enforcement and national security purposes can have important normative significance but also faces political hurdles.Lawfare
December 20, 2021
CISA Compliance for 2022 Full Text
Abstract
The last several years have seen an ever-increasing number of cyber-attacks, and while the frequency of such attacks has increased, so too has the resulting damage. One needs only to look at CISA's list of significant cyber incidents to appreciate the magnitude of the problem. In May of 2021, for example, a ransomware attack brought down the Colonial Pipeline, causing a serious fuel disruption for much of the United States. Just last month, a hacking group gained access to call logs and text messages from telecommunications carriers all over the world. These are just two of dozens of cyber-attacks occurring this year. Because of these and other cyber security incidents, the Department of Homeland Security issues a compulsory directive to federal agencies to better protect federal information systems and the data that they contain against cyber-attack. This directive is based around CISA's catalog of vulnerabilities that are known to pose a significant risk. The directiThe Hacker News
December 20, 2021
FBI: State hackers exploiting new Zoho zero-day since October Full Text
Abstract
The Federal Bureau of Investigation (FBI) says a zero-day vulnerability in Zoho's ManageEngine Desktop Central has been under active exploitation by state-backed hacking groups (also known as APTs or advanced persistent threats) since at least October.BleepingComputer
December 20, 2021
UK’s National Crime Agency shares 585 million passwords with Have I Been Pwned Full Text
Abstract
The NCA now becomes the second law enforcement agency to officially supply HIBP with hacked passwords after the US Federal Bureau of Investigations began a similar collaboration back in May.The Record
December 20, 2021
UK govt shares 585 million passwords with Have I Been Pwned Full Text
Abstract
The United Kingdom's National Crime Agency has contributed more than 585 million passwords to the Have I Been Pwned service that lets users check if their login information has leaked online.BleepingComputer
December 17, 2021
US orders federal govt agencies to patch critical Log4j bug Full Text
Abstract
US Federal Civilian Executive Branch agencies have been ordered to patch the critical and actively exploited Log4Shell security vulnerability in the Apache Log4j library within the next six days.BleepingComputer
December 16, 2021
US concerns grow over potential Russian cyber targeting of Ukraine amid troop buildup Full Text
Abstract
The increase in tensions between the United States and Russia due to Moscow amassing troops on the border with Ukraine is raising concerns Russia may not only put boots on the ground but also turn to hacking operations to put pressure on the U.S. and Ukraine.The Hill
December 16, 2021
Officials warn of increased hacking threat during holiday season Full Text
Abstract
Senior Biden administration cybersecurity officials warned business leaders Thursday to be on guard against cyberattacks during the upcoming holiday season, noting that hackers are often more active when Americans are taking time away from work.The Hill
December 15, 2021
CISA warns critical infrastructure to stay vigilant for ongoing threats Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) warned critical infrastructure organizations today to strengthen their cybersecurity defenses against potential and ongoing threats.BleepingComputer
December 15, 2021
DHS announces its ‘Hack DHS’ bug bounty program Full Text
Abstract
The DHS has launched a new bug bounty program dubbed 'Hack DHS' to discover security vulnerabilities in external DHS systems. The Department of Homeland Security (DHS) has launched a new bug bounty program dubbed 'Hack DHS' that allows vetted white...Security Affairs
December 15, 2021
US government to offer up to $5,000 ‘bounty’ to hackers to identify cyber vulnerabilities Full Text
Abstract
The DHS is launching a "bug bounty" program, potentially offering thousands of dollars to hackers who help the department identify cybersecurity vulnerabilities within its systems.CNN Money
December 14, 2021
USPS secretly tested mobile voting system: report Full Text
Abstract
The U.S. Postal Service worked on a secret project to test a blockchain-based mobile phone voting system ahead of the 2020 elections before ultimately abandoning the project, according to The Washington Post.The Hill
December 14, 2021
DHS announces ‘Hack DHS’ bug bounty program for vetted researchers Full Text
Abstract
The Department of Homeland Security (DHS) has launched a new bug bounty program dubbed "Hack DHS" that allows vetted cybersecurity researchers to find and report security vulnerabilities in external DHS systems.BleepingComputer
December 14, 2021
CISA tells federal agencies to patch Log4Shell before Christmas Full Text
Abstract
Federal agencies have ten days to test which of their internal apps and servers utilize the Log4j Java library, check if systems are vulnerable to the Log4Shell exploit, and patch affected servers.The Record
December 14, 2021
US CISA orders federal agencies to fix Log4Shell by December 24th Full Text
Abstract
US CISA ordered federal agencies to address the critical Log4Shell vulnerability in the Log4j library by December 24th, 2021. US CISA ordered federal agencies to address the critical Log4Shell vulnerability in the Log4j library by December 24th,...Security Affairs
December 14, 2021
CISA orders federal agencies to patch Log4Shell by December 24th Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch systems against the critical Log4Shell remote code execution vulnerability and released mitigation guidance in response to active exploitation.BleepingComputer
December 13, 2021
Responding to Fischerkeller on Initiative Persistence Full Text
Abstract
The U.S. may be justified in seeking to contain China’s aggression and search for dominance in cyberspace with the 2018 USCC Command Vision. But it has yet to square this with a willingness to accept similar Chinese efforts to advance Chinese goals in cyberspace.Lawfare
December 10, 2021
Officials press for actionable recommendations from new cyber advisory committee Full Text
Abstract
Top officials at the Department of Homeland Security (DHS) on Friday urged a newly established advisory committee composed of experts from across sectors to propose solutions to help tackle the growing wave of cyberattacks faced by the nation.The Hill
December 10, 2021
Officials, experts sound the alarm about critical cyber vulnerability Full Text
Abstract
Officials and cyber experts on Friday sounded the alarm about a critical logging vulnerability that could potentially impact thousands of organizations, racing to implement patches before hackers can exploit the opening.The Hill
December 10, 2021
Australian ACSC warns of Conti ransomware attacks against local orgs Full Text
Abstract
The Australian Cyber Security Centre (ACSC) warns of Conti ransomware attacks again multiple Australian organizations. The Australian Cyber Security Centre (ACSC) warns of Conti ransomware attacks against multiple Australian organizations from various...Security Affairs
December 10, 2021
Australian govt raises alarm over Conti ransomware attacks Full Text
Abstract
The Australian Cyber Security Centre (ACSC) says Conti ransomware attacks have targeted multiple Australian organizations from various industry verticals since November.BleepingComputer
December 10, 2021
How CISA’s New Patching Directive Can Drive Cyber Hygiene Full Text
Abstract
The US federal agencies have two weeks to close the vulnerabilities published in 2021 and six months for older Common Vulnerabilities and Exposures (CVEs) — some of which date back to 2014.CIO
December 09, 2021
US to tighten restrictions on exports of malicious cyber tools Full Text
Abstract
The Biden administration is expected to announce on Friday an initiative to tighten rules surrounding the exports of certain technologies that have been used by authoritarian governments and bad actors for repression.The Hill
December 07, 2021
Language requiring companies to report cyberattacks left out of defense bill Full Text
Abstract
Legislation mandating cyber incident reporting for certain critical organizations was left out of the compromise version of the annual National Defense Authorization Act (NDAA) that the House is set to vote on Tuesday.The Hill
December 7, 2021
NSA Funding Cybersecurity Workforce Training Programs Full Text
Abstract
Iowa State University and the University of Illinois at Urbana-Champaign will lead a coalition of industry and government partners to train professionals to grow the Midwest's cybersecurity workforce.Government Technology
December 6, 2021
How the President Can Shape the Role and Oversight of the National Cyber Director Full Text
Abstract
The national cyber director’s lack of independent legal authority, combined with Senate confirmation, gives the president broad latitude to shape this role and authority within the executive branch.Lawfare
December 06, 2021
Israel tightening cyber exports after scandals Full Text
Abstract
Israel is tightening its guidelines for cyber exports following a number of incidents linked to the Israeli spyware company NSO Group.The Hill
December 6, 2021
Cyber Command Publicly Joins Fight Against Ransomware Groups Full Text
Abstract
U.S. military acknowledges targeting cybercriminals who launch attacks on U.S. companies.Threatpost
December 5, 2021
German BSI agency warns of ransomware attacks over Christmas holidays Full Text
Abstract
German BSI warns of ransomware attacks over the Christmas and end-of-year holidays, fearing Emotet return and attacks on Microsoft Exchange servers. The German cybersecurity authority BSI warns of ransomware attacks over the Christmas holidays, fearing...Security Affairs
December 4, 2021
FBI: Cuba ransomware group hit 49 critical infrastructure organizations Full Text
Abstract
The FBI has released a new notice about the Cuba ransomware, explaining that the group has attacked "49 entities in five critical infrastructure sectors" and made at least $43.9 million in ransom payments.ZDNet
December 4, 2021
CISA warns of vulnerabilities in Hitachi Energy products Full Text
Abstract
CISA has released six advisories to warn organizations about security vulnerabilities affecting Hitachi Energy products The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published six advisories to inform organizations about the availability...Security Affairs
December 03, 2021
Why Everyone Needs to Take the Latest CISA Directive Seriously Full Text
Abstract
Government agencies publish notices and directives all the time. Usually, these are only relevant to government departments, which means that nobody else really pays attention. It's easy to see why you would assume that a directive from CISA just doesn't relate to your organization. But, in the instance of the latest CISA directive, that would be making a mistake. In this article, we explain why, even if you're in the private or non-government sector, you should nonetheless take a close look at CISA Binding Operational Directive 22-01. We outline why CISA was forced to issue this directive, and why that firm action has implications for all organizations – inside and outside of government. Acting on cybersecurity issues isn't as simple as flicking a switch, of course, so keep reading to find out how you can address the core issue behind the CISA directive. Okay, so what exactly is a CISA directive? Let's take a step back to gain some context. Just like any organThe Hacker News
December 03, 2021
FBI: Cuba ransomware breached 49 US critical infrastructure orgs Full Text
Abstract
The Federal Bureau of Investigation (FBI) has revealed that the Cuba ransomware gang has compromised the networks of at least 49 organizations from US critical infrastructure sectors.BleepingComputer
December 02, 2021
CISA Warns of Actively Exploited Critical Zoho ManageEngine ServiceDesk Vulnerability Full Text
Abstract
The U.S. Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are warning of active exploitation of a newly patched flaw in Zoho's ManageEngine ServiceDesk Plus product to deploy web shells and carry out an array of malicious activities. Tracked as CVE-2021-44077 (CVSS score: 9.8), the issue relates to an unauthenticated, remote code execution vulnerability affecting ServiceDesk Plus versions up to and including 11305 that, if left unfixed, "allows an attacker to upload executable files and place web shells that enable post-exploitation activities, such as compromising administrator credentials, conducting lateral movement, and exfiltrating registry hives and Active Directory files," CISA said . "A security misconfiguration in ServiceDesk Plus led to the vulnerability," Zoho noted in an independent advisory published on November 22. "This vulnerability can allow an adversary to execute arbitrary codeThe Hacker News
December 02, 2021
Federal watchdog warns security of US infrastructure ‘in jeopardy’ without action Full Text
Abstract
A federal watchdog agency on Thursday released findings highlighting serious concerns around cybersecurity vulnerabilities in U.S. critical infrastructure, warning that these systems are “in jeopardy” if the government fails to take action.The Hill
December 2, 2021
CISA adds Zoho, Apache, Qualcomm, Mikrotik flaws to the list of actively exploited issues Full Text
Abstract
U.S. CISA urges to address vulnerabilities Qualcomm, Mikrotik, Zoho and the Apache Software Foundation software. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its catalog of actively exploited vulnerabilities recommending...Security Affairs
December 02, 2021
Twitter removes 3,400 accounts used in govt propaganda campaigns Full Text
Abstract
Twitter today announced the permanent removal of more than 3,400 accounts linked to governments of six countries running manipulation or spam campaigns.BleepingComputer
December 02, 2021
TSA issues directives to rail sector to strengthen cybersecurity Full Text
Abstract
The Transportation Security Administration (TSA) on Thursday issued two security directives requiring rail and rail transit groups to implement steps to strengthen cybersecurity of the sector, including a requirement to report cyber incidents to the federal government.The Hill
December 01, 2021
House passes bipartisan bills to strengthen networks security, cyber literacy Full Text
Abstract
The House on Wednesday passed three bipartisan bills intended to shore up network security and increase cyber literacy across the nation, following a difficult year fraught with several significant cybersecurity attacks.The Hill
December 01, 2021
CISA announces members of team providing advice on cybersecurity threats Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday announced the establishment of its Cybersecurity Advisory Committee and the nearly two dozen members who will provide input on efforts to enhance cybersecurity defense priorities.The Hill
December 1, 2021
CISA Seeks Protective Email Service that Tracks Agencies’ Security Compliance Full Text
Abstract
The CISA is in the market for a service that can help to protect both recipients of government emails as well as agencies themselves by ensuring email platforms are securely configured.Nextgov
November 30, 2021
Democrat pushes for pipeline reliability standards Full Text
Abstract
Rep. Bobby Rush (D-Ill.) is pushing for the creation of an organization that would seek to set both physical and cybersecurity reliability standards for pipelines.The Hill
November 29, 2021
Israel cut cyber export list, excluding totalitarian regimes Full Text
Abstract
Israel's Ministry of Defense bans the sale of surveillance software and offensive hacking tools to tens of countries. Israel's Ministry of Defense has cut the list of countries to which Israeli surveillance and cybersecurity firms could sell their...Security Affairs
November 25, 2021
Israel Bans Sales of Hacking and Surveillance Tools to 65 Countries Full Text
Abstract
Israel's Ministry of Defense has dramatically restricted the number of countries to which cybersecurity firms in the country are allowed to sell offensive hacking and surveillance tools to, cutting off 65 nations from the export list. The revised list, details of which were first reported by the Israeli business newspaper Calcalist , now only includes 37 countries, down from the previous 102: Australia, Austria, Belgium, Bulgaria, Canada, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Iceland, India, Ireland, Italy, Japan, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, New Zealand, Norway, Portugal, Romania, Slovakia, Slovenia, South Korea, Spain, Sweden, Switzerland, the Netherlands, the U.K., and the U.S. Notably missing from the list are countries such as Morocco, Bahrain, Saudi Arabia, and the U.A.E, which have been previously identified as customers of Israeli spyware vendor NSO Group. In curtailing the exports, the move effectiThe Hacker News
November 25, 2021
FBI warns of crooks targeting online shoppers during the holiday season Full Text
Abstract
The Federal Bureau of Investigation (FBI) warns of cybercriminals targeting online shoppers during the holiday season. The FBI warns of cyber criminals targeting online shoppers during the holiday season. In this period netizens hope to take advantage...Security Affairs
November 24, 2021
Why Do Governments Reveal Cyber Intrusions? Full Text
Abstract
Germany’s decision to publicly name the Ghostwriter hacking group as the perpetrator targeting its political institutions should not be taken lightly.Lawfare
November 24, 2021
FBI: Online shoppers risk losing over $53M to holiday scams Full Text
Abstract
The Federal Bureau of Investigation (FBI) warned today that online shoppers risk losing more than $53 million during this year's holiday season to scams promising bargains and hard-to-find gifts.BleepingComputer
November 23, 2021
The U.K. as a Responsible Cyber Power: Brilliant Branding or Empty Bluster? Full Text
Abstract
In March, the U.K. government published its Integrated Review of Security, Defence, Development and Foreign Policy, setting out the U.K.’s position as a “responsible democratic cyber power.” This is unique and useful for a few key reasons.Lawfare
November 23, 2021
FBI warns of phishing targeting high-profile brands’ customers Full Text
Abstract
The Federal Bureau of Investigation (FBI) warned today of recently detected spear-phishing email campaigns targeting customers of "brand-name companies" in attacks known as brand phishing.BleepingComputer
November 23, 2021
US govt warns critical infrastructure of ransomware attacks during holidays Full Text
Abstract
US CISA and the FBI issued a joint alert to warn critical infrastructure partners and public/private organizations of ransomware attacks during holidays. The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warn critical infrastructure...Security Affairs
November 23, 2021
Federal Agencies Warn of Cyber Threats Against Critical Infrastructure During Holidays and Weekends Full Text
Abstract
As Americans prepare to celebrate the Thanksgiving holiday, CISA and the FBI are reminding critical infrastructure partners that malicious cyber actors aren’t making the same holiday plans as you.US CERT
November 22, 2021
France Doubles Down on Countering Foreign Interference Ahead of Key Elections Full Text
Abstract
Following an increase in foreign interference and hostile information operations—both at home and abroad—the French government is preparing to fight back.Lawfare
November 22, 2021
Authorities warn organizations to be on guard against hackers during Thanksgiving holiday Full Text
Abstract
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) on Monday warned organizations to be on guard against cyberthreats, particularly ransomware attacks, over the Thanksgiving holiday.The Hill
November 22, 2021
UK govt warns thousands of SMBs their online stores were hacked Full Text
Abstract
The UK's National Cyber Security Centre (NCSC) says it warned the owners of more than 4,000 online stores that their sites were compromised in Magecart attacks to steal the payment info of customers.BleepingComputer
November 22, 2021
US govt warns of increased ransomware risks during holidays Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warned critical infrastructure partners and public/private sector organizations not to let down their defenses against ransomware attacks during the holiday season.BleepingComputer
November 22, 2021
US SEC warns investors of ongoing fraudulent communications claiming from the SEC Full Text
Abstract
The Securities and Exchange Commission (SEC) warns investors of attacks impersonating its officials in government impersonator schemes. The Securities and Exchange Commission (SEC) is warning investors of scammers impersonating SEC officials in fraudulent...Security Affairs
November 21, 2021
US SEC warns investors of ongoing govt impersonation attacks Full Text
Abstract
The Securities and Exchange Commission (SEC) has warned US investors of scammers impersonating SEC officials in government impersonator schemes via phone calls, voicemails, emails, and letters.BleepingComputer
November 20, 2021
U.S. banking regulators order banks to notify cybersecurity incidents in 36 hours Full Text
Abstract
U.S. banking regulators have approved a new rule that orders banks to notify federal regulators of significant cybersecurity incidents within 36 hours. U.S. banking regulators this week approved a rule that obliges banks to report any major cybersecurity...Security Affairs
November 20, 2021
FBI Warning: Cybercriminals Abusing Zero-Day in FatPipe VPN Full Text
Abstract
A flash alert has been issued by the FBI regarding an APT group abusing a zero-day flaw in FatPipe devices and software products. FatPipe, the networking hardware firm, has Fortune 1000 companies as its customers.Cyware Alerts - Hacker News
November 19, 2021
More than $500M for cybersecurity included in sweeping House-passed package Full Text
Abstract
The House approved more than $500 million in cybersecurity funding on Friday as part of its version of President Biden’s roughly $2 trillion Build Back Better package.The Hill
November 19, 2021
FBI Issues Flash Alert on Actively Exploited FatPipe VPN Zero-Day Bug Full Text
Abstract
The U.S. Federal Bureau of Investigation (FBI) has disclosed that an unidentified threat actor has been exploiting a previously unknown weakness in the FatPipe MPVPN networking devices at least since May 2021 to obtain an initial foothold and maintain persistent access into vulnerable networks, making it the latest company to join the likes of Cisco, Fortinet, Citrix, Pulse Secure that have had their systems exploited in the wild. "The vulnerability allowed APT actors to gain access to an unrestricted file upload function to drop a web shell for exploitation activity with root access, leading to elevated privileges and potential follow-on activity," the agency said in an alert published this week. "Exploitation of this vulnerability then served as a jumping off point into other infrastructure for the APT actors." In other words, the zero-day vulnerability enables a remote attacker to upload a file to any location on the filesystem on an affected device. The seThe Hacker News
November 19, 2021
US regulators order banks to report cyberattacks within 36 hours Full Text
Abstract
US federal bank regulatory agencies have approved a new rule requiring banks to notify their primary federal regulators of significant computer-security incidents within 36 hours.BleepingComputer
November 18, 2021
North Korean cyberspies target govt officials with custom malware Full Text
Abstract
A state-sponsored North Korean threat actor tracked as TA406 was recently observed deploying custom info-stealing malware in espionage campaigns.BleepingComputer
November 18, 2021
FBI warns of APT group exploiting FatPipe VPN zero-day since May Full Text
Abstract
The Federal Bureau of Investigation (FBI) warned of an advanced persistent threat (APT) compromising FatPipe router clustering and load balancer products to breach targets' networks.BleepingComputer
November 18, 2021
Senators look to defense bill to move cybersecurity measures Full Text
Abstract
The Senate is eyeing the annual defense bill as a vehicle to attach critical provisions to improve the nation’s cybersecurity following a devastating year in which major attacks left the government flat-footed.The Hill
November 18, 2021
US, UK, and Australian Cyber Authorities Pin Iranian Hackers for Exploiting Fortinet and Exchange Security Flaws Full Text
Abstract
Cyber authorities have called for administrators to immediately patch a quartet of vulnerabilities after attributing some attacks that used them to attackers backed by Iran.ZDNet
November 17, 2021
Officials warn that hackers linked to Iranian government are targeting critical sectors Full Text
Abstract
Federal agencies in the United States, United Kingdom and Australia on Wednesday warned that hackers linked to the Iranian government are behind an ongoing campaign targeting critical infrastructure, including hospitals.The Hill
November 17, 2021
CISA releases incident response plans for federal agencies Full Text
Abstract
CISA released the Federal Government Cybersecurity Incident Response Playbooks for the federal civilian executive branch agencies. The Cybersecurity and Infrastructure Security Agency (CISA) has released new cybersecurity response plans for federal...Security Affairs
November 17, 2021
US, UK warn of Iranian hackers exploiting Microsoft Exchange, Fortinet Full Text
Abstract
US, UK, and Australian cybersecurity agencies warned today of ongoing exploitation of Microsoft Exchange ProxyShell and Fortinet vulnerabilities linked to an Iranian-backed hacking group.BleepingComputer
November 17, 2021
CISA releases cybersecurity response plans for federal agencies Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) has released new cybersecurity response plans (known as playbooks) for federal civilian executive branch (FCEB) agencies.BleepingComputer
November 16, 2021
Oversight finds ‘small lapses’ in security led to Colonial Pipeline, JBS hacks Full Text
Abstract
A series of “small lapses” in cybersecurity led to several recent successful ransomware attacks, the House Oversight and Reform Committee concluded in a staff memo released Tuesday.The Hill
November 16, 2021
DHS Launches Portal to Recruit—and Retain—Cybersecurity Talent Full Text
Abstract
Current Department of Homeland Security employees are not obligated to join the department’s new Cyber Talent Management System, but they may want to consider it, according to senior DHS officials.Nextgov
November 15, 2021
DHS announces new program to attract and retain cybersecurity talent Full Text
Abstract
The Department of Homeland Security (DHS) on Monday announced a new program to attract and retain cybersecurity professionals, as major cyber incidents have ticked up over the past year and are drawing more government attention.The Hill
November 14, 2021
US and Israel announce joint task force on cybersecurity Full Text
Abstract
The U.S. Treasury Department announced on Sunday that it would work with the Israeli Ministry of Finance to address ransomware and cybersecurity issues.The Hill
November 14, 2021
US Education Dept urged to boost K-12 schools’ ransomware defenses Full Text
Abstract
The US Department of Education and Department of Homeland Security (DHS) were urged this week to more aggressively strengthen cybersecurity protections at K-12 schools across the nation to keep up with a massive wave of attacks.BleepingComputer
November 14, 2021
FTC shares guidance for small businesses to prevent ransomware attacks Full Text
Abstract
The US Federal Trade Commission (FTC) has shared guidance for small businesses on how to increase resilience to ransomware attacks. The US Federal Trade Commission (FTC) published guidance for small businesses on how to protect their networks from...Security Affairs
November 13, 2021
Hackers access FBI email system, spam 100,000 accounts Full Text
Abstract
Hackers accessed the FBI’s email system and sent spam to 100,000 accounts on Saturday, according to the Spamhaus Project, an email spam watchdog group.The Hill
November 12, 2021
Senate Democrats urge government to do more to protect K-12 schools against hackers Full Text
Abstract
A group of Senate Democrats on Friday urged the federal government to do more to protect K-12 institutions and students against crippling cyberattacks, which have increasingly wreaked havoc across the nation during the past year.The Hill
November 12, 2021
FTC shares ransomware defense tips for small US businesses Full Text
Abstract
The US Federal Trade Commission (FTC) has shared guidance for small businesses on how to secure their networks from ransomware attacks by blocking threat actors' attempts to exploit vulnerabilities using social engineering or exploits targeting technology.BleepingComputer
November 11, 2021
Harris calls for global action on cyber threats after US joins international effort Full Text
Abstract
Vice President Harris on Thursday called on global leaders to work together to counter cybersecurity threats and protect an open internet following a turbulent year of major cyberattacks.The Hill
November 11, 2021
Biden signs into law bill to secure telecommunications systems against foreign threats Full Text
Abstract
President Biden on Thursday signed into law bipartisan legislation to secure telecommunications systems against potential foreign threats, particularly from those linked to China.The Hill
November 11, 2021
Iranian threat actors attempt to buy stolen data of US organizations, FBI warns Full Text
Abstract
The FBI warned private industry partners of attempts by an Iranian threat actor to buy stolen information belonging to US organizations. The Federal Bureau of Investigation (FBI) issued a private industry notification (PIN) to warn private industry...Security Affairs
November 11, 2021
New bill sets ransomware attack response rules for US financial orgs Full Text
Abstract
New legislation introduced this week by US lawmakers aims to set ransomware attack response "rules of road" for US financial institutions.BleepingComputer
November 10, 2021
Taiwan Government faces 5 Million hacking attempts daily Full Text
Abstract
Cyber security department director Chien Hung-wei told parliament representatives that the Taiwanese government infrastructure faces “five million attacks and scans a day”.Security Affairs
November 10, 2021
Former top officials warn democracy in ‘jeopardy’ without Congressional action on election security Full Text
Abstract
A bipartisan group of almost 100 former national security officials is urging Congress to take steps to secure elections ahead of next year, warning that without action, the nation's democratic institutions are in “severe jeopardy.”The Hill
November 10, 2021
Harris, Macron unveil new initiatives on space, cybersecurity after meeting Full Text
Abstract
Vice President Harris on Wednesday announced new initiatives with France on space and cybersecurity following a meeting with French President Emmanuel Macron in Paris.The Hill
November 09, 2021
State and local officials celebrate passage of infrastructure bill with $1 billion in cyber funds Full Text
Abstract
State and local officials are celebrating the expected distribution of $1 billion in cybersecurity funds from the newly approved infrastructure deal, the biggest government investment in state and local cybersecurity to date.The Hill
November 08, 2021
US sanctions Chatex cryptoexchange used by ransomware gangs Full Text
Abstract
The US Treasury Department announced today sanctions against the Chatex cryptocurrency exchange for helping ransomware gangs evade sanctions and facilitating ransom transactions.BleepingComputer
November 8, 2021
FBI warns of fraudulent schemes using cryptocurrency ATMs and QR for payments Full Text
Abstract
The FBI warns of an increase of fraudulent schemes leveraging cryptocurrency ATMs and QR Codes to facilitate payment. The FBI Internet Crime Complaint Center (IC3) published an alert to warn the public of fraudulent schemes leveraging cryptocurrency...Security Affairs
November 8, 2021
Chinese Government Claims Foreign Cyberattacks Impacted Passenger Records at Multiple Airlines Full Text
Abstract
The hacking campaign was discovered after one of China’s airlines reported a security breach to MSS officials in January 2020. A subsequent investigation found several other airlines also impacted.The Record
November 6, 2021
FBI Warning: Ransomware Now Targeting Time-Critical Events Full Text
Abstract
U.S. officials noted that ransomware groups are directing attacks toward firms involved in time-sensitive financial events, such as corporate mergers and acquisitions. The operators look for private and non-publicly available sensitive information to use during extortion. It is believed that this ... Read MoreCyware Alerts - Hacker News
November 6, 2021
A drone was modified to disrupt U.S. Power Grid, says intelligence bulletin Full Text
Abstract
US officials believe that a drone was employed in an attempted attack on a power substation in Pennsylvania last year. US officials believe threat actors used a drone in an attempted attack on a power substation in Pennsylvania last year. The...Security Affairs
November 05, 2021
Lawmakers call on Biden administration to take further steps against spyware groups Full Text
Abstract
A group of House Democrats on Friday applauded the Biden administration for blacklisting key companies involved in cyber espionage efforts, including Israeli company NSO Group, but called on the White House to go further and considering imposing sanctions to limit this activity.The Hill
November 05, 2021
Senators move to include 72 hour timeline for cyber incident reporting in defense bill Full Text
Abstract
A bipartisan group of senators are moving to insert a provision into the upcoming annual National Defense Authorization Act (NDAA) that would give certain critical infrastructure groups 72 hours to report major cyber incidents to the government.The Hill
November 05, 2021
U.S. Federal Agencies Ordered to Patch Hundreds of Actively Exploited Flaws Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a catalog of vulnerabilities, including from Apple, Cisco, Microsoft, and Google, that have known exploits and are being actively exploited by malicious cyber actors, in addition to requiring federal agencies to prioritize applying patches for those security flaws within "aggressive" timeframes. "These vulnerabilities pose significant risk to agencies and the federal enterprise," the agency said in a binding operational directive (BOD) issued Wednesday. "It is essential to aggressively remediate known exploited vulnerabilities to protect federal information systems and reduce cyber incidents." About 176 vulnerabilities identified between 2017 and 2020, and 100 flaws from 2021 have made their way to the initial list, which is expected to be updated with additional actively exploited vulnerabilities as and when they become known provided they have been assigned Common VuThe Hacker News
November 05, 2021
FBI: Ransomware gangs hit several tribal-owned casinos in the last year Full Text
Abstract
The Federal Bureau of Investigation (FBI) says that multiple ransomware gangs have hit tribal entities over the last year, taking down their systems and impacting businesses and public services.BleepingComputer
November 05, 2021
FBI warns of increased use of cryptocurrency ATMs, QR codes for fraud Full Text
Abstract
The Federal Bureau of Investigation (FBI) warns that victims of various fraud schemes are increasingly asked by criminals to use cryptocurrency ATMs and Quick Response (QR) codes, making it harder to recover their financial losses.BleepingComputer
November 5, 2021
US Gov offers a reward of up to $10M for info on DarkSide leading members Full Text
Abstract
The US government offers up to a $10,000,000 reward for information leading to the identification or arrest of DarkSide gang members. The US government wants to dismantle the DarkSide ransomware operation and its rebrands and it is offering up to a $10,000,000...Security Affairs
November 04, 2021
CISA urges vendors to patch BrakTooth bugs after exploits release Full Text
Abstract
Researchers have released public exploit code and a proof of concept tool to test Bluetooth devices against System-on-a-Chip (SoC) security bugs impacting multiple vendors, including Intel, Qualcomm, Texas Instruments, and Cypress.BleepingComputer
November 04, 2021
Industry pushes back on federal, congressional cybersecurity mandate efforts Full Text
Abstract
Officials representing key transportation sectors including rail and aviation on Thursday made clear that proposed cybersecurity reporting mandates and other federal cyber efforts aimed at beefing up security are not what is needed to defend against increasing attacks.The Hill
November 4, 2021
CISA recommends vendors to fix BrakTooth issues after the release of PoC tool Full Text
Abstract
CISA urges vendors to address BrakTooth flaws after researchers have released public exploit code and a proof of concept tool for them. US CISA is urging vendors to address BrakTooth flaws after security researchers have released public exploit code...Security Affairs
November 4, 2021
CISA shares a catalog of 306 actively exploited vulnerabilities Full Text
Abstract
The US CISA shared a list of vulnerabilities known to be exploited in the wild and orders US federal agencies to address them within deadlines. The US Cybersecurity and Infrastructure Security Agency (CISA) has published a catalog of 306 actively...Security Affairs
November 4, 2021
CERT-FR warns of Lockean ransomware attacks against French companies Full Text
Abstract
CERT-France warns of a new ransomware group named Lockean that is behind a series of attacks against French organizations over the past 2 years. France’s Computer Emergency Response Team (CERT-FR) officials identified a new ransomware gang named...Security Affairs
November 3, 2021
FBI Warning: HelloKitty Adds DDoS for Quick Extortion Full Text
Abstract
The FBI has issued a flash alert warning against the HelloKitty ransomware group who recently started threatening victims with DDoS attacks. The group's ransom demands fluctuate for each victim and are based on their ability to pay. O rganizations should apply recommended mitigations at the e ... Read MoreCyware Alerts - Hacker News
November 03, 2021
Top cyber official reports ‘decrease’ in Russian cyberattacks against US groups Full Text
Abstract
White House National Cyber Director Chris Inglis testified on Capitol Hill Wednesday that there had been a “decrease” in the number of cyberattacks against U.S. companies traced back to Russia, but stressed that the reason was not clear.The Hill
November 3, 2021
NSO Group, Positive Technologies and other firms sanctioned by the US government Full Text
Abstract
The U.S. sanctioned four companies for the development of surveillance malware or the sale of hacking tools used by nation-state actors, including NSO Group. The Commerce Department's Bureau of Industry and Security (BIS) has sanctioned four companies...Security Affairs
November 03, 2021
US sanctions NSO Group and three others for spyware and exploit sales Full Text
Abstract
The U.S. has sanctioned four companies located in Israel, Russia, and Singapore for the development of spyware or the sale of hacking tools used by state-sponsored hacking groups.BleepingComputer
November 3, 2021
CISA promotes election cybersecurity platform debunking misinformation Full Text
Abstract
The cybersecurity body reiterated that there is "no specific, credible threat to election infrastructure" but noted that they are "ready to provide cyber incident response and expertise if needed."ZDNet
November 03, 2021
CISA orders federal agencies to fix hundreds of exploited security flaws Full Text
Abstract
CISA has issued this year's first binding operational directive (BOD) ordering federal civilian agencies to mitigate security vulnerabilities exploited in the wild within an aggressive timeline.BleepingComputer
November 02, 2021
House passes bills to shore up small business cybersecurity Full Text
Abstract
The House on Tuesday approved two bills to strengthen the cybersecurity of small businesses, which have faced escalating threats during the COVID-19 pandemic.The Hill
November 02, 2021
FBI: Ransomware targets companies during mergers and acquisitions Full Text
Abstract
The Federal Bureau of Investigation (FBI) warns that ransomware gangs are targeting companies involved in "time-sensitive financial events" such as corporate mergers and acquisitions to make it easier to extort their victims.BleepingComputer
November 1, 2021
MITRE, CISA Announce 2021 List of Most Common Hardware Weaknesses Full Text
Abstract
MITRE and the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) have announced the release of the “2021 Common Weakness Enumeration (CWE) Most Important Hardware Weaknesses” list.Security Week
November 01, 2021
Officials on alert for cyber threats ahead of election day Full Text
Abstract
Officials are on alert for threats to elections ahead of Election Day in states including Virginia on Tuesday, one year after a contentious 2020 presidential election.The Hill
November 1, 2021
Countries Team Up to Issue Video Teleconference Guidance Full Text
Abstract
The joint signatories who issued the guidance supported calls for industry-standard encryption as a minimum requirement and welcomed the development and implementation of end-to-end encryption.Info Risk Today
November 1, 2021
Australia: None of NSW’s lead cluster agencies have implemented all Essential Eight controls Full Text
Abstract
The cybersecurity policy for New South Wales government agencies is not sufficiently robust which is a cause for "significant concern", according to the state's auditor-general Margaret Crawford.ZDNet
October 30, 2021
MITRE and CISA publish the 2021 list of most common hardware weaknesses Full Text
Abstract
MITRE and CISA announced the release of the “2021 Common Weakness Enumeration (CWE) Most Important Hardware Weaknesses” list. MITRE and the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) have announced the release of the “2021...Security Affairs
October 29, 2021
Federal push to identify, protect critical groups from hackers gains momentum Full Text
Abstract
Efforts in the federal government and Congress to identify and further protect groups critical to national security from cyber threats are gaining ground amid recent destructive ransomware attacks, officials say.The Hill
October 28, 2021
Senate approves bill to protect telecommunications infrastructure from foreign threats Full Text
Abstract
The Senate on Thursday unanimously passed legislation to take steps to further crack down on the use of telecommunications products from companies deemed to be a national security threat, such as those based in China.The Hill
October 28, 2021
NSA and CISA share guidance on securing 5G cloud infrastructure Full Text
Abstract
CISA and the NSA shared guidance on securing cloud-native 5G networks from attacks seeking to compromise information or deny access by taking down cloud infrastructure.BleepingComputer
October 28, 2021
Beware of Ranzy Locker Ransomware: FBI Warns Full Text
Abstract
According to an FBI alert, Ranzy Locker ransomware operators crippled the networks of at least 30 U.S. organizations, mostly via brute-force attacks. The group runs a double extortion model, threatening victims to leak data if they did not agree with ransom demands. The alert by officials of ... Read MoreCyware Alerts - Hacker News
October 28, 2021
Warner says cyber threats more worrying than ‘traditional weaponry’ Full Text
Abstract
Sen. Mark Warner (D-Va.), said Thursday that cyberattacks pose larger risks than conventional warfare, citing the recent SolarWinds and Colonial Pipeline hacks as examples of a “dramatically” different security environment that has taken shape over the past decade.The Hill
October 28, 2021
Biden administration officials outline steps to tackle urgent cyber threats Full Text
Abstract
Top Biden administration officials on Thursday outlined steps taken to confront the increase in cyber threats against the nation, including through strengthening key critical infrastructure groups.The Hill
October 28, 2021
EU investigating leak of private key used to forge Covid passes Full Text
Abstract
The private key used to sign EU Digital Covid certificates has been reportedly leaked and is being circulated on messaging apps and forums. The key has also been misused to generate forged certificates, such as those for Adolf Hitler, Mickey Mouse, Sponge Bob—all of which are being recognized as valid by the official government apps.BleepingComputer
October 27, 2021
Blinken formally announces new State Department cyber bureau Full Text
Abstract
Secretary of State Antony Blinken on Wednesday formally announced the establishment of a new cyber bureau at the State Department to help tackle cyber and emerging technology diplomatic issues.The Hill
October 27, 2021
Lawmakers split on next steps to secure transportation sectors against hackers Full Text
Abstract
Lawmakers are split on the next steps that should be taking to secure key transportation avenues like air and rail against cyber threats.The Hill
October 27, 2021
US bans China Telecom Americas over national security risks Full Text
Abstract
The Federal Communications Commission (FCC) has revoked China Telecom Americas' license to provide telecommunication services within the United States.BleepingComputer
October 26, 2021
Iran blames cyberattack for nationwide gas station closures Full Text
Abstract
Iran says that a cyberattack caused nationwide closures of gas stations, according to multiple reports.The Hill
October 26, 2021
After a Year of Silence, Are EU Cyber Sanctions Dead? Full Text
Abstract
The European Union has stopped issuing cyber sanctions, but it's not for lack of new attacks.Lawfare
October 26, 2021
Lawmakers praise upcoming establishment of cyber bureau at State Full Text
Abstract
Lawmakers on both sides of the aisle are praising the upcoming establishment of a new cybersecurity bureau at the State Department, following years of advocacy and escalating global attacks.The Hill
October 26, 2021
FBI: Ranzy Locker ransomware hit at least 30 US companies this year Full Text
Abstract
The FBI said on Monday that Ranzy Locker ransomware operators had compromised at least 30 US companies this year from various industry sectors.BleepingComputer
October 25, 2021
Groove Calls for Cyberattacks on US as REvil Payback Full Text
Abstract
The bold move signals a looming clash between Russian ransomware groups and the U.S.Threatpost
October 25, 2021
US Intel Warns China Could Dominate Advanced Technologies Full Text
Abstract
The warnings include a renewed effort to inform business executives, academics and local and state government officials about the risks of accepting Chinese investment or expertise in key industries.Security Week
October 25, 2021
CISA urges admins to patch critical Discourse code execution bug Full Text
Abstract
A critical Discourse remote code execution (RCE) vulnerability tracked as CVE-2021-41163 was fixed via an urgent update by the developer on FridayBleepingComputer
October 24, 2021
NATO releases its first strategy for Artificial Intelligence Full Text
Abstract
This week, NATO Defence Ministers released the first-ever strategy for Artificial Intelligence (AI) that encourages the use of AI in a responsible manner. Artificial Intelligence (AI) is changing the global defence and security environment, for this...Security Affairs
October 22, 2021
Top officials turn over Twitter accounts to ‘share the mic’ with Black cybersecurity experts Full Text
Abstract
Top federal officials and cybersecurity experts participated Friday in an online campaign to “share the mic” in cyber, giving control of their Twitter accounts to Black cybersecurity officials and experts in an effort to combat systemic racism.The Hill
October 21, 2021
New Senate bill would take steps to protect AI-collected data Full Text
Abstract
A new bipartisan Senate bill introduced Thursday is aiming to secure data collected by artificial intelligence technologies, such as facial recognition technologies, as these types of technologies continue to grow in use.The Hill
October 21, 2021
US Bureau of Industry and Security bans export of hacking tools to authoritarian regimes Full Text
Abstract
The Commerce Department's Bureau of Industry and Security (BIS) would ban U.S. firms from selling hacking tools to authoritarian regimes. The Commerce Department's Bureau of Industry and Security (BIS) would introduce a new export control rule aimed...Security Affairs
October 21, 2021
U.S. Government Bans Sale of Hacking Tools to Authoritarian Regimes Full Text
Abstract
The U.S. Commerce Department on Wednesday announced new rules barring the sales of hacking software and equipment to authoritarian regimes and potentially facilitate human rights abuse for national security (NS) and anti-terrorism (AT) reasons. The mandate , which is set to go into effect in 90 days, will forbid the export, reexport and transfer of "cybersecurity items" to countries of "national security or weapons of mass destruction concern" such as China and Russia without a license from the department's Bureau of Industry and Security (BIS). "The United States Government opposes the misuse of technology to abuse human rights or conduct other malicious cyber activities, and these new rules will help ensure that U.S. companies are not fueling authoritarian practices," BIS said in a press release. The rule does not cover "intrusion software" itself, but rather the following — Systems, equipment, and components specially designed orThe Hacker News
October 20, 2021
US govt to ban export of hacking tools to authoritarian regimes Full Text
Abstract
The Commerce Department's Bureau of Industry and Security (BIS) today announced export controls for software and hardware tools that could be used for malicious hacking activities.BleepingComputer
October 20, 2021
House approves bill to strengthen IT supply chain following SolarWinds hack Full Text
Abstract
The House on Wednesday approved legislation to strengthen software and information technology supply chains at the Department of Homeland Security (DHS) and to help protect against attacks similar to last year’s SolarWinds hack.The Hill
October 20, 2021
House passes bills to secure telecommunications infrastructure Full Text
Abstract
The House on Wednesday approved multiple bipartisan bills aimed at securing U.S. telecommunications systems against foreign interference, in particular against threats from China.The Hill
October 20, 2021
Senate Republicans raise concerns about TSA cyber directives for rail, aviation Full Text
Abstract
Republican leaders and members of the Senate Commerce Committee on Wednesday raised concerns about the timeline and lack of public input involved in recently announced cybersecurity directives for the rail and aviation sectors.The Hill
October 20, 2021
Commerce Department cracks down on sale of hacking products to foreign governments Full Text
Abstract
The Commerce Department on Wednesday took steps to crack down on the sale of certain hacking products used by foreign governments and other groups to surveil and repress individuals.The Hill
October 19, 2021
FBI, CISA, NSA published a joint advisory on BlackMatter ransomware operations Full Text
Abstract
FBI, CISA, NSA have published a joint advisory about the operation of the BlackMatter ransomware gang and provides defense recommendations. The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI),...Security Affairs
October 19, 2021
FBI warns of fake govt sites used to steal financial, personal data Full Text
Abstract
The FBI warned the US public that threat actors actively use fake and spoofed unemployment benefit websites to harvest sensitive financial and personal information from unsuspecting victims.BleepingComputer
October 18, 2021
FBI, CISA, NSA share defense tips for BlackMatter ransomware attacks Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) published today an advisory with details about how the BlackMatter ransomware gang operates.BleepingComputer
October 17, 2021
Avoid Using Wildcard TLS Certificates, Warns NSA Full Text
Abstract
The NSA clued in organizations against the use of wildcard TLS certificates that may lead to a widespread attack on an organization, as well as invite the new ALPACA TLS attack. According to researchers, around 119,000 web servers are still exposed to the new ALPACA attacks.Cyware Alerts - Hacker News
October 15, 2021
CISA Issues Warning On Cyber Threats Targeting Water and Wastewater Systems Full Text
Abstract
The U.S. Cybersecurity Infrastructure and Security Agency (CISA) on Thursday warned of continued ransomware attacks aimed at disrupting water and wastewater facilities (WWS), highlighting five incidents that occurred between March 2019 and August 2021. "This activity—which includes attempts to compromise system integrity via unauthorized access—threatens the ability of WWS facilities to provide clean, potable water to, and effectively manage the wastewater of, their communities," CISA, along with the Federal Bureau of Investigation (FBI), the Environmental Protection Agency (EPA), and the National Security Agency (NSA), said in a joint bulletin. Citing spear-phishing, outdated operating systems and software, and control system devices running vulnerable firmware versions as the primary intrusion vectors, the agencies singled out five different cyber attacks from 2019 to early 2021 targeting the WWS Sector — A former employee at Kansas-based WWS facility unsuccessfullyThe Hacker News
October 15, 2021
CISA Outlines Cyberthreats Targeting US Water and Wastewater Systems Full Text
Abstract
Cybersecurity company Dragos worked with CISA, the FBI, the NSA and the EPA to outline cyberthreats targeting the information and operational technology underpinning the networks, systems and devices of US water and wastewater facilities.ZDNet
October 15, 2021
Governments worldwide to crack down on ransomware payment channels Full Text
Abstract
Senior officials from 31 countries and the European Union said that their governments would take action to disrupt the cryptocurrency payment channels used by ransomware gangs to finance their operations.BleepingComputer
October 15, 2021
US government discloses more ransomware attacks on water plants Full Text
Abstract
U.S. Water and Wastewater Systems (WWS) Sector facilities have been breached multiple times in ransomware attacks during the last two years according to joint advisory published by US government agencies on Thursday.BleepingComputer
October 14, 2021
Agencies warn of cyber threats to water, wastewater systems Full Text
Abstract
A coalition of federal agencies on Thursday warned that hackers are targeting the water and wastewater treatment sectors, strongly recommending that organizations take steps to protect themselves.The Hill
October 14, 2021
World leaders recognize ransomware attacks as ‘global security threat’ Full Text
Abstract
Government cybersecurity leaders from the United States and more than 30 countries on Thursday formally recognized ransomware attacks as an "escalating global security threat,” and pledged greater cooperation and diplomacy in fighting against these incidents.The Hill
October 14, 2021
House Democrats announce bill to rein in tech algorithms Full Text
Abstract
Top Democrats on the House Energy and Commerce Committee on Thursday announced legislation aimed at holding online platforms accountable for content promoted by their algorithms.The Hill
October 13, 2021
Australia to tackle ransomware data breaches by deleting stolen files Full Text
Abstract
Australia's Minister for Home Affairs has announced the "Australian Government's Ransomware Action Plan," which is a set of new measures the country will adopt in an attempt to tackle the rising threat.BleepingComputer
October 13, 2021
World leaders call for enhanced cooperation to fight escalating wave of ransomware attacks Full Text
Abstract
A coalition of leaders from around 30 nations kicked off a White House-led summit on countering ransomware attacks Wednesday by calling for increased international cooperation to fight these incidents.The Hill
October 13, 2021
Russia excluded from virtual White House meeting on ransomware Full Text
Abstract
The White House on Wednesday will convene a virtual meeting on countering ransomware with senior officials representing 30 countries and the European Union, Biden administration officials said, as part of President Biden’s effort to work with global partners to address cyber threats.The Hill
October 13, 2021
UK Cybersecurity Agency Releases New BYOD Guidance Full Text
Abstract
The United Kingdom's National Cyber Security Center has published an updated guidance for employees using their personal devices for work, amid a prolonged work-from-home setting.Info Risk Today
October 13, 2021
Russia and China left out of global anti-ransomware meetings Full Text
Abstract
The White House National Security Council facilitates virtual meetings this week with senior officials and ministers from more than 30 countries in a virtual international counter-ransomware event to rally allies in the fight against the ransomware threat.BleepingComputer
October 12, 2021
Congress looks to strengthen government’s aging cyber infrastructure Full Text
Abstract
Congress is working to funnel resources to beef up state and local government cybersecurity infrastructure after the COVID-19 pandemic forced municipalities to move many essential operations to aging and vulnerable online sources.The Hill
October 12, 2021
NSA warns of wildcard certificate risks, provides mitigations Full Text
Abstract
The U.S. National Security Agency (NSA) is warning of the dangers stemming from the use of broadly-scoped certificates to authenticate multiple servers in an organization. These include a recently disclosed ALPACA technique that could be used for various traffic redirect attacks.BleepingComputer
October 11, 2021
Former Pentagon official says China has won artificial intelligence battle Full Text
Abstract
The Pentagon's former software chief resigned and said that China is headed toward global dominance in artificial intelligence due to the relatively slow pace of innovation in the United States.The Hill
October 08, 2021
Biden signs bill to strengthen K-12 school cybersecurity Full Text
Abstract
President Biden on Friday signed into law legislation intended to strengthen the cybersecurity of K-12 institutions after a year in which cyberattacks aimed at schools spiked as classes moved online during the COVID-19 pandemic.The Hill
October 8, 2021
The Netherlands declares war on ransomware operations Full Text
Abstract
The Dutch government will not tolerate ransomware attacks that could threaten national security, it will use intelligence or military services to curb them. The Dutch government announced that it will not tolerate cyberattacks that pose a risk to its national...Security Affairs
October 07, 2021
New U.S. Government Initiative Holds Contractors Accountable for Cybersecurity Full Text
Abstract
The U.S. government on Wednesday announced the formation of a new Civil Cyber-Fraud Initiative that aims to hold contractors accountable for failing to meet required cybersecurity requirements in order to safeguard public sector information and infrastructure. "For too long, companies have chosen silence under the mistaken belief that it is less risky to hide a breach than to bring it forward and to report it," said Deputy Attorney General Monaco in a press statement. "Well that changes today, [and] we will use our civil enforcement tools to pursue companies, those who are government contractors who receive federal funds, when they fail to follow required cybersecurity standards — because we know that puts all of us at risk." The Civil Cyber-Fraud Initiative is part of the U.S. Justice Department's (DoJ) efforts to build resilience against cybersecurity intrusions and holding companies to task for deliberately providing deficient cybersecurity products orThe Hacker News
October 06, 2021
U.S. govt to sue contractors who hide breach incidents Full Text
Abstract
Under the new Civil Cyber-Fraud Initiative that the U.S. Department of Justice announced today, government contractors are accountable in a civil court if they don't report a breach or fail to meet required cybersecurity standards.BleepingComputer
October 06, 2021
Bill requiring companies report cyber incidents moves forward in the Senate Full Text
Abstract
The Senate Homeland Security and Governmental Affairs Committee on Wednesday approved legislation to require many companies to report both major cybersecurity breaches and payments made related to ransomware attacks.The Hill
October 6, 2021
Arizona governor announces the launch of Command Center to protect state computer systems Full Text
Abstract
The governor of Arizona, Doug Ducey, has announced the launch of a Cyber Command Center to address the thousands of attacks that daily target government computers. The governor of Arizona, Doug Ducey, has launched a Cyber Command Center to repel the huge...Security Affairs
October 06, 2021
DOJ to go after government contractors that fail to report breaches Full Text
Abstract
The Department of Justice (DOJ) said Wednesday it will go after federal contractors that fail to report cybersecurity incidents to the U.S. government.The Hill
October 6, 2021
FDA: How to Inform Patients About Medical Device Cyber Flaws Full Text
Abstract
These devices range from Software as a Medical Device, such as certain mobile phone applications, to implantable medical devices, such as pacemakers, the federal agency notes.Gov Info Security
October 05, 2021
NSA director expects to be facing ransomware attacks ‘every single day’ in five years Full Text
Abstract
National Security Agency (NSA) Director Paul Nakasone predicted Tuesday that the rate of ransomware attacks will not slow down in the next five years, and said efforts to counter those threats must remain constant as well.The Hill
October 05, 2021
Lawmakers introduce bill to identify and protect critical groups from cyber threats Full Text
Abstract
House Homeland Security Committee ranking member John Katko (R-N.Y.) and Rep. Abigail SpanbergerAbigail Davis SpanbergerBiden to host lawmakers at White House next week amid impasse on his agenda Progressives cheer, moderates groan as Biden visit caps chaotic week Katie Hill launches effort to protect Democratic majority in House MORE (D-Va.) on Tuesday introduced legislation to help the federal government identify and further protect certain critical groups from cyberattacks.The Hill
October 04, 2021
Senators warn of Chinese technology threats ahead of international meeting Full Text
Abstract
The leaders of the Senate Intelligence Committee on Monday warned of continuing threats posed by the Chinese government to telecommunications systems and other critical technologies ahead of a major international summit.The Hill
October 04, 2021
Senators introduce bill to strengthen federal cybersecurity after attacks Full Text
Abstract
Senate Homeland Security and Governmental Affairs Committee Chairman Gary Peters (D-Mich.) and ranking member Rob PortmanRobert (Rob) Jones PortmanThe United States must lead the way on artificial intelligence standards The most important part of the infrastructure bill is little noticed Hillicon Valley — Presented by Ericsson — Bill would give some groups 24 hours to report ransomware payments MORE (R-Ohio) introduced a bill Monday to overhaul and improve federal cybersecurity policies following multiple major cyberattacks.The Hill
October 04, 2021
UK plans to invest £5 billion in retaliatory cyber-attacks Full Text
Abstract
The United Kingdom has revealed plans to invest £5 billion in bolstering national cybersecurity that includes creating a "Cyber Force" unit to perform retaliatory attacks.BleepingComputer
October 3, 2021
The Biden administration will work with 30 countries to curb global cybercrime Full Text
Abstract
The Biden administration announced it will work with 30 countries, including NATO allies and G7 partners, to curb global cybercrime. U.S. President Joe Biden announced that the US will work with 30 countries to curb cybercrime and dismantle ransomware...Security Affairs
October 2, 2021
White House to convene 30-country cybersecurity meeting Full Text
Abstract
The topics of the meeting, President Biden said, will include combating cybercrime, improving law enforcement collaboration, stemming the illicit use of cryptocurrency, building trusted 5G technology and better securing supply chains.ZDNet
October 01, 2021
Biden ‘confident’ in the nation’s cybersecurity efforts as Cybersecurity Awareness Month begins Full Text
Abstract
President Biden on Friday expressed confidence in measures taken by his administration during his first months in office to secure the nation against mounting cyber threats as Cybersecurity Awareness Month kicks off.The Hill
October 01, 2021
US unites 30 countries to disrupt global ransomware attacks Full Text
Abstract
U.S. President Joe Biden said today announced today that the U.S. has brought together 30 countries to jointly crackdown on ransomware gangs behind a barrage of attacks impacting organizations worldwide.BleepingComputer
October 01, 2021
FCC orders phone carriers to enforce unlawful robocall blocking Full Text
Abstract
The Federal Communications Commission (FCC) announced earlier this week that phone companies are now required to filter calls from providers who haven't complied with a deadline to block illegal robocalls that expired on September 28th.BleepingComputer
October 1, 2021
CISA Releases New Tool to Help Organizations Guard Against Insider Threats Full Text
Abstract
The CISA released an Insider Risk Mitigation Self-Assessment Tool today, which assists public and private sector organizations in assessing their vulnerability to an insider threat.US CERT
October 01, 2021
The FCC proposes rules to fight SIM swap and port-out fraud Full Text
Abstract
The Federal Communications Commission in the U.S. this week announced that it started to work on rules that would pull the brake on SIM swapping attacks.BleepingComputer
October 1, 2021
Around the world with the NSA’s cyber chief Full Text
Abstract
“Almost every nation in the world now has a cyber exploitation program,” Rob Joyce, director of the NSA’s Cybersecurity Directorate, said during the Aspen Cyber Summit in Colorado.The Record
September 30, 2021
House approves legislation to protect K-12 schools against cyberattacks Full Text
Abstract
The House on Wednesday unanimously passed legislation intended to help strengthen K-12 institutions against cyber threats, which have ticked up as classes have moved online during the COVID-19 pandemic.The Hill
September 30, 2021
US Congress asks FBI to explain delay in helping Kaseya atack victims Full Text
Abstract
The House Committee on Oversight and Reform has requested a briefing to understand the rationale behind FBI's decision to delay providing the victims of the Kaseya REvil ransomware with an universal decryption key for three weeks.BleepingComputer
September 29, 2021
Lawmakers demand briefing on FBI’s decision to withhold Kaseya decryption key Full Text
Abstract
The leaders of the House Oversight and Reform Committee on Wednesday demanded a briefing from the FBI on its decision to withhold for three weeks the decryption key necessary for companies impacted by the ransomware attack on IT company Kaseya to recover.The Hill
September 29, 2021
Keep Attackers Out of VPNs: Feds Offer Guidance Full Text
Abstract
The NSA and CISA issued recommendations on choosing and hardening VPNs to prevent nation-state APTs from weaponizing flaws & CVEs to break into protected networks.Threatpost
September 29, 2021
Russia arrests cybersecurity firm CEO after raiding offices Full Text
Abstract
Russian law enforcement on Tuesday has arrested Ilya Sachkov, the co-founder and CEO of cybersecurity company Group-IB, on suspicion of high treason resulting from sharing data with foreign intelligence..BleepingComputer
September 29, 2021
CISA to maintain ‘rumor control’ site to counter false claims in future elections Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) will use its "rumor control" website to counter disinformation and misinformation during future elections despite the site's role in former President Trump ousting several of the agency's top officials in 2020.The Hill
September 29, 2021
NSA, CISA release guidance on hardening remote access via VPN solutions Full Text
Abstract
The U.S. CISA and the NSA agencies have published guidance for securely using virtual private network (VPN) solutions. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance...Security Affairs
September 28, 2021
CFIUS, Team Telecom and China Full Text
Abstract
What have CFIUS and Team Telecom been up to?Lawfare
September 28, 2021
NSA, CISA share VPN security tips to defend against hackers Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance for hardening the security of virtual private network (VPN) solutions.BleepingComputer
September 28, 2021
NSA, CISA share VPN security tips to defend against hackers (edited) Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance for hardening the security of virtual private network (VPN) solutions.BleepingComputer
September 28, 202
Senators roll out bill giving organizations 24 hours to report ransomware attack payments Full Text
Abstract
The leaders of the Senate Homeland Security and Governmental Affairs Committee on Tuesday introduced legislation that would give set timelines for cyber incident reporting, including giving certain organizations 24 hours to report if they paid the sum demanded in a ransomware attack.The Hill
September 27, 2021
EU: Russia Behind ‘Ghostwriter’ Campaign Targeting Germany Full Text
Abstract
It’s not the first time that the disinformation/spearphishing campaign, which originally smeared NATO, has been linked to Russia.Threatpost
September 27, 2021
German Federal Office for Information Security (BSI) investigates Chinese mobile phones Full Text
Abstract
German Federal Office for Information Security is launching an investigation into the cybersecurity of certain Chinese mobile phones. German Federal Office for Information Security (BSI) is launching an investigation into the cybersecurity of mobile...Security Affairs
September 27, 2021
More than 130,000 malicious IP addresses were blocked during Australia Census 2021: AWS Full Text
Abstract
More than 130,000 malicious IP addresses were blocked to ensure no breaches or interruptions were experienced during what was deemed a successful Census 2021, according to Amazon Web Services (AWS).ZDNet
September 25, 2021
European Union formally blames Russia for the GhostWriter operation Full Text
Abstract
European Union representatives formally accused Russia of attempting to target the elections and political systems of several EU states. European Union has formally accused Russia of meddling in the elections and political systems of several EU states....Security Affairs
September 24, 2021
EU ‘denounces’ Russian malicious cyber activity aimed at member states Full Text
Abstract
A top European Union (EU) official on Friday called out Russia for its involvement in recent hacking efforts directed towards the governments of multiple member states, describing these efforts as “unacceptable.”The Hill
September 24, 2021
Breach reporting required for health apps and devices, FTC says Full Text
Abstract
According to the FTC statement, “Entities covered by the Rule who have experienced breaches cannot conceal this fact from those who have entrusted them with sensitive health information.”CSO Online
September 23, 2021
Officials urge Congress to consider fining companies that fail to report cyber incidents Full Text
Abstract
The nation’s top cybersecurity officials on Thursday urged Congress to consider passing legislation that would fine organizations if they failed to report cybersecurity incidents to the federal government, part of an effort to do more to confront a recent spree of attacks.The Hill
September 22, 2021
Republican lawmakers raise security, privacy concerns over Huawei cloud services Full Text
Abstract
Sen. Tom Cotton (R-Ark.) and Rep. Mike Gallagher (R-Wis.) are raising concerns around U.S. and foreign governments' potential use of Chinese telecommunications group Huawei’s cloud services, warning of security and privacy issues.The Hill
September 22, 2021
US CISA, FBI, and NSA warn an escalation of Conti ransomware attacks Full Text
Abstract
CISA, FBI, and the NSA warned today of an escalation of the attacks of the Conti ransomware gang targeting US organizations. CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) are warning of an increased number...Security Affairs
September 22, 2021
FBI, CISA, and NSA warn of escalating Conti ransomware attacks Full Text
Abstract
CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) warned today of an increased number of Conti ransomware attacks targeting US organizations.BleepingComputer
September 21, 2021
DHS chief ‘horrified’ by images at border Full Text
Abstract
GOP senators on Tuesday grilled Homeland Security Secretary Alejandro Mayorkas over the influx of Haitian refugees seeking asylum at the U.S.-Mexico border and viral images of Customs and Border Patrol officials on horseback chasing migrants away.The Hill
September 21, 2021
FBI withheld decryption key for Kaseya ransomware attack for three weeks: report Full Text
Abstract
The FBI allegedly withheld the release of a decryption key for almost three weeks that could have assisted groups crippled by the massive ransomware attack on IT group Kaseya earlier this year to unlock their networks.The Hill
September 21, 2021
Update: Indonesia Says No Evidence of Alleged Chinese Intel Hack Full Text
Abstract
Indonesian authorities have found no evidence that the country’s main intelligence service’s computers were compromised, after a cybersecurity company alerted them of a suspected breach.Security Week
September 18, 2021
The Biden administration plans to target exchanges supporting ransomware operations with sanctions Full Text
Abstract
US Government is expected to issue sanctions against crypto exchanges, wallets, and traders used by ransomware operations to cash out ransom payments. The Biden administration is putting in place all the strategies to disrupt the operations of the ransomware...Security Affairs
September 17, 2021
US govt sites showing porn, viagra ads share a common software vendor Full Text
Abstract
Multiple U.S. government sites using .gov and .mil domains have been seen hosting porn and spam content, such as Viagra ads, in the last year. A security researcher noticed all of these sites share a common software vendor, Laserfiche.BleepingComputer
September 16, 2021
FBI and CISA warn of state hackers exploiting critical Zoho bug Full Text
Abstract
The FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) today warned that state-backed advanced persistent threat (APT) groups are actively exploiting a critical flaw in a Zoho single sign-on and password management solution since early August 2021.BleepingComputer
September 16, 2021
FTC: Health app and connected device makers must disclose data breaches Full Text
Abstract
The FTC approved a policy statement Wednesday that warns makers of health apps and connected devices that collect health-related information to comply with a decade-old data breach notification rule.The Record
September 16, 2021
FBI, CISA, and CGCYBER warn of nation-state actors exploiting CVE-2021-40539 Zoho bug Full Text
Abstract
The FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) warn of state-sponsored attacks that are actively exploiting CVE-2021-40539 Zoho flaw. The FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) warn that nation-state APT groups are actively...Security Affairs
September 16, 2021
House Committees Seek to Spend Millions on Cybersecurity Full Text
Abstract
A pair of House committees this week said they want to spend additional millions on cybersecurity by injecting funds into both the CISA and FTC, as part of the debate over the federal budget proposal.Bank Info Security
September 15, 2021
FTC warns health apps to notify consumers impacted by data breaches Full Text
Abstract
The Federal Trade Commission (FTC) voted 3-2 Wednesday that a decade-old rule on health data breaches applies to apps that handle sensitive health information, warning these companies to comply.The Hill
September 15, 2021
‘No indication’ Russia has cracked down on ransomware gangs, top FBI official says Full Text
Abstract
A top-ranking FBI official on Tuesday said the federal agency has seen no evidence that the Russian government has moved against notorious ransomware gangs operating on its soil.The Record
September 15, 2021
DOJ: Former NSA Operatives Worked as Cyber-Mercenaries Full Text
Abstract
Marc Baier, 49, Ryan Adams, 34, and Daniel Gericke, 40, are all charged with having broken federal laws related to computer fraud and export regulations, the Department of Justice announced Tuesday.Gizmodo
September 15, 2021
US CISA appointed Kiersten Todt as new chief of staff Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has appointed Kiersten Todt as its new chief of staff. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced to have appointed Kiersten Todt as its new chief of staff,...Security Affairs
September 14, 2021
Top FBI official says there is ‘no indication’ Russia has taken action against hackers Full Text
Abstract
FBI Deputy Director Paul Abbate said Tuesday there has been “no indication” that the Russian government has taken steps to stop the activities of cyber criminals engaging in ransomware attacks against U.S. organizations, despite outreach efforts by the Biden administration.The Hill
September 13, 2021
FTC warns of extortionists targeting LGBTQ+ community on dating apps Full Text
Abstract
The US Federal Trade Commission (FTC) warns of extortion scammers targeting the LGBTQ+ community via online dating apps such as Grindr and Feeld.BleepingComputer
September 13, 2021
Singapore moots ‘foreign interference’ law with powers to issue online platforms take-down order Full Text
Abstract
Singapore has mooted new laws that will arm the government with the ability to issue directives to various platforms, including social media and websites, to remove or block access to content deemed part of hostile information campaigns.ZDNet
September 9, 2021
National cyber director declares ‘too soon to say we’re out of the woods,’ as US enjoys dip in ransomware Full Text
Abstract
After a summer marked by big ransomware attacks from suspected Russian gangs, some of those same groups went quiet. National Cyber Director Chris Inglis has said that it’s too early to tell if the trend will hold.Cyberscoop
September 09, 2021
Report pushes for changes to diversify ‘homogenous’ US cybersecurity workforce Full Text
Abstract
A group of experts across multiple fields on Thursday recommended a sweeping set of actions to diversify the U.S. cybersecurity workforce, saying the field was “overwhelmingly” white and male.The Hill
September 9, 2021
Pro-Chinese government propaganda campaign spurs on COVID-19 protests in the US Full Text
Abstract
Researchers are tracking a campaign that is both promoting the Chinese government and encouraging real-world protests surrounding the COVID-19 pandemic in the United States.ZDNet
September 08, 2021
CISA Warns of Actively Exploited Zoho ManageEngine ADSelfService Vulnerability Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday issued a bulletin warning of a zero-day flaw affecting Zoho ManageEngine ADSelfService Plus deployments that is currently being actively exploited in the wild. The flaw, tracked as CVE-2021-40539 , concerns a REST API authentication bypass that could lead to arbitrary remote code execution (RCE). ADSelfService Plus builds up to 6113 are impacted. ManageEngine ADSelfService Plus is an integrated self-service password management and a single sign-on solution for Active Directory and cloud apps, enabling admins to enforce two-factor authentication for application logins and users to reset their passwords. "CVE-2021-40539 has been detected in exploits in the wild. A remote attacker could exploit this vulnerability to take control of an affected system," CISA said , urging companies to apply the latest security update to their ManageEngine servers and "ensure ADSelfService Plus is not directlThe Hacker News
September 8, 2021
Congress Is Warning That the Federal Government Remains Vulnerable to Cyberattacks Full Text
Abstract
Despite the U.S. government spending more than $16 billion, new technologies and programs may be needed.Lawfare
September 08, 2021
Lawmakers question impact of SolarWinds hack on US attorneys’ offices Full Text
Abstract
A group of House and Senate lawmakers from Florida are looking for answers around the effect of last year’s SolarWinds breach on U.S. Attorneys’ Offices (USAOs) and on the way the Justice Department approaches cybersecurity.The Hill
September 8, 2021
Russian communications watchdog Roskomnadzor blocks access to 6 VPNs Full Text
Abstract
Russian communications watchdog Roskomnadzor tightens control of its citizens and blocked access to six virtual private networks (VPNs), including NordVPN and ExpressVPN. Russian communications watchdog Roskomnadzor tightens the control over the Internet...Security Affairs
September 8, 2021
Germany protests to Russia over attacks ahead of the upcoming election Full Text
Abstract
Germany has protested to Russia over attempts to steal data from lawmakers and use them to spread disinformation ahead of the upcoming election. Germany has formally protested to Russia over a series of cyber attacks aimed at stealing data from lawmakers...Security Affairs
September 6, 2021
FBI IC3 warns of a spike in sextortion attacks Full Text
Abstract
The FBI Internet Crime Complaint Center (IC3) warns of a spike in sextortion attacks since the beginning of 2021 that caused $8M losses. The FBI Internet Crime Complaint Center (IC3) is warning of a significant increase in sextortion complaints since...Security Affairs
September 04, 2021
US SEC: Watch out for Hurricane Ida-related investment scams Full Text
Abstract
The US Securities and Exchange Commission has warned investors to be "extremely wary" of potential investment scams related to Hurricane Ida's aftermath.BleepingComputer
September 4, 2021
CISA urges IT teams to address critical vulnerability affecting Cisco Enterprise Network Function Virtualization Infrastructure Software Full Text
Abstract
The vulnerability affects Cisco Enterprise Network Function Virtualization Infrastructure Software Release (NFVIS) 4.5.1 and Cisco released software updates that address the vulnerability on Wednesday.ZDNet
September 3, 2021
France Doesn’t Do Public Attribution of Cyberattacks. But It Gets Close. Full Text
Abstract
France doesn’t publicly attribute cyberattacks to state actors as it is commonly known, but it names the perpetrators and, in doing so, exploits every ambiguity associated with the term “attribution.”Lawfare
September 03, 2021
US govt warns orgs to patch massively exploited Confluence bug Full Text
Abstract
US Cyber Command (USCYBERCOM) has issued a rare alert today urging US organizations to patch a massively exploited Atlassian Confluence critical vulnerability immediately.BleepingComputer
September 03, 2021
FBI: Spike in sextortion attacks cost victims $8 million this year Full Text
Abstract
The FBI Internet Crime Complaint Center (IC3) has warned of a massive increase in sextortion complaints since the start of 2021, resulting in total financial losses of more than $8 million until the end of July.BleepingComputer
September 3, 2021
FBI warns of ransomware attacks targeting the food and agriculture sector Full Text
Abstract
FBI warns ransomware gangs are actively targeting organizations in the food and agriculture sector. The FBI Cyber Division issued a Private Industry Notification (PIN) to warn of ransomware attacks targeting the Food and Agriculture sector disrupting...Security Affairs
September 02, 2021
Biden administration on alert for cyberattacks ahead of Labor Day weekend Full Text
Abstract
A top White House official on Thursday underlined preparations the Biden administration is taking for any potential cyberattacks over the upcoming Labor Day weekend, urging companies to be on alert against hackers.The Hill
September 1, 2021
Singapore adds a third bug bounty program – this time to fortify government digital services Full Text
Abstract
The new Vulnerability Rewards Programme (VRP) joins the Government Bug Bounty Programme and the Vulnerability Disclosure Programme, all of which work alongside the government's own security checks.The Register
September 1, 2021
U.K.’s Post-Brexit Strategy on Cross-Border Data Flows Full Text
Abstract
On Aug. 25, the U.K. Department for Digital, Culture, Media & Sport (DCMS) released important details about its post-Brexit strategy for cross-border flows of personal data. What's in the release?Lawfare
September 1, 2021
Watch out, ransomware attack risk increases on holidays and weekends, FBI and CISA Full Text
Abstract
The FBI and CISA issued a joint cybersecurity advisory to warn organizations to remain vigilant against ransomware attacks during weekends or holidays. The FBI and CISA warn organizations to keep high their defenses against ransomware attacks during...Security Affairs
September 1, 2021
Federal Departments Ordered to Improve Logging Capabilities Full Text
Abstract
The White House ordered U.S. agencies to improve their logging capabilities to better track when attackers target their networks and data, according to a memo from the Office of Management and Budget.Bank Info Security
August 31, 2021
Agencies warn of ransomware threats ahead of Labor Day weekend Full Text
Abstract
Federal agencies are warning of potential ransomware attacks targeted at U.S. organizations ahead of Labor Day weekend following cyberattacks during previous holidays this year.The Hill
August 31, 2021
How Congress and NIST Can Help Organizations Better Manage Cyber Risk Full Text
Abstract
Requiring NIST to clarify how organizations should use existing and future cybersecurity guidance would be a timely and overdue action to improve the nation’s cyber defenses that should attract broad support.Lawfare
August 31, 2021
FBI, CISA: Ransomware attack risk increases on holidays, weekends Full Text
Abstract
The FBI and CISA urged organizations not to let down their defenses against ransomware attacks during weekends or holidays to released a joint cybersecurity advisory issued earlier today.BleepingComputer
August 31, 2021
FBI Alert: Hive Ransomware is Actively Targeting Healthcare Full Text
Abstract
The FBI cautioned against the Hive ransomware that recently halted operations at Memorial Health System in a cyberattack. The group’s deadline ranges between two to six days, normally. Hive actors use RDP to move laterally inside the network. A response plan in the event of ransomware attacks sho ... Read MoreCyware Alerts - Hacker News
August 30, 2021
CISA Adds Single-Factor Authentication to the List of Bad Practices Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added single-factor authentication to the short list of "exceptionally risky" cybersecurity practices that could expose critical infrastructure as well as government and the private sector entities to devastating cyberattacks. Single-factor authentication is a method of signing in users to websites and remote systems by using only one way of verifying their identity, typically a combination of username and password. It's considered to be of low-security, since it heavily relies on "matching one factor — such as a password — to a username to gain access to a system." But with weak, reused, and common passwords posing a grave threat and emerging a lucrative attack vector, the use of single-factor authentication can lead to unnecessary risk of compromise and increase the possibility of account takeover by cybercriminals. With the latest development, the list of bad practices now eThe Hacker News
August 30, 2021
Biden administration establishes program to recruit tech professionals to serve in government Full Text
Abstract
The Biden administration on Monday announced it was establishing a program to recruit and train people to serve in digital positions within the federal government and address issues related to the COVID-19 pandemic and cybersecurity concerns.The Hill
August 30, 2021
US DoJ announces the creation of Cyber Fellowship Program Full Text
Abstract
The US DoJ announced a new Cyber Fellowship program for training prosecutors and attorneys on cybersecurity. The US DoJ announced a new Cyber Fellowship program for training selected prosecutors and attorneys on cyber threat and threat actors. The...Security Affairs
August 30, 2021
CISA: Don’t use single-factor auth on Internet-exposed systems Full Text
Abstract
Single-factor authentication (SFA) has been added today by the US Cybersecurity and Infrastructure Security Agency (CISA) to a very short list of cybersecurity bad practices it advises against.BleepingComputer
August 30, 2021
The first national cyber director has big plans to toughen U.S. digital defenses Full Text
Abstract
America’s first-ever national cyber director Chris Inglis says he has a strategy to get government agencies to toughen up their digital defenses in the face of increasing cyber threats.Politico
August 30, 2021
CISA urges enterprises to fix Microsoft Azure Cosmos DB flaw Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert urging enterprises to address the recently disclosed vulnerability in Microsoft Azure Cosmos DB. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued...Security Affairs
August 30, 2021
U.S. Justice Department adds fellowship program to boost legal efforts against cybercrime Full Text
Abstract
“We need to develop the next generation of prosecutors with the training and experience necessary to combat the next generation of cyber threats,” Deputy Attorney General Lisa Monaco said.Cyberscoop
August 28, 2021
White House rallies private industry in cyber battle Full Text
Abstract
A meeting between President Biden and more than two dozen key leaders from a variety of industries this week has increased momentum for plans to quickly address rising cyber threats.The Hill
August 28, 2021
The FBI issued a flash alert for Hive ransomware operations Full Text
Abstract
The Federal Bureau of Investigation (FBI) has released a flaw alert on the Hive ransomware attacks that includes technical details and indicators of compromise associated with the operations of the gang.Security Affairs
August 26, 2021
CISA publishes malware analysis reports on samples targeting Pulse Secure devices Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released five malware analysis reports (MARs) related to samples found on compromised Pulse Secure devices. The U.S. CISA published five malware analysis reports (MARs) related to samples...Security Affairs
August 26, 2021
FBI shares technical details for Hive ransomware Full Text
Abstract
The Federal Bureau of Investigation (FBI) has released some technical details and indicators of compromise associated with Hive ransomware attacks.BleepingComputer
August 26, 2021
CISA Details Additional Malware Targeting Pulse Secure Appliances Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week released five new analysis reports detailing malware discovered on compromised Pulse Secure devices.Security Week
August 25, 2021
White House gathers tech, education, banking leaders for cyber meeting Full Text
Abstract
The Biden administration will convene more than two dozen leaders of key groups across a variety of fields at the White House for a cybersecurity meeting on Wednesday intended to serve as a “call to action” to address escalating cyber threats.The Hill
August 24, 2021
FBI flash alert warns on OnePercent Group Ransomware attacks Full Text
Abstract
The FBI shared info about OnePercent Group that has been actively targeting US organizations in ransomware attacks since at least November 2020. The Federal Bureau of Investigation (FBI) has published a flash alert about a threat actor known...Security Affairs
August 23, 2021
CISA recommends immediately patch Exchange ProxyShell flaws Full Text
Abstract
US CISA issued an urgent alert to warn admins to address ProxyShell vulnerabilities on-premises Microsoft Exchange servers. The US Cybersecurity and Infrastructure Security Agency (CISA) issued an alert to warn admins to address actively exploited...Security Affairs
August 23, 2021
Singapore, US pledge deeper collaboration in cybersecurity Full Text
Abstract
Singapore and the US have inked a series of Memorandums of Understanding (MOUs) to widen their collaboration in cybersecurity across defense, financial, and research and development.ZDNet
August 22, 2021
State Department recently hit by cyberattack: report Full Text
Abstract
The State Department was reportedly hit by a cyberattack in recent weeks, prompting the Department of Defense's Cyber Command to send out notifications warning of a possible serious breach.The Hill
August 21, 2021
US CISA releases guidance on how to prevent ransomware data breaches Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) released guidance on how to prevent data breaches resulting from ransomware attacks. Most of the recent ransomware attack resulted in data breaches for the victims, threat actors implemented...Security Affairs
August 19, 2021
InkySquid State Actor Exploiting Known IE Bugs Full Text
Abstract
The North Korea-linked APT group leverages known Internet Explorer vulns for watering-hole attacks.Threatpost
August 19, 2021
CISA shares guidance on how to prevent ransomware data breaches Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) has released guidance to help government and private sector organizations prevent data breaches resulting from ransomware double extortion schemes.BleepingComputer
August 18, 2021
Census Bureau computer servers target of January 2020 cyberattack Full Text
Abstract
U.S. Census Bureau computer servers were targeted during a cyberattack last year, but the hackers' attempts to retain access to the system were unsuccessful, according to a watchdog report released Wednesday.The Hill
August 18, 2021
What Is Cyber Command’s Role in Combating Ransomware? Full Text
Abstract
Recent ransomware attacks against the United States are raising questions about whether and how the military, specifically U.S. Cyber Command, might counter this type of malicious cyber activity. Here, we provide a road map for policymakers to help guide their decision-making on this critical policy challenge.Lawfare
August 18, 2021
FBI Warns of Credential Stuffing Attacks Against Grocery and Food Delivery Services Full Text
Abstract
With billions of user credentials having been leaked online following security breaches over the past decade, credential stuffing attacks are now common across a wide spectrum of industry verticals.The Record
August 17, 2021
FFIEC Updates Authentication Guidance Full Text
Abstract
The Federal Financial Institutions Examination Council (FFIEC) has issued updated its security guidance advising banks to use stronger access controls and multifactor authentication.Gov Info Security
August 17, 2021
CISA Warns ThroughTrek Customers of Software Flaw in Millions of Baby Monitors, Cameras Full Text
Abstract
The vulnerability is in a software protocol made by Taiwanese internet of things (IoT) vendor ThroughTek, which has many customers including the Chinese electronics giant Xiaomi.Cyberscoop
August 16, 2021
Maine’s Department of Environmental Protection Warns of Ransomware Intrusions at Two Public Wastewater Plants Full Text
Abstract
The Department of Environmental Protection has warned municipalities and water-sector professionals to be on alert after two recent ransomware intrusions, believed to be the first incidents in Maine.bangordailynews
August 16, 2021
US FINRA warns US brokerage firms and brokers of ongoing phishing attacks Full Text
Abstract
The US FINRA warns US brokerage firms and brokers of an ongoing phishing campaign impersonating its representatives to steal sensitive info. The US Financial Industry Regulatory Authority (FINRA) is warning US brokerage firms and brokers of an ongoing...Security Affairs
August 16, 2021
United Nations calls for moratorium on sale of surveillance tech like NSO Group’s Pegasus Full Text
Abstract
"It is highly dangerous and irresponsible to allow the surveillance technology and trade sector to operate as a human rights-free zone," warned eight UN experts on human rights.The Register
August 15, 2021
A job ad published by the UK’s Ministry of Defence revealed a secret hacking squad Full Text
Abstract
A job ad published by the UK's Ministry of Defence has revealed the existence of a previously undisclosed secret SAS mobile hacker team. The existence of a secret SAS mobile hacker squad, named MAB5 and under the control of the Computer Network Operations...Security Affairs
August 14, 2021
Russian cyberspies targeted the Slovak government for months Full Text
Abstract
A Russian cyber-espionage group linked to one of Russia’s intelligence forces has targeted the Slovak government for months, Slovak security firms ESET and IstroSec said this week.The Record
August 12, 2021
Australia: Labor tries the Senate after ransomware payments Bill flops in the House of Reps Full Text
Abstract
The Bill that would require entities to inform the Australian government before they make a ransomware payment has been introduced to the Senate by the federal opposition.ZDNet
August 11, 2021
NSA Watchdog Will Review Tucker Carlson Spying Claims Full Text
Abstract
Despite a lack of evidence, the National Security Agency will investigate whether the Fox host was illegally targeted.Threatpost
August 10, 2021
Senate includes over $1.9 billion for cybersecurity in infrastructure bill Full Text
Abstract
The Senate included more than $1.9 billion in cybersecurity funds as part of the roughly $1 trillion bipartisan infrastructure package approved Tuesday.The Hill
August 9, 2021
Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks Full Text
Abstract
The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021. The Australian Cyber Security Centre (ACSC) warns of an escalation in LockBit 2.0 ransomware...Security Affairs
August 08, 2021
Australian govt warns of escalating LockBit ransomware attacks Full Text
Abstract
The Australian Cyber Security Centre (ACSC) warns of an increase of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021.BleepingComputer
August 6, 2021
CISA Extends ICT SCRM Task Force Until 2023 Full Text
Abstract
On August 2, the CISA announced that it would be extending the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force to July 31, 2023.Meritalk
August 05, 2021
CISA teams up with Microsoft, Google, Amazon to fight ransomware Full Text
Abstract
CISA has announced the launch of Joint Cyber Defense Collaborative (JCDC), a partnership across public and private sectors focused on defending US critical infrastructure from ransomware and other cyber threats.BleepingComputer
August 05, 2021
Senators introduce bipartisan bill to sanction nations involved in ransomware attacks Full Text
Abstract
Senate Intelligence Committee Vice Chairman Marco Rubio (R-Fla.) and Sen. Dianne FeinsteinDianne Emiel FeinsteinNearly 140 Democrats urge EPA to 'promptly' allow California to set its own vehicle pollution standards Biden signs bill to bolster crime victims fund Stripping opportunity from DC's children MORE (D-Calif.) on Thursday introduced legislation that would sanction countries involved in state-sponsored ransomware attacks.The Hill
August 05, 2021
Federal cyber agency kicks off collaborative to defend the U.S. against cyberattacks Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) on Thursday kicked off a new effort to help defend the U.S. against cyberattacks, which have multiplied in recent months.The Hill
August 05, 2021
Lawmakers roll out bipartisan bill to help track cyber crimes Full Text
Abstract
A group of bipartisan House and Senate lawmakers on Thursday introduced legislation intended to help the federal government better track and analyze cyber crime following a sharp increase in cyberattacks over the past year.The Hill
August 5, 2021
Beware Free Wi-Fi: Government Urges Workers to Avoid Public Networks Full Text
Abstract
The NSA warned all federal employees, leading defense contractors, and civilian personnel that hackers could take advantage of the public Wi-Fi in coffee shops, airports, and hotel rooms.New York Times
August 5, 2021
A US official explains why the White House decided not to ban ransomware payments Full Text
Abstract
The Biden administration backed away from the idea of banning ransomware payments after meetings with the private sector and cybersecurity experts, a top cybersecurity official said Wednesday.Cyberscoop
August 04, 2021
Senators highlight national security threats from China during rare public hearing Full Text
Abstract
The Senate Intelligence Committee held a rare public hearing Wednesday afternoon to stress increasing threats posed by China to U.S. national security, with one top senator describing the situation as a “horror-show.”The Hill
August 4, 2021
Russia tells UN it wants vast expansion of cybercrime offenses, plus network backdoors, online censorship Full Text
Abstract
The proposal put forward by Russia to the UN calls for member states to develop domestic laws to punish a far broader set of offenses than current international rules recognize.The Register
August 4, 2021
US CISA and NSA publish guidance to secure Kubernetes deployments Full Text
Abstract
US CISA and NSA released new guidance that provides recommendations on how to harden Kubernetes deployments and minimize the risk of hack. US CISA and NSA released new guidance that provides recommendations to harden Kubernetes deployments. Kubernetes...Security Affairs
August 4, 2021
NSA, CISA Publish Technical Report with Guidance on Hardening Kubernetes Clusters Full Text
Abstract
Through this guidance, CISA and NSA officials hope to provide system administrators with a secure baseline for future Kubernetes configurations that will avoid intrusions by hackers.The Record
August 3, 2021
NIST Works to Create AI Risk Management Framework Full Text
Abstract
The National Institute of Standards and Technology is working to develop risk management guidance around the use of artificial intelligence and machine learning, the agency has announced.Careers Info Security
August 03, 2021
Senate report finds major cybersecurity shortcomings among federal agencies Full Text
Abstract
A bipartisan report released by the Senate Homeland Security and Governmental Affairs Committee on Tuesday found “stark” shortcomings in the cybersecurity posture of many major federal agencies in the midst of escalating cyberattacks against both the U.S. government and private sector.The Hill
August 3, 2021
Federal agencies are failing to protect sensitive data, Senate report finds Full Text
Abstract
Released by the panel on Tuesday, the report expresses concerns about the state of federal agencies’ cyber posture during an overall 8% rise in security incidents across agencies.Cyberscoop
August 3, 2021
UAE Cybersecurity Council launches ‘National Bug Bounty Programme’ Full Text
Abstract
The initiative aims to promote the culture of cybersecurity and protect the country’s digital transformation and overall achievements in line with the country's leadership directives.Khaleej Times
August 2, 2021
Responsible Cyber Offense Full Text
Abstract
Offensive operations will continue apace in the foreseeable future—conducted by the United States, its allies and its adversaries. The choice is whether and how to engage in them responsibly and minimize cost to societies.Lawfare
August 02, 2021
White House cyber chief backs new federal bureau to track threats Full Text
Abstract
National Cyber Director Chris Inglis on Monday made the case for establishing an office within the Department of Homeland Security (DHS) to track and analyze cybersecurity incidents in order to ensure the nation has an early warning system to understand adversary efforts to target U.S. organizations.The Hill
July 31, 2021
FBI warns investors of fraudsters posing as brokers and advisers Full Text
Abstract
The FBI Criminal Investigative Division and Securities and Exchange Commission warn investors of fraudsters impersonating registered investment professionals such as investment advisers and registered brokers.BleepingComputer
July 30, 2021
CISA launches vulnerability disclosure platform for federal agencies Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) today launched a new vulnerability disclosure policy (VDP) platform for US federal civilian agencies.BleepingComputer
July 30, 2021
MDBR Stops Ransomware, Phishing, Malware, and More Full Text
Abstract
The MDBR service from CIS is available at no cost to all U.S. SLTT organizations, as well as all public and private hospitals in the U.S., in partnership with technology provider Akamai.CIS
July 30, 2021
Australia: Home Affairs asks for a rush on Critical Infrastructure Bill to allow ASD to act lawfully Full Text
Abstract
The Department of Home Affairs has requested a rush for the passage of the country's looming critical infrastructure Bill, saying the sector specific rules could be nutted out following Royal Assent.ZDNet
July 30, 2021
India: Delhi government plans IT shield to ward off cyber threats Full Text
Abstract
Delhi government is going to carry out a major security audit of all its IT systems, websites, web-enabled applications, web services and mobile applications against any cyberattack or threat.The Times Of India
July 29, 2021
CISA’s Top 30 Bugs: One’s Old Enough to Buy Beer Full Text
Abstract
There are patches or remediations for all of them, but they’re still being picked apart. Why should attackers stop if the flaws remain unpatched, as so many do?Threatpost
July 29, 2021
NSA shares guidance on how to secure your wireless devices Full Text
Abstract
The US National Security Agency (NSA) today published guidance on how to properly secure wireless devices against potential attacks targeting them when traveling or working remotely.BleepingComputer
July 29, 2021
Israeli Government Agencies Visit NSO Group Offices Full Text
Abstract
Authorities opened an investigation into the secretive Israeli security firm.Threatpost
July 28, 2021
New US security memorandum bolsters critical infrastructure cybersecurity Full Text
Abstract
US President Joe Biden today issued a national security memorandum designed to help strengthen the security of critical infrastructure by setting baseline performance goals for critical infrastructure owners and operators.BleepingComputer
July 28, 2021
Hillicon Valley: Biden moves to boost critical infrastructure cybersecurity | Activists protest Facebook’s ‘failure’ on disinformation | States appeal dismissal of Facebook antitrust case Full Text
Abstract
After major cybersecurity attacks, such as the one that impacted Colonial Pipeline, President BidenJoe BidenRealClearPolitics reporter says Freedom Caucus shows how much GOP changed under Trump Iowa governor suggests immigrants partially to blame for rising COVID-19 cases Biden officials pledge to confront cybersecurity challenges head-on MORE issued a national security memorandum to amp up cybersecurity infrastructure.The Hill
July 28, 2021
US, UK, and Australian agencies warn of top routinely exploited issues Full Text
Abstract
A joint report published by US, UK, and Australian cyber security agencies warns of the top routinely exploited vulnerabilities in 2020. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC),...Security Affairs
July 28, 2021
Biden: Severe cyberattacks could escalate to ‘real shooting war’ Full Text
Abstract
President Joe Biden warned that cyberattacks leading to severe security breaches could lead to a "real shooting war" with another major world power.BleepingComputer
July 28, 2021
Biden moves to boost critical infrastructure cybersecurity Full Text
Abstract
President Biden on Wednesday will sign a national security memorandum aimed at increasing cybersecurity for critical systems in the wake of major cyberattacks on companies such as Colonial Pipeline.The Hill
July 28, 2021
Biden administration officials endorse ransomware reporting rules Full Text
Abstract
A handful of key Biden administration officials on Tuesday voiced support for legislation that would mandate certain businesses report ransomware attacks to the government.The Record
July 28, 2021
FBI reveals top targeted vulnerabilities of the last two years Full Text
Abstract
A joint security advisory issued today by several cybersecurity agencies from the US, the UK, and Australia reveals the top 30 most targeted security vulnerabilities of the last two years.BleepingComputer
July 28, 2021
Experts Testify on Pipeline Cybersecurity Measures Full Text
Abstract
The Senate hearing came just one week after the TSA issued its second cybersecurity directive, requiring owners and operators of critical pipelines to implement cybersecurity controls.Gov Info Security
July 27, 2021
Top FBI official advises Congress against banning ransomware payments Full Text
Abstract
A senior FBI official advised members of the Senate Judiciary Committee on Tuesday against the idea of banning companies from paying hackers behind ransomware attacks, which have become a national security concern in recent months.The Hill
July 27, 2021
Israel defence minister to visit France to discuss NSO, Iran Full Text
Abstract
Israeli Defence Minister Benny Gantz will travel to France this week to discuss spyware sold by Israeli cyber firm NSO that was allegedly used to target French President Emmanuel Macron.Reuters
July 27, 2021
Brazil creates cyberattack response network Full Text
Abstract
Created through a presidential decree signed on July 16, the Federal Cyber Incident Management Network will encompass the Institutional Security Office of the presidency as well as all bodies and entities under the federal government administration.ZDNet
July 24, 2021
Congress Focuses on Industrial Control System Security Full Text
Abstract
A bipartisan group of senators is pushing a bill that would require the CISA to identify and respond to vulnerabilities and threats that target industrial control systems. The House has already passed a similar measure.Gov Info Security
July 22, 2021
Senators introduce bipartisan bill to secure critical groups against hackers Full Text
Abstract
The bipartisan leaders of two Senate committees on Thursday introduced legislation to shore up the cybersecurity of critical infrastructure after months of crippling cyberattacks.The Hill
July 22, 2021
CISA analyzed stealthy malware found on compromised Pulse Secure devices Full Text
Abstract
U.S. CISA released an alert today about several stealth malware samples that were found on compromised Pulse Secure devices. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published a security alert related to the discovery of 13 malware...Security Affairs
July 21, 2021
House committee approves slate of bills to improve telecom security Full Text
Abstract
The House Energy and Commerce Committee on Wednesday approved multiple pieces of legislation meant to strengthen telecommunications against cyberattacks.The Hill
July 21, 2021
Officials warn of cybersecurity vulnerabilities in water systems Full Text
Abstract
Lawmakers and experts on Wednesday warned of gaping cybersecurity vulnerabilities in the nation’s critical water sector amid escalating attacks against a number of U.S. organizations.The Hill
July 21, 2021
CISA warns of stealthy malware found on hacked Pulse Secure devices Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released an alert today about more than a dozen malware samples found on exploited Pulse Secure devices that are largely undetected by antivirus products.BleepingComputer
July 21, 2021
The White House Responded to the Chinese Hacks of the Microsoft Exchange Servers This Week. Is It Enough? Full Text
Abstract
The Biden administration should be applauded for building a broad coalition of allies to condemn China's dangerous cyber activity. Now, the White House should do what it has done to other U.S. adversaries and impose real costs on Beijing.Lawfare
July 21, 2021
French Launch NSO Probe After Macron Believed Spyware Target Full Text
Abstract
Fourteen world leaders were among those found on list of NSO believed targets for its Pegasus spyware.Threatpost
July 21, 2021
Biden official: ‘We don’t know exactly why’ ransomware gang vanished from the web Full Text
Abstract
The Biden administration does not know exactly why the ransomware gang REvil, thought to be based in Russia, has vanished from the dark web, a senior official said Tuesday.Politico
July 21, 2021
Senators introduce bill requiring some critical groups to report cybersecurity incidents Full Text
Abstract
Leaders of the Senate Intelligence Committee and other bipartisan lawmakers on Wednesday formally introduced legislation requiring federal contractors and critical infrastructure groups to report attempted breaches in the wake of months of escalating cyberattacks.The Hill
July 21, 2021
Cybersecurity: DHS escalates mandates for key US pipelines in wake of ransomware attack Full Text
Abstract
The Department of Homeland Security mandated additional cybersecurity measures this week for critical US pipelines, a move meant to protect against ransomware and other known threats.CNN Money
July 21, 2021
U.S. Reveals China Breached Dozens of Pipeline Companies in Past Decade Full Text
Abstract
Overall, the U.S. government agencies identified and tracked 23 U.S. natural gas pipeline operators targeted from 2011 to 2013 in this spearphishing and intrusion campaign.US CERT
July 21, 2021
Can the US Curb China’s Cyber Ambitions? Full Text
Abstract
Many security experts and analysts are applauding the U.S. for calling out China's cyber behavior, especially after the White House had focused so much attention on Russia's cyber activities.Gov Info Security
July 21, 2021
French President Emmanuel Macron among 14 heads of states on potential spyware list Full Text
Abstract
French President Emmanuel Macron leads a list of 14 current or former heads of state who may have been targeted for hacking by clients of the notorious Israeli spyware firm NSO Group.AP News
July 20, 2021
House passes host of bills to strengthen cybersecurity in wake of attacks Full Text
Abstract
The House on Tuesday approved five bipartisan measures designed to enhance various aspects of the nation’s cybersecurity following recent major cyberattacks.The Hill
July 20, 2021
Peters launches bipartisan investigation into increasing ransomware attacks Full Text
Abstract
Senate Homeland Security and Governmental Affairs Committee Chairman Gary Peters (D-Mich.) on Tuesday announced the launch of a bipartisan investigation into the recent string of debilitating ransomware attacks against U.S. companies.The Hill
July 20, 2021
FBI: Threat actors may be targeting the 2020 Tokyo Summer Olympics Full Text
Abstract
The Federal Bureau of Investigation (FBI) warns of threat actors potentially targeting the upcoming Olympic Games, although evidence of attacks planned against the Olympic Games Tokyo 2020 is yet to be uncovered.BleepingComputer
July 20, 2021
Iranian Spies Caught by Facebook Full Text
Abstract
Facebook revealed that it tracked and partly disrupted a cyber espionage campaign launched by Iranian hackers, collectively known as Tortoiseshell or Imperial Kitten.Cyware Alerts - Hacker News
July 19, 2021
Biden opens new cyber fight with China Full Text
Abstract
President Biden is putting new pressure on China by publicly attributing the wide-ranging Microsoft Exchange Server cyberattack to hackers affiliated with Beijing.The Hill
July 19, 2021
White House formally blames China’s Ministry of State Security for Microsoft Exchange Hack Full Text
Abstract
The U.S. and a coalition of allies on Monday formally attributed the sweeping campaign against Microsoft Exchange email servers to hackers affiliated with China’s Ministry of State Security.The Record
July 19, 2021
US, allies blame China-linked hackers for Microsoft Exchange breach Full Text
Abstract
The United States and several allied countries on Monday are publicly blaming hackers affiliated with the Chinese government for the Microsoft Exchange Server hack that left tens of thousands of organizations vulnerable to compromise earlier this year.The Hill
July 19, 2021
US and allies officially accuse China of Microsoft Exchange attacks Full Text
Abstract
US and allies, including the European Union, the United Kingdom, and NATO, are officially blaming China for this year's widespread Microsoft Exchange hacking campaign.BleepingComputer
July 17, 2021
US govt offers $10 million reward for info on nation-state cyber operations Full Text
Abstract
The US government is offering a $10 million reward to everyone that provides information on operations conducted by nation-state actors. The US government is offering a $10 million reward for information on campaigns conducted by state-sponsored hackers. The...Security Affairs
July 17, 2021
Biden battles Russian hacking groups with restrictions on IT firms Full Text
Abstract
The United States took a new stab at Russia’s cybersecurity industry, restricting trade with four IT firms and two other entities over “aggressive and harmful” activities - including digital espionage - that US blames on the Russian government.Reuters
July 16, 2021
US govt offers $10 million reward for tips on nation-state hackers Full Text
Abstract
The United States government has taken two more active measures to fight and defend against malicious cyber activities affecting the country's business and critical infrastructure sectors.BleepingComputer
July 16, 2021
US Government Launches First One-Stop Ransomware Resource at StopRansomware.gov Full Text
Abstract
The new StopRansomware.gov is a collaborative effort across the federal government and is the first joint website created to help private and public organizations mitigate their ransomware risk.US Department of Justice
July 15, 2021
U.S. offers $10 million for tips on foreign hackers Full Text
Abstract
The U.S. on Thursday offered up to $10 million for information that can identify or locate malicious cyber actors working at the behest of a foreign government to target critical U.S. infrastructure.Reuters
July 15, 2021
CISA Releases Risk Vulnerability Assessment Report for FY2020 Full Text
Abstract
In the fiscal year 2020, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a risk assessment of 37 attack techniques mapped to six infection stages across multiple stakeholders in different sectors.Cyware Alerts - Hacker News
July 15, 2021
Biden administration stepping up efforts to respond to ransomware attacks Full Text
Abstract
The Biden administration on Thursday will announce new cross-agency measures to address the recent major ransomware attacks on companies including Colonial Pipeline and software group Kaseya.The Hill
July 15, 2021
China’s Cyberspies Targeting Southeast Asian Government Entities Full Text
Abstract
A sweeping and "highly active campaign" that originally set its sights on Myanmar has broadened its focus to strike a number of targets located in the Philippines, according to new research. Russian cybersecurity firm Kaspersky, which first spotted the infections in October 2020, attributed them to a threat actor it tracks as " LuminousMoth ," which it connected with medium to high confidence to a Chinese state-sponsored hacking group called HoneyMyte or Mustang Panda , given its observed victimology, tactics, and procedures. About 100 affected victims have been identified in Myanmar, while the number of victims jumped to nearly 1,400 in the Philippines, although the researchers noted that the actual targets were only a fraction of the initial numbers, including government entities located both within the two countries and abroad. The goal of the attacks is to affect a wide perimeter of targets with the aim of hitting a select few that are of strategic interesThe Hacker News
July 15, 2021
White House announces ransomware task force — and hacking back is one option Full Text
Abstract
The Biden administration is promoting efforts to help agencies go on defense and offense against hackers whose economically paralyzing attacks pose a growing threat to the U.S.Politico
July 15, 2021
Cybersecurity bills gain new urgency after rash of attacks Full Text
Abstract
Bipartisan bills aimed at strengthening U.S. cybersecurity after a string of major attacks are making headway in both the House and Senate.The Hill
July 14, 2021
Senate committee advances bipartisan energy infrastructure bill Full Text
Abstract
Legislation that’s expected to be a key piece of the bipartisan infrastructure package moved forward on Wednesday as Democrats separately fleshed out their reconciliation infrastructure bill.The Hill
July 14, 2021
House panel approves major funding boost for CISA in party-line vote Full Text
Abstract
The $52.8 billion budget approved by the House panel for DHS includes $2.42 billion for CISA, a hike of $397.4 million and $288.7 million above the Biden administration’s budget request.The Record
July 13, 2021
Jen Easterly sworn in as director of DHS cyber agency Full Text
Abstract
Jen Easterly was sworn in Tuesday as director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), one day after the Senate unanimously approved her nomination.The Hill
July 13, 2021
CISA orders federal agencies to patch Windows PrintNightmare bug Full Text
Abstract
A new emergency directive ordered by the Cybersecurity and Infrastructure Security Agency (CISA) orders federal agencies to mitigate the actively exploited Window Print Spooler vulnerability on their networks.BleepingComputer
July 13, 2021
Senate confirms Jen Easterly as head of U.S. cyber agency Full Text
Abstract
The Senate on Monday confirmed Jen Easterly to lead the CISA, filling an eight-month leadership void at the top of an agency aiming to address widespread digital weaknesses across the country.Politico
July 12, 2021
Interpol urges police to unite against ‘potential ransomware pandemic’ Full Text
Abstract
Interpol (International Criminal Police Organisation) Secretary General Jürgen Stock urged police agencies and industry partners to work together to prevent what looks like a future ransomware pandemic.BleepingComputer
July 12, 2021
After the Biden-Putin Summit, U.S.-Russia Expert Consultations Should Focus on the Financial Sector Full Text
Abstract
A bilateral agreement on cyberattacks against financial integrity would be an important first step that could help build confidence to make progress on other, more challenging areas. Yet, even for this issue, there are opportunities to make progress if expert consultations begin with a more narrowly defined policy problem.Lawfare
July 12, 2021
Senate unanimously approves Jen Easterly to lead DHS cyber agency Full Text
Abstract
The Senate on Monday unanimously approved the nomination of Jen Easterly to serve as director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA).The Hill
July 12, 2021
China drafts new cyber-security industry plan Full Text
Abstract
China's Ministry of Industry and Information Technology has issued a draft 3-year action plan to develop the cybersecurity industry, estimating the sector may be worth over $38.6 billion by 2023.Reuters
July 12, 2021
Chris Inglis formally sworn in as national cyber director Full Text
Abstract
Former National Security Agency Deputy Director Chris Inglis was formally sworn in as the first White House national cyber director on Monday.The Hill
July 12, 2021
Interpol Calls For New Ransomware Mitigation Strategy Full Text
Abstract
Interpol announced that it will boost the role of country-specific National Central Bureaus, among other measures, to develop a global strategy for ransomware mitigation.Bank Info Security
July 11, 2021
Biden discussed Russian ransomware gangs with Putin in a phone call Full Text
Abstract
President Joe Biden expressed concerns about ransomware attacks carried out by Russian gangs during a phone call with President Vladimir Putin. The recent wave of ransomware attacks carried out by Russian gangs like REvil and Darkside worries US authorities...Security Affairs
July 09, 2021
FBI warns cryptocurrency owners, exchanges of ongoing attacks Full Text
Abstract
The Federal Bureau of Investigation (FBI) warns cryptocurrency owners, exchanges, and third-party payment platforms of threat actors actively targeting virtual assets in attacks that can lead to significant financial losses.BleepingComputer
July 09, 2021
Biden warns Putin on Russian ransomware attacks Full Text
Abstract
President Biden spoke by phone with Russian President Vladimir PutinVladimir Vladimirovich PutinJohn Kerry to visit Moscow officials to discuss 'global climate ambition' Hillicon Valley: Warren asks SEC to take closer look at cryptocurrency exchanges | Maryland town knocked offline as part of massive ransomware attack | Huawei hires three new lobbying firms The New START extension lacks critical points for strategic stability MORE on Friday and urged him to take action to disrupt criminal groups operating in Russia that are behind recent ransomware attacks in the United States.The Hill
July 08, 2021
WSJ to Biden: Inaction on Russian cyber attacks would prove your ‘words are empty’ Full Text
Abstract
The editorial board of the Wall Street Journal is imploring President Biden to take swift action and send a strong message to Russian and other foreign adversaries that the U.S. will not tolerate cybercrime or those who harbor cyber criminals.The Hill
July 8, 2021
Regulator Probes Former Health Secretary’s Use of Private Email Full Text
Abstract
Matt Hancock comes under investigation by the ICOInfosecurity Magazine
July 07, 2021
Biden considering ‘range of options’ to respond to Russian cyberattacks Full Text
Abstract
President Biden and his administration are considering potential options for a response to new Russian-linked cyberattacks, the latest in a string of debilitating attacks linked to the country.The Hill
July 7, 2021
Biden Administration Cancels $10bn JEDI Contract Full Text
Abstract
Joint Enterprise Defense Infrastructure cloud contract axed, replaced with multi-vendor contractInfosecurity Magazine
July 07, 2021
White House urges mayors to review local govts’ cybersecurity posture Full Text
Abstract
Following recent ransomware attacks, Deputy National Security Advisor Anne Neuberger asked US mayors to immediately hold a meeting with the heads of state agencies to evaluate their cybersecurity posture.BleepingComputer
July 7, 2021
China reportedly warns local tech companies of increased cybersecurity oversight Full Text
Abstract
China has reportedly warned local companies it will tighten oversight of data security and overseas listings days after unveiling Didi has been subject to a government cybersecurity review.ZDNet
July 6, 2021
Japan Looks to Boost Military Cyber Experts Amid Security Threat Full Text
Abstract
China and Russia blamed for increasingly hostile activityInfosecurity Magazine
July 6, 2021
‘A uniquely bad idea’? Senators propose hack back study, but most experts’ minds are made up Full Text
Abstract
While lawmakers behind a new bipartisan bill argue that the use of offensive hacking could be a powerful deterrent, security experts worry that such reactionary legislation might do even more harm.SCMagazine
July 06, 2021
US warns of action against ransomware gangs if Russia refuses Full Text
Abstract
White House Press Secretary Jen Psaki says that the US will take action against cybercriminal groups from Russia if the Russian government refuses to do so.BleepingComputer
July 06, 2021
Hillicon Valley: Biden to confront cyberattacks following Kaseya attack | JEDI contract axed | Tech giants warn Hong Kong Full Text
Abstract
White House press secretary Jen PsakiJen PsakiDeath toll rises to 27 in Florida condo collapse Try and try again: GOP tests out myriad attacks on Biden Biden names nominee for US ambassador to Germany MORE said President BidenJoe BidenFive big questions about the Jan. 6 select committee With Afghanistan left in limbo, can the global South trust the West? When should the president be able to fire a watchdog? MORE is scheduled to meet with leaders across federal agencies to discuss solutions to the spike in ransomware attacks. Psaki’s announcement about Biden’s meeting to address the issue came the same day software company Kaseya acknowledged that as many as 1,500 companies worldwide were potentially compromised in last week’s attack.The Hill
July 06, 2021
Biden to meet with federal agencies to address ransomware concerns this week Full Text
Abstract
President Biden on Wednesday will meet with officials at several federal agencies to discuss solutions for confronting the ongoing wave of ransomware attacks.The Hill
July 6, 2021
ENISA publishes Cybersecurity guide for SMEs Full Text
Abstract
ENISA publishes Cybersecurity guide for SMEs, a document that aims at providing suggestions to secure their business During the COVID-19 pandemic, most of organizations increased their presence online, enlarging their surface of attacks. The surface...Security Affairs
July 6, 2021
Japan to bolster national cybersecurity defence with 800 new hires: Report Full Text
Abstract
Japan's Ministry of Defense has announced plans to bolster its cybersecurity unit by bringing on additional personnel to help defend against increasingly sophisticated attacks.ZDNet
July 5, 2021
CISA, FBI share guidance for MSPs and their customers impacted in Kaseya attack Full Text
Abstract
CISA and the FBI published guidance for the victims impacted by the REvil supply-chain ransomware attack against Kaseya. CISA and the Federal Bureau of Investigation (FBI) have published guidance for the organizations impacted by the massive REvil supply-chain...Security Affairs
July 5, 2021
After crackdown on Didi, China opens cybersecurity probes into 3 more tech firms Full Text
Abstract
The Cyberspace Administration of China (CAC) has opened a cybersecurity review into Yunmanman and Huochebang, subsidiaries of companies of the New York-listed Full Truck Alliance and Boss Zhipin.CNBC
July 5, 2021
White House reaching out with assistance to latest ransomware victims Full Text
Abstract
Senior White House cyber official, Anne Neuberger, said in a statement that the FBI and the CISA "will reach out to identified victims to provide assistance based upon an assessment of national risk."Reuters
July 03, 2021
Biden: ‘Initial thinking’ recent ransomware attack not by Russian government Full Text
Abstract
President Biden said Saturday that the “initial thinking” is that the Russian government is not behind a ransomware attack that targeted a tool provided by Miami-based IT software management company Kaseya.The Hill
July 3, 2021
Director of Cybersecurity at NSA Gets Dedicated Twitter Account Full Text
Abstract
The account, @NSA_CSDirector, is currently being used by Joyce, but it will likely be passed on to future NSA cybersecurity directors, similar to the @POTUS Twitter account used by the president of the United States.Security Week
July 02, 2021
Moscow denies US, British hacking allegations Full Text
Abstract
Moscow is denying new hacking allegations detailed Thursday by the U.S. and United Kingdom.The Hill
July 2, 2021
CISA alert urges to disable Windows Print Spooler to percent PrintNightmare attacks Full Text
Abstract
CISA issued a security alert to warn admins to disable the Windows Print Spooler service on servers not used for printing due to PrintNightmare zero-day. CISA issued an alert to warn admins to disable the Windows Print Spooler on servers not used...Security Affairs
July 01, 2021
NSA, FBI Reveal Hacking Methods Used by Russian Military Hackers Full Text
Abstract
An ongoing brute-force attack campaign targeting enterprise cloud environments has been spearheaded by the Russian military intelligence since mid-2019, according to a joint advisory published by intelligence agencies in the U.K. and U.S. The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the U.K.'s National Cyber Security Centre (NCSC) formally attributed the incursions to the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS). The threat actor is also tracked under various monikers, including APT28 (FireEye Mandiant), Fancy Bear (CrowdStrike), Sofacy (Kaspersky), STRONTIUM (Microsoft), and Iron Twilight (Secureworks). APT28 has a track record of using password spray and brute-force login attempts to steal login credentials. In November 2020, Microsoft disclosed cyberattacks staged by the adversary aimed at companies involved in reThe Hacker News
July 1, 2021
Cybersecurity Advisory on Russian GRU Led Gobal Brute Force Campaign Full Text
Abstract
On July 1, 2021, the National Security Agency, Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation and the United Kingdom's National Cyber Security CentreLawfare
July 01, 2021
New bill aims to secure federal government IT against cyberattacks Full Text
Abstract
A bipartisan bill introduced in the Senate on Thursday would attempt to address cybersecurity threats to the federal government stemming from the use of potentially insecure third party services.The Hill
July 01, 2021
US, UK agencies warn Russian hackers using ‘brute force’ to target hundreds of groups Full Text
Abstract
A group of top agencies in the United States and United Kingdom on Thursday warned of an ongoing campaign by Russian government-backed hackers using “brute force” hacking techniques to target hundreds of organizations around the world.The Hill
July 01, 2021
CISA: Disable Windows Print Spooler on servers not used for printing Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a notification regarding the critical PrintNightmare zero-day vulnerability and advises admins to disable the Windows Print Spooler service on servers not used for printing.BleepingComputer
July 1, 2021
Hawaii looks to fill DoD cyber standards gap Full Text
Abstract
A partnership of non-profit groups hopes to bring SMBs in Hawaii up to snuff with Defense Department cyber standards, and if that succeeds, export the program nationwide.SCMagazine
June 30, 2021
CISA releases new ransomware self-assessment security audit tool Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) has released the Ransomware Readiness Assessment (RRA), a new module for its Cyber Security Evaluation Tool (CSET).BleepingComputer
June 30, 2021
Indian military personnel to train in US on cybersecurity, command in the offing Full Text
Abstract
India's Department of Military Affairs (DMA) is planning to send up to 100 personnel to the US to train in the latest cybersecurity technology and artificial intelligence (AI) for future warfare.Hindustan Times
June 30, 2021
Senators propose bill to help private sector defend against hackers Full Text
Abstract
Sens. Steve Daines (R-Mont.) and Sheldon WhitehouseSheldon WhitehouseCongress needs to push Garland to unravel DOJ surveillance scandal The weird story behind Sheldon Whitehouse's beach club furor The Hill's Sustainability Report — Presented by NextEra Energy — Philippine flies turn trash into beef MORE (D-R.I.) on Wednesday introduced a bill that would take steps to potentially allow private sector companies to strike back at hackers launching attacks against their operations.The Hill
June 30, 2021
UN Security Council Confronts Growing Threat of Cyber Attacks Full Text
Abstract
The UN Security Council on Tuesday will hold its first formal public meeting on cybersecurity, addressing the growing threat of hacks to countries' critical infrastructure.Security Week
June 30, 2021
Report Urges NASA to Improve Cybersecurity Risk Management Full Text
Abstract
The GAO is urging NASA's administrator to make multiple improvements to its cybersecurity and risk management policies to counter threats to it's network infrastructure and data, as per a new report.Gov Info Security
June 29, 2021
House lawmakers propose major budget increase for key cyber agency Full Text
Abstract
The House Appropriations Committee on Tuesday included almost $400 million more than last year for the Cybersecurity and Infrastructure Security Agency (CISA) in its budget proposal for the upcoming year.The Hill
June 29, 2021
NIST Releases ‘Critical Software’ Definition for US Agencies Full Text
Abstract
The NIST published its definition of what "critical software" means for the U.S. government, as the agency begins working on the requirements laid by the President's executive order on cybersecurity.Bank Info Security
June 28, 2021
US the Only Top Tier Cyber-power Full Text
Abstract
Report finds other countries lag behind US when it comes to cyber prowessInfosecurity Magazine
June 28, 2021
US Secret Service Releases ‘Most Wanted’ Cyber Fugitive List Full Text
Abstract
The Secret Service is offering rewards of up to $1 million for information leading to the arrests of two suspects who allegedly targeted the U.S. SEC's EDGAR system server in 2016.Bank Info Security
June 28, 2021
Seamless EU-UK Data Flows to Continue Following Adequacy Decisions Full Text
Abstract
The move will allow the flow of personal data between the two regions to continue seamlesslyInfosecurity Magazine
June 25, 2021
Senators propose bill to help tackle cybersecurity workforce shortage Full Text
Abstract
Sens. Maggie Hassan (D-N.H.) and John CornynJohn CornynThe Afghan Air Force: When 'Buy American' goes wrong Senators say White House aides agreed to infrastructure 'framework' Cornyn calls on Biden and Harris to visit southern border: 'Y'all come visit' MORE (R-Texas) on Friday introduced legislation meant to tackle parts of the government’s cyber workforce shortage.The Hill
June 24, 2021
‘We desperately need a director’: Cyber advocates sound off as senator delays CISA confirmation Full Text
Abstract
The lack of a permanent individual to act as the bridge to the private sector only delays efforts to address critical security efforts, cyber leaders say.SCMagazine
June 24, 2021
Cyber-Attacks Are Primary Funding Source for North Korea Full Text
Abstract
Venafi warns other sanctioned countries could follow suitInfosecurity Magazine
June 23, 2021
FBI asks Congress for $40M to help combat wave of ransomware attacks Full Text
Abstract
FBI Director Christopher Wray on Wednesday told a Senate panel that a request for a $40 million increase in its cybersecurity budget for the upcoming fiscal year would go in part towards combating increasing and damaging ransomware attacks.The Hill
June 23, 2021
Rick Scott blocks Senate vote on top cyber nominee until Harris visits border Full Text
Abstract
Sen. Rick Scott (R-Fla.) on Wednesday blocked a proposed unanimous consent vote on President Biden’s nominee to lead the Cybersecurity and Infrastructure Security Agency (CISA) until Vice President Harris visits the U.S.-Mexico border later this week.The Hill
June 23, 2021
The European Commission proposed to launch the new Joint Cyber Unit Full Text
Abstract
The European Union Agency for Cybersecurity welcomes the European Commission proposal to launch the new Joint Cyber Unit. The European Commission proposed on Wednesday the creation of a new Joint Cyber Unit that aims at providing a coordinated response...Security Affairs
June 23, 2021
House panel includes $500 million election security grant in proposed appropriations bill Full Text
Abstract
The House Appropriations Committee on Wednesday included $500 million for election security grants in one of the proposed appropriations bills for next year.The Hill
June 23, 2021
Amid big hacks, U.S. spy agency touts collaboration center with private industry Full Text
Abstract
The U.S. National Security Agency, in a rare move, on Tuesday showcased a new office aimed at greater collaboration with U.S. private sector defense, technology and telecommunications companies.Reuters
June 23, 2021
Russian intelligence service chief says Moscow will work with US to find hackers Full Text
Abstract
Sources familiar with United States thinking on the matter believe Russia has in the past used information shared about domestic criminals as a recruitment tool, and Russia has been known to push the boundaries of other reciprocity agreements, using Interpol to pursue dissidents for example.SCMagazine
June 23, 2021
EU Proposes Joint Cyber Unit Amid Rising Attacks Full Text
Abstract
The proposed Joint Cyber Unit aims to enable a coordinated response to cyber incidentsInfosecurity Magazine
June 23, 2021
Apple warns of sideloading risk as lawmakers consider third-party app stores Full Text
Abstract
Lawmakers and rival companies have said that @Apple’s control of the App Store allows the company to charge excessive fees to list apps or limit competitors to Apple services. Apple says it’s for the sake of security.SCMagazine
June 23, 2021
NSA Funds Development & Release of D3FEND Framework Full Text
Abstract
The National Security Agency today announced it is funding the development and release of D3FEND, a framework for security pros to tailor their defenses against specific security threats.Dark Reading
June 22, 2021
House passes bill to bolster state plans to ward off infrastructure attacks Full Text
Abstract
The House passed bipartisan legislation on Tuesday to provide federal guidance and resources to states vulnerable to attacks on their infrastructure following the ransomware cyber attack on the Colonial Pipeline last month.The Hill
June 22, 2021
US Cyber Command leads competition in effort to strengthen nation’s cybersecurity Full Text
Abstract
Cyber professionals from the U.S. and multiple other countries are in the midst of an annual competition led by U.S. Cyber Command meant to enhance the nation’s cybersecurity in wake of months of devastating attacks.The Hill
June 22, 2021
NIST Publishes Ransomware Guidance Full Text
Abstract
Draft Cybersecurity Framework Profile for Ransomware Risk Management releasedInfosecurity Magazine
June 21, 2021
Manchin-led committee puts forth sprawling energy infrastructure proposal Full Text
Abstract
A Senate committee that’s led by key swing vote Sen. Joe Manchin (D-W.Va.) has released a 400-page energy infrastructure proposal that it will weigh later this week.The Hill
June 21, 2021
California Cops Launch ALPR Transparency Portal Full Text
Abstract
Piedmont police share data on Automated License Plate Recognition technology useInfosecurity Magazine
June 21, 2021
Cyber agency says SolarWinds hack could have been deterred by simple security measures Full Text
Abstract
The SolarWinds hack, one of the largest cybersecurity incidents in U.S. history, may have been deterred or minimized if basic security measures had been put in place, a top government official acknowledged earlier this month.The Hill
June 21, 2021
NSA releases guidance for securing Unified Communications and VVoIP Full Text
Abstract
The US National Security Agency (NSA) released guidance for securing Unified Communications/Voice and Video over IP Systems (VVoIP). NSA last week released guidance for securing their communication systems, specifically Unified Communications (UC)...Security Affairs
June 21, 2021
MI5 seized Boris Johnson’s phone over security risk fears Full Text
Abstract
The British Security Service, also known as MI5, has seized the mobile devices used by PM Boris Johnson over concerns that were raised after the discovery of the availability of its number online for the last 15 years.Security Affairs
June 21, 2021
NSA releases guidance for securing Unified Communications and VVoIP Full Text
Abstract
UC and VVOIP platforms are widely used in government agencies and by organizations in the supply chain of several government offices. For this reason, the agency wants to support them in securing their infrastructure.Security Affairs
June 21, 2021
MI5 seized Boris Johnson’s phone over security risk fears Full Text
Abstract
The British intelligence agency MI5 seized Boris Johnson 's phone over concerns related to the availability of his number online for the last 15 years. The British Security Service, also known as MI5, has seized the mobile devices used by PM Boris...Security Affairs
June 19, 2021
Senate confirms Chris Inglis as Biden’s top cyber adviser Full Text
Abstract
Inglis’ new White House office was one of several policy reforms recommended by the congressional chartered Cyberspace Solarium Commission and incorporated into the fiscal 2021 defense policy bill.Politico
June 18, 2021
Russia bans VyprVPN, Opera VPN services for not complying with blacklist request Full Text
Abstract
Russia's telecommunications and media regulator Roskomnadzor (RKN) on Thursday introduced restrictions on the operation of VyprVPN and Opera VPN services in the country. "In accordance with the regulation on responding to threats to circumvent restrictions on access to child pornography, suicidal, pro-narcotic and other prohibited content, restrictions on the use of VPN services VyprVPN and Opera VPN will be introduced from June 17, 2021," the state agency said in a statement. The watchdog described them as threats in accordance with the Decree of the Government of the Russian Federation No. 127 dated February 12, adding the restrictions will not affect Russian companies using VPN services in continuous technological processes. The development comes a little over a month after RKN sent a request to enterprises and organizations that use the two VPN services to inform the Center for Monitoring and Management of the Public Telecommunications Network and seek eThe Hacker News
June 18, 2021
Russia bans Opera VPN and VyprVPN, classifies them as threats Full Text
Abstract
Roskomnadzor, Russia's telecommunications watchdog, has banned the use of Opera VPN and VyprVPN after classifying them as threats according to current Russian law.BleepingComputer
June 18, 2021
NSA Releases Guidance for Securing Enterprise Communication Systems Full Text
Abstract
The NSA on Thursday released guidance to help organizations secure their communication systems, specifically Unified Communications (UC) and Voice and Video over IP (VVoIP).Security Week
June 18, 2021
Inglis confirmed as first national cyber director Full Text
Abstract
The Senate quietly confirmed Chris Inglis as the first-ever national cyber director by voice vote on Thursday, adding a new White House resource amid a tumultuous year of ransomware, espionage and other cybersecurity concerns. “After 11 long years, I’m thrilled the U.S. finally has a Senate-confirmed national cyberdirector in the White House,” tweeted Rep. Jim…SCMagazine
June 17, 2021
FCC votes to advance proposed ban on Chinese telecom equipment Full Text
Abstract
The Federal Communications Commission (FCC) voted unanimously Thursday to explore a proposal that would ban U.S. companies from buying telecommunications equipment that poses national security risks.The Hill
June 17, 2021
Senate confirms Chris Inglis as first White House cyber czar Full Text
Abstract
The Senate on Thursday unanimously confirmed former National Security Agency (NSA) Deputy Director Chris Inglis as the first White House national cyber director.The Hill
June 17, 2021
NSA shares guidance on securing voice, video communications Full Text
Abstract
The National Security Agency (NSA) has shared mitigations and best practices that systems administrators should follow when securing Unified Communications (UC) and Voice and Video over IP (VVoIP) call-processing systems.BleepingComputer
June 17, 2021
State and local officials push for cyber grants to protect critical services Full Text
Abstract
One issue states have traditionally faced with grant funding is that one time payments cannot fund projects requiring long term employement, training and equipment upgrades.SCMagazine
June 17, 2021
Senators draft bill that would require many entities to report cyber breaches within 24 hours Full Text
Abstract
The bipartisan draft by Senators Mark Warner, Marco Rubio, and Susan Collins, reflects a renewed effort by Congress to pass long-awaited federal rules surrounding cybersecurity breach notifications.CNN Money
June 17, 2021
House lawmakers roll out legislation to protect schools against hackers Full Text
Abstract
A group of bipartisan House members led by Rep. Doris Matsui (D-Calif.) on Thursday introduced legislation intended to protect K-12 institutions from cyberattacks, which spiked during the COVID-19 pandemic.The Hill
June 17, 2021
Without specifics, Putin says U.S.-Russia reached an agreement to consult on cybersecurity Full Text
Abstract
Russian President Vladimir Putin on Wednesday said his country and the United States had agreed to enter into "consultations" on cybersecurity following his summit with President Joe Biden.Politico
June 17, 2021
US Warns Russia of Cyber-Attack No-Go List Full Text
Abstract
Presidents Biden and Putin will now work on a deeper cybersecurity arrangementInfosecurity Magazine
June 16, 2021
Cyber concerns dominate Biden-Putin summit Full Text
Abstract
President Biden used a summit with Russian President Vladimir PutinVladimir Vladimirovich PutinHillicon Valley: Big Tech critic Lina Khan named chair of the FTC | Lawmakers urge Biden to be tough on cyber during summit with Putin | TSA working on additional security regulations following Colonial Pipeline hack Overnight Defense: Top admiral shoots back at criticism of 'woke' military | Military guns go missing | New White House strategy to battle domestic extremism Lawmakers urge Biden to be tough on cybersecurity during summit with Putin MORE to confront Moscow over its aggressive behavior in cyberspace and communicate that there would be future consequences if Russian state-backed cyberattacks continue.The Hill
June 16, 2021
Biden, Putin agree to begin work on addressing cybersecurity concerns Full Text
Abstract
President Biden and Russian President Vladimir Putin on Wednesday said they agreed to work together to outline what cybersecurity concerns, such as ransomware attacks on critical infrastructure, would be considered red lines for the two countries.The Hill
June 16, 2021
Rick Scott threatens to delay national security nominees until Biden visits border Full Text
Abstract
Sen. Rick Scott (R-Fla.) threatened Wednesday to delay President Biden’s national security nominees, saying he would place a hold on Department of Homeland Security (DHS) positions until the president visits the southern border.The Hill
June 16, 2021
Senate panel unanimously advances key Biden cyber nominees Full Text
Abstract
The Senate Homeland Security and Governmental Affairs Committee on Wednesday unanimously approved two of President Biden's nominees to serve in the nation's top cybersecurity positions.The Hill
June 16, 2021
Texas Joins Other States with New Texas Data Breach Notification Requirement: Is This a New Trend? Full Text
Abstract
The Texas Legislature pushed a change to its data breach notification law at the end of the session in late May, and yesterday Governor Greg Abbott signed the bill into law.The National Law Review
June 15, 2021
Lawmakers urge Biden to be tough on cybersecurity during summit with Putin Full Text
Abstract
Lawmakers on both sides of the aisle on Tuesday urged President Biden to use his upcoming meeting with Russian President Vladimir Putin to strongly push back against recent Russia-linked cyberattacks.The Hill
June 15, 2021
State and local governments granted free access to timely, in-depth cyber intel Full Text
Abstract
Deloitte forges what it calls a “first-of-its-kind” relationship with MS-ISAC.SCMagazine
June 15, 2021
US, EU establish trade and technology council to compete with China Full Text
Abstract
The United States and European Union on Tuesday formally established a Trade and Technology Council (TTC) to coordinate on critical technology issues such as the development of semiconductors, research into emerging fields, and securing supply chains.The Hill
June 15, 2021
NATO Warns it Will Consider a Military Response to Cyber-Attacks Full Text
Abstract
NATO has issued a communique stating it will consider invoking Article 5 in response to cyber-attacks on a case by case basisInfosecurity Magazine
June 15, 2021
IRS, GAO at odds over cybersecurity requirements on tax preparers Full Text
Abstract
The government watchdog recommended the IRS establish a security structure for tax preparers in a 2019 report, but the agency contended Congress would need to take action to give the IRS more power.Cyberscoop
June 14, 2021
Congress Has Already Authorized the President to Require Reporting of Foreign Cyberattacks Full Text
Abstract
Congress long ago gave the president broad authority under the International Emergency Economic Powers Act to require record-keeping and reporting on foreign cyberattacks.Lawfare
June 14, 2021
NATO members agree to new cyber defense policy Full Text
Abstract
The United States and other North Atlantic Treaty Organization nations endorsed a new cyber defense policy Monday as part of the NATO summit in Brussels.The Hill
June 14, 2021
G7 calls on Russia to dismantle operations of ransomware gangs within its borders Full Text
Abstract
The member states of the G7 group have called on Russia and other states to dismantle operations of the ransomware gangs operating within their countries. G7 member states have called on Russia and other states to dismantle operations of ransomware...Security Affairs
June 14, 2021
Government Wants Startups to Build a More Secure Nation Full Text
Abstract
Applications are now open for NCSC for Startups programInfosecurity Magazine
June 14, 2021
G7 Turns Up the Heat on Putin Over Ransomware Attacks Full Text
Abstract
Leaders urge Russia to hold cyber-criminals to accountInfosecurity Magazine
June 13, 2021
G-7 agrees to fight forced labor, ransomware, corruption Full Text
Abstract
Group of Seven (G-7) leaders on Sunday announced their commitments to cutting forced labor practices out of global supply chains in a shot at China, as well as efforts to stop ransomware attacks and root out corruption.The Hill
June 12, 2021
Italy Sets Up Cybersecurity Agency After Russia Warnings Full Text
Abstract
Italy has created a national cybersecurity agency following warnings by Prime Minister Mario Draghi that Europe needed to protect itself from Russian "interference." The new agency was approved in a cabinet meeting this week.Security Week
June 12, 2021
UK tells UN that nation-states should retaliate against cyber badness with no warning Full Text
Abstract
A statement made by UK diplomats to the UN's Group of Governmental Experts on Advancing Responsible State Behaviour in the Context of International Security (UN GGE) called for international law to permit retaliation for cyberattacks with no notice.The Register
June 11, 2021
How far apart are the US and Russia from agreeing to cyber rules? Full Text
Abstract
Harvard’s Belfer Center on Friday published a unique paper where U.S. and Russian researchers separately explained their nation’s perspective on a potential negotiation, what both sides actually want, and what would benefit both sides. SC Media spoke to one of the featured researchers.SCMagazine
June 11, 2021
Italy announced its Cybersecurity Agency Full Text
Abstract
Italy announced the creation of the national cybersecurity agency, a move aimed at increase the level of cyber security of its infrastructure The Italian government has announced the creation of a new agency focused on cybersecurity, Prime Minister...Security Affairs
June 11, 2021
#G7UK: UK and US Strike New Agreements on Cybersecurity Full Text
Abstract
UK and US agree to cooperate more closely on improving cyber resilience and combating cyber-criminalsInfosecurity Magazine
June 11, 2021
Malicious web link targets Indian Government officials Full Text
Abstract
The malicious link was shared through WhatsApp, SMS, and email on June 9. Some officials even received phone calls where the caller said he was calling from an Army Hospital.Secure Reading
June 10, 2021
Bipartisan senators introduce bill to protect small businesses from cyberattacks Full Text
Abstract
A bipartisan group of senators Thursday introduced a bill intended to protect small businesses from cyberattacks after hacks crippled some of the country’s largest companies.The Hill
June 10, 2021
Senior Biden cyber nominees sail through Senate hearing Full Text
Abstract
The nominees selected by President Biden to fill the top two cybersecurity positions in the federal government faced little opposition during their Senate nomination hearing on Thursday amid growing bipartisan concerns about increasing cyber threats.The Hill
June 10, 2021
Texas to Publish Data Breach Notifications Full Text
Abstract
New law requires data breaches affecting 250 or more Texas residents to be posted onlineInfosecurity Magazine
June 10, 2021
Cyber nominees try to define their roles, and what that may mean for private sector partnership Full Text
Abstract
National cyber director nominee, Chris Inglis, pointed to three ways that more widespread adoption of cyber best practices could take hold: “One is enlightened self interest; that’s apparently not working. The second is market forces; that’s apparently not working. And the third is some imposition of standards or regulation on top of that.”SCMagazine
June 10, 2021
CISA launches platform to let hackers report security bugs to US federal agencies Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency has launched a vulnerability disclosure program allowing ethical hackers to report security flaws to federal agencies.TechCrunch
June 9, 2021
US government launches first VDP for federal civilian agencies Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) has launched its first federal civilian security vulnerability disclosure program (VDP) in partnership with Bugcrowd.The Daily Swig
June 8, 2021
States Bolster Data Security Technology in Response to Covid-19, Survey Finds Full Text
Abstract
Some 75% of states in a recent NASTD survey say the pandemic had an impact on their remote access security, and almost half said they expanded their existing data loss protection technology.Nextgov
June 08, 2021
FBI and AFP created a fake encrypted chat platform to catch criminals Full Text
Abstract
In the largest and most sophisticated law enforcement operations to date, a joint international law enforcement created a fake end-to-end encrypted chat platform designed solely to catch criminals.BleepingComputer
June 08, 2021
Five key parts of the Senate’s sweeping China competitiveness bill Full Text
Abstract
The Senate is poised to approve bipartisan legislation Tuesday afternoon that would invest billions to put the U.S. on more even footing with China on a range of emerging technology issues, including addressing the semiconductor shortage and funding critical research.The Hill
June 8, 2021
DHS chooses companies to run civilian agency vulnerability disclosure programs Full Text
Abstract
The Department of Homeland Security announced Tuesday that it will partner with vulnerability disclosure platform Bugcrowd and government technology, environmental and safety services contractor EnDyna to provide a civilian agency vulnerability disclosure program platform.SCMagazine
June 8, 2021
US authorities recovered most of the ransom paid by Colonial Pipeline Full Text
Abstract
US officials announced to have recovered most of the $4.3 million ransom that Colonial Pipeline paid to the DarkSide ransomware gang last month. During a video press conference, US officials announced to have recovered most of the $4.3 million ransomware...Security Affairs
June 8, 2021
Energy Chief Cites Risk of Cyberattacks Crippling Power Grid Full Text
Abstract
Energy Secretary Jennifer Granholm called for more public-private cooperation on cyber defenses and said adversaries already are capable of using cyber intrusions to shut down the U.S. power grid.Security Week
June 7, 2021
FBI Claws Back Millions of DarkSide’s Ransom Profits Full Text
Abstract
The tables have been turned, the FBI & DOJ said after announcing the use of blockchain technology to track down the contents of DarkSide’s cryptocurrency wallet.Threatpost
June 7, 2021
Ransomware attacks ‘are here to stay,’ Commerce secretary says Full Text
Abstract
US Commerce Secretary Gina Raimondo argued that the good news in all this was that businesses can make relatively simple changes to protect themselves against such attacks.Politico
June 05, 2021
Senate sergeant at arms says cyberattack more worrisome than repeat of Jan. 6 insurrection Full Text
Abstract
Senate Sergeant at Arms Karen Gibson said Saturday she is more concerned about a cyberattack on the government than another insurrection like the one that rocked Capitol Hill on Jan. 6.The Hill
June 5, 2021
US CISA published a guide to better use the MITRE ATT&CK framework Full Text
Abstract
The U.S. CISA announced the availability of a new guide for cyber threat intelligence experts on the use of the MITRE ATT&CK framework. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week released a new guide for cyber threat...Security Affairs
June 04, 2021
FBI director draws ‘parallels’ between ransomware attacks and 9/11 Full Text
Abstract
FBI Director Christopher Wray is comparing the increasing ransomware hacks on critical U.S. companies to the September 11, 2001 terrorist attacks.The Hill
June 4, 2021
US to Treat Ransomware Like Terrorism Full Text
Abstract
Department of Justice says ransomware attacks to be prioritized similarly to terrorist strikesInfosecurity Magazine
June 4, 2021
Biden Expands Trump’s Investment Ban on Chinese Firms Full Text
Abstract
US entities barred from investing in PRC companies with alleged defense and surveillance tech linksInfosecurity Magazine
June 4, 2021
U.S. Department of Justice to Give Ransomware Investigations Similar Priority as Terrorism Full Text
Abstract
Internal guidance sent on Thursday to U.S. attorney's offices said information about ransomware investigations should be centrally coordinated with a recently created task force in Washington.Reuters
June 3, 2021
Post Colonial and JBS, Biden presses Russia to stop harboring ransomware gangs Full Text
Abstract
Comments Wednesday were the most coordinated and forceful the White House has been about Russia allowing cybercrime within its borders. Cybersecurity leaders see this as progress toward more formidable moves from the administration.SCMagazine
June 3, 2021
White House Issues Open Letter on Ransomware Full Text
Abstract
US companies urged to take ransomware threat more seriously after deluge of cyber-attacksInfosecurity Magazine
June 03, 2021
White House urges businesses to “take ransomware crime seriously” Full Text
Abstract
The White House has urged business leaders and corporate executives to "take ransomware crime seriously" in a letter issued by Anne Neuberger, the National Security Council's chief cybersecurity adviser.BleepingComputer
June 03, 2021
White House sends out memo to private sector on cyber attack protections Full Text
Abstract
The White House has sent out recommendations to the private sector over how to protect themselves from cyber intrusions after a series of attacks left companies and government agencies vulnerable.The Hill
June 03, 2021
Biden steps up pressure on Russia to go after cyber criminals Full Text
Abstract
The ransomware attacks on meatpacker JBS and Colonial Pipeline are prompting the Biden administration to confront nations like Russia and China on harboring hackers who cause major disruptions overseas.The Hill
June 02, 2021
FBI says Russia-linked group behind JBS hack Full Text
Abstract
The FBI has identified a Russia-linked group as the entity behind the cyberattack on the meat producing group JBS USA.The Hill
June 01, 2021
White House says cyberattack on meat producer JBS likely from Russia Full Text
Abstract
The White House said Tuesday that a cyberattack on major meat producer JBS USA this week likely originated from Russia, saying it is engaging with Moscow to hold accountable the hackers believed to be responsible for the attack.The Hill
May 31, 2021
Denmark intel helped US NSA to spy on European politicians Full Text
Abstract
Denmark’s foreign secret service allowed the US NSA to spy on European politicians through a Danish telecommunications hub. Journalists from Danish broadcaster DR recently received a document titled the Dunhammer Report, which included the findings...Security Affairs
May 31, 2021
Biden budget seeks $750 million to respond to SolarWinds compromises, plus billions more for cyber Full Text
Abstract
President Joe Biden’s fiscal 2022 budget blueprint released Friday proposes $750m for the federal government to implement lessons learned from the SolarWinds hack that compromised nine agencies.Cyberscoop
May 31, 2021
US Says Agencies Largely Fended Off Latest Russian Hack Full Text
Abstract
Officials described the cyberattack as “basic phishing” in which hackers used malware-laden emails to target the systems of U.S. and foreign government agencies, think tanks, and humanitarian groups.Security Week
May 30, 2021
New Russian hacks spark calls for tougher Biden actions Full Text
Abstract
Officials are calling for harsher measures against Russia following Microsoft’s assessment by that hackers behind the devastating SolarWinds hack were continuing to launch cyberattacks against U.S. government agencies and other organizations.The Hill
May 29, 2021
FBI will share compromised passwords with HIBP Pwned Passwords Full Text
Abstract
The FBI is going to share compromised passwords discovered during investigations with Have I Been Pwned (HIBP)'s 'Pwned Passwords' service. The FBI will share compromised passwords that were discovered during investigations with the 'Pwned Passwords'...Security Affairs
May 29, 2021
Biden budget sets aside $750 million for SolarWinds response Full Text
Abstract
U.S. President Joe Biden’s proposed budget includes $750 million for the government agencies hit by the SolarWinds hack to pay for cybersecurity improvements to prevent another attack.Reuters
May 28, 2021
Biden budget includes $750M to help agencies recover from SolarWinds hack in proposed budget Full Text
Abstract
President Biden’s proposed budget for the upcoming fiscal year includes $750 million to address the ongoing fallout from the SolarWinds hack, even as lawmakers continue to press the administration to include more funding for a key cyber agency.The Hill
May 28, 2021
CISA-FireEye: 16 malware families from China infect Pulse Secure VPN appliances Full Text
Abstract
FireEye Mandiant, working in in tandem with Cybersecurity and Infrastructure Security Agency and Ivanti, reported details of 16 malware families exclusively designed to infect Ivanti Pulse Connect Secure VPN appliances, and used by several cyber espionage groups believed to be affiliated with the Chinese government. The blog post by Mandiant was an update to the…SCMagazine
May 28, 2021
FBI Issues Fortinet Flash Warning Full Text
Abstract
FBI: APT actors exploiting Fortinet vulnerabilities to gain access for malicious activityInfosecurity Magazine
May 28, 2021
FBI Issues Flash Alert Against Conti Ransomware Full Text
Abstract
The FBI has identified at least 16 Conti ransomware attacks targeting U.S. healthcare and first responder networks, such as emergency medical services, law enforcement agencies, municipalities, and 911 dispatch centers.Cyware Alerts - Hacker News
May 28, 2021
FBI to share compromised passwords with Have I Been Pwned Full Text
Abstract
The FBI will soon begin to share compromised passwords with Have I Been Pwned's 'Password Pwned' service that were discovered during law enforcement investigations.BleepingComputer
May 27, 2021
3 GOP senators come out against Biden intelligence nominee over Huawei ties Full Text
Abstract
Three Republican senators say they won’t back President Biden’s nominee to serve as the top lawyer for the intelligence community because of his past experience working for a Chinese company accused of intellectual property theft.The Hill
May 27, 2021
Feds Warn DarkSide May Not Stay Dark Full Text
Abstract
Officials warn disbanded cyber-criminal gang may return soon under a new aliasInfosecurity Magazine
May 27, 2021
DHS announces security measures for critical pipeline industry Full Text
Abstract
The US Department of Homeland Security (DHS) has announced new cybersecurity requirements for critical pipeline owners and operators. The Colonial pipeline incident continues to have a serious impact on the critical infrastructure sector. The US Department...Security Affairs
May 27, 2021
Fraud and security departments converge on battle against ‘synthetic identities’ Full Text
Abstract
The Federal Reserve recently produced a formal definition for synthetic identity fraud, a process that involved a committee of a dozen outside experts convening over nine months. So what is it? And why should CISOs care?SCMagazine
May 27, 2021
DHS issues cyber order to pipeline operators in first move to regulate critical infrastructure sectors Full Text
Abstract
The TSA order marks the first mandatory cybersecurity practices for pipelines, and what some expect will be the first of more standards that the government puts in place to regulate how critical infrastructure operators protect networks and systems.SCMagazine
May 27, 2021
US announces new security directive after critical pipeline hack Full Text
Abstract
The US Department of Homeland Security (DHS) has announced new pipeline cybersecurity requirements after the largest fuel pipeline in the United States was forced to shut down operations in early May following a ransomware attack.BleepingComputer
May 27, 2021
Japan Expects Russian Cyberattacks on Tokyo Summer Olympics Full Text
Abstract
According to Masatoshi Fujitani, president of the Tokyo-based Japan Forum for Strategic Studies (JFSS), the Summer Olympics in Tokyo are likely to be targeted by cyberattacks.Softpedia
May 27, 2021
Russian Intelligence Agency FSB Reports Hacking Campaign Aimed at Government Agencies Full Text
Abstract
The report also mentioned that hackers had used the cloud storage facilities of Russia's leading technology firms, Yandex and Mail.ru, to help exfiltrate data stolen from the government agencies.US News
May 26, 2021
Colonial Pipeline, Microsoft, crypto crackdowns: Feds point to critical cyber moments Full Text
Abstract
Three law enforcement officials reflect on what was, to them, the biggest cybercrime stories or developments over the past year.SCMagazine
May 26, 2021
NASA Intends to Reorganize its Cybersecurity Strategy Full Text
Abstract
As per a report issued by NASA's inspector general, "Attacks on NASA networks are not a new phenomenon, although attempts to steal critical information are increasing in both complexity and severity".Softpedia
May 26, 2021
DHS to issue first cybersecurity regulations for pipelines after Colonial hack Full Text
Abstract
The Transportation Security Administration will issue a security directive this week requiring pipeline companies to report cyber incidents to federal authorities, senior DHS officials said.Washington Post
May 25, 2021
US to Regulate Pipeline Cybersecurity Full Text
Abstract
Department of Homeland Security to issue first cybersecurity regulations for pipelines after Colonial cyber-attackInfosecurity Magazine
May 25, 2021
Coast Guard to Create Red Team Full Text
Abstract
US Coast Guard to establish Cyber Operational Assessments Branch and form first red teamInfosecurity Magazine
May 25, 2021
DHS to require pipeline companies to report cyberattacks Full Text
Abstract
The Department of Homeland Security (DHS) will issue a directive later this week requiring all pipeline companies to report cyber incidents to federal authorities in the wake of a devastating ransomware attack on Colonial Pipeline that forced a shutdown of operations.The Hill
May 25, 2021
Hack, Disinform, Deny: Russia’s Cybersecurity Strategy Full Text
Abstract
In the past, Moscow has faced numerous allegations of cyberattacks that resulted in multiple sanctions and the expulsion of its diplomats. The term "hacker" has almost become synonymous with Russia.Security Week
May 25, 2021
How Biden’s American Jobs Plan Seeks To Increase Cybersecurity Full Text
Abstract
The White House, highlighting cybersecurity as "one of the preeminent challenges of our time," underscored how President Joe Biden’s American Jobs Plan would increase the country’s cyber defenses.Forbes
May 24, 2021
Indonesian govt blocks access to RaidForums hacking forum after data leak Full Text
Abstract
The Indonesian government is blocking access to the RaidForums hacking forum after the alleged personal information of Indonesian citizens was posted online.BleepingComputer
May 24, 2021
Belgium approves new cyber strategy with emphasis on essential institutions Full Text
Abstract
Two weeks after Belgium’s parliament and scientific institutions were hit by a cyberattack, the National Security Council approved a new cybersecurity strategy to shore up its digital defenses.The Record
May 24, 2021
U.S. Government Asks Victims of 2017 EtherDelta Hack to Come Forward Full Text
Abstract
The U.S. government is hoping to obtain additional information on the 2017 hacker attack targeting the EtherDelta crypto trading platform and it has asked victims of the incident to come forward.Security Week
May 21, 2021
Indonesia ‘s government confirms social security data breach for some citizens Full Text
Abstract
Indonesia has launched an investigation into a possible security incident that caused the leak of social security data for more than 270 million citizens. Indonesia's Communication and Information Ministry has confirmed a leak of social security...Security Affairs
May 21, 2021
FBI: Conti ransomware attacked 16 US healthcare, first responder orgs Full Text
Abstract
The Federal Bureau of Investigation (FBI) says the Conti ransomware gang has attempted to breach the networks of over a dozen US healthcare and first responder organizations.BleepingComputer
May 21, 2021
China internet watchdog cites 105 apps for improper data collection Full Text
Abstract
China’s internet watchdog on Friday cited 105 apps operating in its country, including Microsoft Bing and LinkedIn, over allegations of illegal data collection of users’ personal information.The Hill
May 20, 2021
Top Arizona elections official says voting machines turned over to GOP recount should be replaced Full Text
Abstract
Arizona Secretary of State Katie Hobbs (D) on Thursday advised Maricopa County officials to replace all voting machines that were turned over to the private contractor carrying out an audit of the 2020 presidential election.The Hill
May 20, 2021
European Union Extends Framework for Cyberattack Sanctions Full Text
Abstract
This week, the European Council announced its decision to extend for one year the framework for sanctions against cyberattacks that threaten the European Union and its member states.Security Week
May 19, 2021
US denies disrupting Russian cyber group behind Colonial pipeline hack Full Text
Abstract
The United States did not take action against the cyber criminal group that was behind the ransomware attack on Colonial Pipeline earlier this month, officials told The Washington Post.The Hill
May 19, 2021
House Science panel requests briefing with Energy Dept. over Colonial hack Full Text
Abstract
Leaders of the House Science, Space and Technology Committee are requesting a briefing with the Department of Energy on the ransomware attack that forced the Colonial Pipeline to shut down operations for nearly a week.The Hill
May 19, 2021
DHS announces program to mitigate vulnerabilities below the operating system Full Text
Abstract
A notable rise in firmware vulnerabilities comes at a time when more run-of-the-mill criminals have access. CISA proposed a multi-step approach to tackle the growing threat.SCMagazine
May 19, 2021
Granholm expresses openness to pipeline cyber standards after Colonial attack Full Text
Abstract
Energy Secretary Jennifer Granholm on Wednesday threw her tentative support behind the idea of mandatory standards to secure pipelines in the wake of the debilitating ransomware attack on Colonial Pipeline earlier this month.The Hill
May 18, 2021
Lawmakers press Biden to create plan to secure economy after Colonial Pipeline attack Full Text
Abstract
The bipartisan leaders of the House Homeland Security Committee on Tuesday urged President Biden to ensure there is a plan in place to ensure the nation’s economy is not disrupted by a major cyberattack.The Hill
May 18, 2021
#RSAC: Anne Neuberger Sets Out Biden Administration’s Plan to Modernize US Cyber-defenses Full Text
Abstract
Anne Neuberger outlines three areas of focus for the Biden administration to enhance the US's cybersecurityInfosecurity Magazine
May 18, 2021
Japan to restrict private sector use of foreign equipment and tech: Report Full Text
Abstract
The Japanese government will reportedly introduce new regulations across 44 sectors to bolster national cyber defence, partly in response to the Colonial Pipeline hack that occurred last week.ZDNet
May 18, 2021
Biden Administration Plans to Spend Billions in Cybersecurity Funding to Protect Critical Infrastructure Full Text
Abstract
The Biden administration on Tuesday detailed how it wants to fund efforts to counter a wave of massive hacks in the wake of this month’s Colonial Pipeline ransomware attack.Reuters
May 18, 2021
Russian spy chief denies responsibility for SolarWinds hack Full Text
Abstract
Russia’s spy chief is denying that his country is responsible for the cyberattack on IT group SolarWinds.The Hill
May 17, 2021
UK govt seeks advice on defending against supply-chain cyberattacks Full Text
Abstract
Today, the UK government has announced a call for advice on defending against software supply-chain attacks and ways to strengthen IT Managed Service Providers (MSPs) across the country. The move comes after last week when President Biden had issued an executive order to increase cybersecurity defenses across the U.S.BleepingComputer
May 17, 2021
UK Government May Force MSPs to Follow Security Standards Full Text
Abstract
The DCMS has requested views on its proposalsInfosecurity Magazine
May 14, 2021
In executive order, federal security provides impetus for far reaching cyber implications Full Text
Abstract
At the core, Biden’s executive order looks to improve federal cybersecurity. But the tactics could have a trickle down impact that drive greater collaboration and improves security standards throughout industry.SCMagazine
May 14, 2021
Biden’s executive order aims to improve threat sharing by revising language in federal contracts Full Text
Abstract
If successful, the goal could mean greater partnership between government and industry, addressing decades of contracting morass that stilted sharing of information about vulnerabilities.SCMagazine
May 13, 2021
Everything You Need to Know about the New Executive Order on Cybersecurity Full Text
Abstract
The Biden Administration has released its much-anticipated Executive Order aiming to improve federal cybersecurity standards and other aspects of cybersecurity. Here’s what you need to know.Lawfare
May 13, 2021
Biden says Colonial Pipeline hackers based in Russia, but not government-backed Full Text
Abstract
President Biden on Thursday confirmed that the cyber criminals involved in launching a ransomware attack that disrupted operations at Colonial Pipeline last week are likely based in Russia, though he said officials do not believe that the Russian government was involved.The Hill
May 13, 2021
Pelosi says firms should not pay ransoms to hackers Full Text
Abstract
Speaker Nancy Pelosi (D-Calif.) warned Thursday that private firms should reject hackers' demands for ransoms, just hours after reports emerged that a major energy company had paid almost $5 million to help restore service following a crippling ransomware attack.The Hill
May 13, 2021
CISA and FBI Provide Technical Details and Mitigations for DarkSide Ransomware-as-a-Service Full Text
Abstract
The Darkside ransomware gang first emerged in the threat landscape in August 2020. In recent months, the ransomware group was very active and targeted organizations worldwide.ICSA
May 13, 2021
Biden Executive Order Mandates Zero Trust and Strong Encryption Full Text
Abstract
Wide-ranging measures win praise from industry expertsInfosecurity Magazine
May 13, 2021
Biden Signs Executive Order on Cybersecurity Full Text
Abstract
President Biden signed an executive order on May 12, 2021, intended to address the country’s cybersecurity issues following the SolarWinds hack. The executive order, divided into 10 sections, includes components that set cybersecurity standards for federal contractors, remove barriers to the sharing of information, modernize federal government cybersecurity and attempt to improve “the integrity of the software supply chain,” among other priorities.Lawfare
May 13, 2021
Biden signed executive order to improve the Nation’s Cybersecurity Full Text
Abstract
President Joe Biden signed an ambitious executive order to dramatically improve the security of the US government networks. President Biden signed an executive order this week to improve the country's defenses against cyberattacks, it is an important...Security Affairs
May 13, 2021
US CISA and FBI publish joint alert on DarkSide ransomware Full Text
Abstract
FBI and DHS's CISA have published a joint alert on DarkSide ransomware activity after the disruptive attack on Colonial Pipeline. FBI and DHS's CISA have published a joint alert to warn of ransomware attacks conducted by the DarkSide group. The alert...Security Affairs
May 13, 2021
US President Biden Signs Executive Order to Bolster Federal Government’s Cybersecurity Full Text
Abstract
The move is part of a broad effort to strengthen the United States’ defenses by encouraging private companies to practice better cybersecurity or risk being locked out of federal contracts.New York Times
May 12, 2021
Biden issues executive order to increase U.S. cybersecurity defenses Full Text
Abstract
President Biden signed an executive order Wednesday to modernize the country's defenses against cyberattacks and give more timely access to information necessary for law enforcement to conduct investigations.BleepingComputer
May 12, 2021
Biden signs massive order on cybersecurity Full Text
Abstract
Biden signed a long-awaited executive order on cybersecurity, covering everything from federal procurement standards for private sector contractors to IoT security labels.SCMagazine
May 12, 2021
Biden signs executive order to improve federal cybersecurity following major hacks Full Text
Abstract
President Biden on Wednesday signed an executive order aimed at improving federal cybersecurity, with the order coming on the heels of multiple major and damaging cyberattacks including the one on the Colonial Pipeline.The Hill
May 12, 2021
House lawmakers roll out bill to invest $500 million in state and local cybersecurity Full Text
Abstract
A group of bipartisan House lawmakers on Wednesday rolled out legislation that would provide state and local governments with $500 million annually to defend against cyberattacks, which have escalated over the past year during the COVID-19 pandemic.The Hill
May 12, 2021
Wyden pushes for information on federal agencies’ Zoom use, citing security concerns Full Text
Abstract
Sen. Ron Wyden (D-Ore.) on Wednesday drilled the General Services Administration (GSA) around its ongoing approval of video conferencing app Zoom for government use, despite security vulnerabilities discovered by researchers in recent years.The Hill
May 12, 2021
South Korea orders urgent review of energy infrastructure cybersecurity Full Text
Abstract
Minister of Trade, Industry, and Energy Moon Seung-wook convened a meeting yesterday, saying it was needed considering the attack on Colonial Pipeline, one of the USA’s main oil transport facilities.The Register
May 12, 2021
UK Government Drafts New Legislation to Force Tech Firms to Tackle Online Abuse Full Text
Abstract
The bill will cover a range of online harms, including child sexual abuse, harassment, and fraudInfosecurity Magazine
May 12, 2021
#CYBERUK21: Foreign Secretary Sets Out UK’s Global Cyber Vision Full Text
Abstract
Dominic Raab says the UK and its allies must partner with the poorest regions in cyberspaceInfosecurity Magazine
May 11, 2021
Feds eye more oversight of pipelines after Colonial attack Full Text
Abstract
The Biden administration and Capitol Hill are taking a closer look at the security in place for critical oil and gas utilities following the Colonial Pipeline shutdown.The Hill
May 11, 2021
Government says Colonial Pipeline has not shared data on hack Full Text
Abstract
The Department of Homeland Security’s top cyber agency said Tuesday that it has not yet received important technical information from Colonial Pipeline regarding the crippling hack that led it to shut down a key fuel pipeline last week.The Hill
May 11, 2021
Katko probes federal oversight of oil and gas industry cybersecurity Full Text
Abstract
House Homeland Security Committee ranking member John Katko (R-N.Y.) on Tuesday dug into federal oversight of oil and gas sector cybersecurity in the wake of the shutdown of the Colonial Pipeline after a ransomware attack last week.The Hill
May 11, 2021
AGs Question Safety of Kids-Only Instagram Full Text
Abstract
Facebook asked to drop plans to create an Instagram for children under the age of 13Infosecurity Magazine
May 11, 2021
#CYBERUK21: Home Secretary Outlines UK Government’s Plan to Tackle Growing Cyber-Threats Full Text
Abstract
UK Home Secretary, Priti Patel, speaks during CYBERUK 2021Infosecurity Magazine
May 11, 2021
White House monitoring fuel supply shortages in southeastern US from pipeline cyberattack Full Text
Abstract
The Biden administration is monitoring fuel supply shortages in the southeastern United States after the Colonial Pipeline ransomware attack, the White House said in a statement late Monday.The Hill
May 11, 2021
U.S. Declares Emergency in 17 States Over Fuel Pipeline Cyber Attack Full Text
Abstract
The ransomware attack against Colonial Pipeline's networks has prompted the U.S. Federal Motor Carrier Safety Administration (FMCSA) to issue a regional emergency declaration in 17 states and the District of Columbia (D.C.). The declaration provides a temporary exemption to Parts 390 through 399 of the Federal Motor Carrier Safety Regulations ( FMCSRs ), allowing alternate transportation of gasoline, diesel, and refined petroleum products to address supply shortages stemming from the attack. "Such [an] emergency is in response to the unanticipated shutdown of the Colonial pipeline system due to network issues that affect the supply of gasoline, diesel, jet fuel, and other refined petroleum products throughout the Affected States," the directive said. "This Declaration addresses the emergency conditions creating a need for immediate transportation of gasoline, diesel, jet fuel, and other refined petroleum products and provides necessary relief." The statesThe Hacker News
May 10, 2021
Colonial Pipeline attack: What government can do to deter critical infrastructure cybercriminals Full Text
Abstract
What does the U.S. do about criminals protected by their own governments? That question becomes more complicated with attacks against critical infrastructure, which is privately owned and operated, but also intrinsically tied to national security. Those distinctions make these companies high-value targets, which many argue are in government’s best interest to protect.SCMagazine
May 10, 2021
Biden leading ‘whole of government’ response to Colonial Pipeline attack Full Text
Abstract
President Biden and top administration officials said Monday they are taking a “whole-of-government” approach to both responding to the debilitating ransomware attack on Colonial Pipeline, and to strengthening the security of critical utilities moving forward.The Hill
May 10, 2021
White House: Colonial should be its own ‘first line of defense’ against attacks Full Text
Abstract
The White House said that it has been in touch with Colonial since Friday and has offered its assistance mitigating the ransomware, which Colonial has declined. Colonial told the administration it is working with its own cyber team.SCMagazine
May 10, 2021
Colonial Pipeline attack spotlights risks of geographically dispersed networks in an industry that is ‘far behind’ Full Text
Abstract
One expert noted that the pipeline industry is far behind other sectors, creating a high-risk scenario that can cascade rapidly.SCMagazine
May 10, 2021
White House downplays any supply challenge from pipeline attack Full Text
Abstract
The White House said Monday that a cyberattack on Colonial Pipeline, the largest oil supplier in the Northeast United States, has not yet resulted in supply shortages but that officials are monitoring for potential disruptions in the future.The Hill
May 10, 2021
US Government Passes Emergency Waiver Over Disruptive Cyberattack at Largest Fuel Pipeline Full Text
Abstract
Multiple sources have confirmed that the ransomware attack was caused by a cyber-criminal gang called DarkSide, who infiltrated Colonial's network on Thursday and took almost 100GB of data hostage.BBC
May 8, 2021
US spy agencies review software suppliers’ ties to Russia following SolarWinds hack Full Text
Abstract
U.S. intelligence agencies have begun a review of supply chain risks emanating from Russia in light of the far-reaching hacking campaign that exploited software made by SolarWinds and other vendors, a top Justice Department official said.Cyberscoop
May 07, 2021
Lawmakers push for increased cybersecurity funds in annual appropriations Full Text
Abstract
Lawmakers are increasingly pushing for Congress to increase funding in numerous areas to boost the nation’s cybersecurity, particularly after multiple major breaches and a year in which hackers have increasingly targeted critical infrastructure.The Hill
May 7, 2021
DHS to hire 200 more cyber pros as Biden administration grapples with hacking threats Full Text
Abstract
In a speech Wednesday, Homeland Security Secretary Alejandro Mayorkas said the cyber recruiting was part of “the most significant hiring initiative” that DHS has undertaken in its 18-year history.Cyberscoop
May 7, 2021
CISA used new subpoena power to contact US companies vulnerable to hacking Full Text
Abstract
The CISA used a new subpoena power for the first time last week to contact at least one U.S. internet service provider with customers whose software is vulnerable to hacking.Cyberscoop
May 6, 2021
DOD Expands Hacker Program Full Text
Abstract
Ethical hackers can now hunt bugs in all US publicly accessible defense information systemsInfosecurity Magazine
May 6, 2021
Chinese military unit accused of cyber-espionage bought multiple western antivirus products Full Text
Abstract
According to multiple documents found by Recorded Future’s Insikt Group, Unit 61419 of the Chinese People’s Liberation Army (PLA) bought small batches of different antivirus products in early 2019.The Record
May 5, 2021
NIST Seeks Input on HIPAA Security Rule Guidance Update Full Text
Abstract
The National Institute of Standards and Technology is seeking public comment as it plans to update its 2008 guidance for implementing the HIPAA Security Rule, which went into effect 20 years ago.Gov Info Security
May 04, 2021
DOD expands bug disclosure program to all publicly accessible systems Full Text
Abstract
US Department of Defense (DOD) officials today announced that the department's Vulnerability Disclosure Program (VDP) has been expanded to include all publicly accessible DOD websites and applications.BleepingComputer
May 4, 2021
NSA Issues Guidance on Securing IT-OT Connectivity Full Text
Abstract
The U.S. NSA last week released a cybersecurity advisory focusing on the security of operational technology (OT) systems, particularly in terms of connectivity to IT systems.Security Week
May 3, 2021
How a Norwegian Government Report Shows the Limits of CFIUS Data Reviews Full Text
Abstract
CFIUS forced a Chinese firm to sell Grindr in 2019. Yet the application is sharing data widely today, including to a company in China.Lawfare
April 30, 2021
House Armed Services Holds Hearing on Technology and Information Warfare Full Text
Abstract
On Friday, April 30, 2021, at 3:00 p.m., the House Armed Services Subcommittee on Cyber, Innovative Technologies and Information Systems will hold a hearing titled, "Technology and Information Warfare: The Competition for Influence and the Department of Defense." The subcommittee will hear testimony from Nina Jankowicz, a fellow at the Wilson Center; Glenn Gerstell, the former general counsel for the National Security Agency; Herb Lin, a senior research scholar at Stanford University; and Joseph Kirschbaum, the director of the defense capabilities management team at the Government AccountabLawfare
April 30, 2021
Justice Department to undertake 120 day review of cybersecurity challenges Full Text
Abstract
The Justice Department will soon begin a 120 day review of cybersecurity challenges in the midst of escalating cyber threats.The Hill
April 30, 2021
New SEI CERT chief and first ever federal CISO: old cybersecurity models have ‘been overcome’ Full Text
Abstract
SC Media caught up with Greg Touhill this week to learn what issues and projects he plans to prioritize in his role and how the old cybersecurity models we’ve relied on no longer work. In his words, “we need to change our game plan, because the traditional cybersecurity tactics, techniques and procedures that we’ve used for many years are no longer working the way we need them to be.”SCMagazine
April 30, 2021
Five US Federal Government Agencies Potentially Breached in Pulse Connect Secure VPN Attacks Full Text
Abstract
Hackers with suspected ties to China repeatedly took advantage of vulnerabilities in Pulse Secure VPN, a widely used remote connectivity tool, to gain access to government agencies and defense firms.CNN Money
April 30, 2021
U.S. government probes VPN hack within federal agencies, races to find clues Full Text
Abstract
The new government breaches involve a popular virtual private network (VPN) known as Pulse Connect Secure, which hackers were able to break into using some known security flaws.Reuters
April 30, 2021
Biden takes quick action on cyber in first 100 days Full Text
Abstract
President Biden and his administration hit the ground running on securing federal networks and critical infrastructure during his first 100 days in office, taking quick action after years of what some officials viewed as national security setbacks in U.S. cyber policy.The Hill
April 30, 2021
Cyberspace Solarium Commission: CISA Funding Should Increase by at Least $400M Full Text
Abstract
In a letter to the House Committee on Appropriations, two members of the Cyberspace Solarium Commission are asking for an increase in funding for the CISA in the fiscal year 2022.Security Week
April 29, 2021
Programs within military intel agencies in the US and UK show growing commitment to neurodiversity Full Text
Abstract
Efforts underway in both the DoD’s geospatial intelligence agency and the U.K.’s signals intel and information assurance organization show neurodivergent men and women with an interest in cybersecurity are finding new opportunities to bring their unique ways of thinking to the government workforce.SCMagazine
April 29, 2021
White House Asked to Increase Crypto Regulation Full Text
Abstract
Task force urges Biden to tackle ransomware attacks, disrupt cyber-criminals' safe havens, and regulate crypto more tightlyInfosecurity Magazine
April 29, 2021
Northern Ireland Government Announces Partnership to Offer Cyber Career Opportunities Full Text
Abstract
Participants will be trained via Immersive Labs online platformInfosecurity Magazine
April 29, 2021
Iran updates budget to allocate $71.4 million to ‘cyberspace’ operations Full Text
Abstract
The Tehran government has updated its national budget to allocate an extra $71.4 million for the cyberspace programs of two government-controlled organizations, IRIB and IDO.The Record
April 29, 2021
Biden prepping cybersecurity executive order in response to SolarWinds attack Full Text
Abstract
President Biden is preparing a cybersecurity executive order focused on helping the country protect itself from future cyberattacks following the sophisticated SolarWinds hack that was discovered in December.The Hill
April 29, 2021
Chinese Hackers Attacking Military Organizations With New Backdoor Full Text
Abstract
Bad actors with suspected ties to China have been behind a wide-ranging cyberespionage campaign targeting military organizations in Southeast Asia for nearly two years, according to new research. Attributing the attacks to a threat actor dubbed " Naikon APT ," cybersecurity firm Bitdefender laid out the ever-changing tactics, techniques, and procedures adopted by the group, including weaving new backdoors named "Nebulae" and "RainyDay" into their data-stealing missions. The malicious activity is said to have been conducted between June 2019 and March 2021. "In the beginning of the operation the threat actors used Aria-Body loader and Nebulae as the first stage of the attack," the researchers said . "Starting with September 2020, the threat actors included the RainyDay backdoor in their toolkit. The purpose of this operation was cyberespionage and data theft." Naikon (aka Override Panda, Lotus Panda, or Hellsing) has a track recorThe Hacker News
April 28, 2021
G7 Nations Sign Declaration to Keep the Internet Safe and Open Full Text
Abstract
The declaration has come amid concerns about the influence of illiberal nations and big tech in cyberspaceInfosecurity Magazine
April 28, 2021
Cyberspies target military organizations with new Nebulae backdoor Full Text
Abstract
A Chinese-speaking threat actor has deployed a new backdoor in multiple cyber-espionage operations spanning roughly two years and targeting military organizations from Southeast Asia.BleepingComputer
April 28, 2021
Australian government’s major IT shops to help others with cybersecurity Full Text
Abstract
The Australian government is planning on establishing three 'Cyber Hub' pilots that will see departments such as Defence, Home Affairs, and Services Australia provide cyber services for other ones.ZDNet
April 27, 2021
DARPA moves forward in quest for zero-knowledge proofs for vulnerability disclosure Full Text
Abstract
The effort could allow security researchers to publicly prove the existence of a vulnerability without also giving away their underlying research to attackers.SCMagazine
April 27, 2021
FBI shares with HIBP 4 million email addresses involved in Emotet attacks Full Text
Abstract
The FBI has shared with Have I Been Pwned service 4 million email addresses collected by Emotet botnet and employed in malware campaigns. Last week, European law enforcement has conducted an operation aimed at performing a mass-sanitization of computers...Security Affairs
April 27, 2021
FBI shares 4 million email addresses used by Emotet with Have I Been Pwned Full Text
Abstract
Millions of email addresses collected by Emotet botnet for malware distribution campaigns have been shared by the Federal Bureau of Investigation (FBI) as part of the agency's effort to clean infected computers.BleepingComputer
April 27, 2021
CISA, NIST published an advisory on supply chain attacks Full Text
Abstract
CISA and NIST published a report on software supply chain attacks that shed light on the associated risks and provide instructions on how to mitigate them. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute...Security Affairs
April 27, 2021
FBI Shares Email Addresses to Speed Emotet Cleanup Full Text
Abstract
The FBI has shared 4.3 million email addresses stolen by the Emotet malware with the Have I Been Pwned breach notification site in another effort to remediate the effects of the devastating botnet.Info Risk Today
April 27, 2021
FBI, CISA Uncover Tactics Employed by Russian Intelligence Hackers Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS), and the Federal Bureau of Investigation (FBI) on Monday published a new joint advisory as part of their latest attempts to expose the tactics, techniques, and procedures (TTPs) adopted by the Russian Foreign Intelligence Service (SVR) in its attacks targeting the U.S and foreign entities. By employing "stealthy intrusion tradecraft within compromised networks," the intelligence agencies said , "the SVR activity—which includes the recent SolarWinds Orion supply chain compromise —primarily targets government networks, think tank and policy analysis organizations, and information technology companies and seeks to gather intelligence information." The cyber actor is also being tracked under different monikers, including Advanced Persistent Threat 29 (APT29), the Dukes, CozyBear, and Yttrium. The development comes as the U.S. sanctioned Russia and formally pinnThe Hacker News
April 26, 2021
Lawmakers call for increasing the budget of key federal cybersecurity agency Full Text
Abstract
A pair of House lawmakers are urging legislators to appropriate more funding for a key federal cybersecurity agency after a year in which cyber threats skyrocketed.The Hill
April 26, 2021
State-Sponsored Adversaries Increasingly Targeting the U.S. Full Text
Abstract
The intelligence community is warning about the rise in U.S. adversaries that are using cyberspace to attack the country. It named China, Iran, North Korea among the top threats.Cyware Alerts - Hacker News
April 26, 2021
Space Command to Launch Dedicated Cyber Center Full Text
Abstract
Joint cyber center planned to help Cyber Command and Space Command integrateInfosecurity Magazine
April 26, 2021
US warns of Russian state hackers still targeting US, foreign orgs Full Text
Abstract
The FBI, the US Department of Homeland Security (DHS), and the Cybersecurity and Infrastructure Security Agency (CISA) warned today of continued attacks coordinated by the Russian-backed APT 29 hacking group against US and foreign organizations.BleepingComputer
April 26, 2021
Cyber Ninjas Forges on With Controversial Arizona Election Recount Full Text
Abstract
State senate hires inexperienced consultancy for recountInfosecurity Magazine
April 26, 2021
How to Test and Improve Your Domain’s Email Security? Full Text
Abstract
No matter which type of business you are in, whether small, medium, or large, email has become an irrefutable tool for communicating with your employees, partners, and customers. Emails are sent and received each day in bulk by companies from various sources. In addition, organizations may also employ third-party vendors who may be authorized to send emails on behalf of the company. As a result, it becomes increasingly difficult to distinguish between sources that are legitimate and malicious. Here's a solution – PowerDMARC. This SaaS platform helps you assess your email authentication protocols from time to time and see if your domain is secure against spoofing with a DMARC record checker, so you can make changes if necessary. Check Your Domain Today! Use our free tool to examine your domain's DMARC, SPF, DKIM, BIMI, and MTA-STS records instantly to ensure your domain is protected from impersonation and email fraud! Importance of Having Robust Email Security in 2021 SThe Hacker News
April 26, 2021
Minutes before Trump left office, millions of the Pentagon’s dormant IP addresses sprang to life Full Text
Abstract
After decades of not using a huge chunk of the Internet, the Pentagon has given control of millions of IP addresses to a previously unknown company called Global Resource Systems LLC.Washington Post
April 25, 2021
Threat Campaign Against Researchers Ongoing, CISA Warns Full Text
Abstract
The CISA notification urges researchers to use sandbox systems isolated from trusted networks when analyzing untrusted websites or codes.Cyware Alerts - Hacker News
April 24, 2021
Biden administration unveils plan to defend electric sector from cyberattacks Full Text
Abstract
The Biden administration is buckling down on cyber threats to U.S. power infrastructure. The Department of Energy (DOE) announced a 100-day plan to help shore up the U.S. electric power system against cyber threats.Cyberscoop
April 23, 2021
The Biden Administration’s Impending Executive Order on Software Security Full Text
Abstract
Executive branch action on software security is sorely needed, but should focus primarily on risk management rather than merely new reporting requirements.Lawfare
April 23, 2021
Following similar move in US, Europol prepares coup de gras for Emotet’s remains Full Text
Abstract
Emotet’s final undoing comes two weeks after a similar FBI operation sent a kill command to hundreds of Microsoft Exchange servers, ordering web shells to delete themselves. But there are differences in subtlety and scope.SCMagazine
April 23, 2021
GCHQ Director: The UK and Allies Must Counter “Existential Threat” to the Digital Environment Full Text
Abstract
The UK must react to China's attempts to control the global operating systemInfosecurity Magazine
April 23, 2021
CISA Warns of ICS Vulnerabilities in Horner Automation Cscape and Mitsubishi Electric GOT Full Text
Abstract
The DHS's Cybersecurity and Infrastructure Security Agency (CISA) today issued ICS advisories for vulnerabilities in the Horner Automation Cscape software and the Mitsubishi Electric GOT.Dark Reading
April 22, 2021
New chief of Carnegie Mellon’s CERT: Feds needs to do better with info sharing Full Text
Abstract
Rather than limit focus to indicators of compromise, CERT’s new director, Greg Touhill said government needs “to do a better job of making sure that what information we share has contextual elements, and is timely.”SCMagazine
April 21, 2021
Justice Department convenes task force to tackle wave of ransomware attacks Full Text
Abstract
The Justice Department this week convened a new task force to address the mounting ransomware cyberattacks on critical U.S. organizations, which have spiked during the COVID-19 pandemic.The Hill
April 21, 2021
Lawmakers reintroduce bill to invest billions in emerging technologies to compete with China Full Text
Abstract
Senate Majority Leader Chuck Schumer (D-N.Y.) led dozens of bipartisan House and Senate members on Wednesday in rolling out legislation that would invest over $100 billion in emerging technologies in an effort to put the U.S. on a level playing field with China.The Hill
April 21, 2021
CISA orders federal orgs to mitigate Pulse Secure VPN bug by Friday Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a new emergency directive ordering federal agencies to mitigate an actively exploited vulnerability in Pulse Connect Secure (PCS) VPN appliances on their networks by Friday.BleepingComputer
April 21, 2021
Foreign Spies Target British Nationals With Fake Social Media Profiles Full Text
Abstract
At least 10,000 UK nationals have been approached by malicious individuals using fraudulent profiles on the professional networking site, the BBC reports, citing security agency MI5.Dark Reading
April 20, 2021
With details sparse, vendors scramble to make sense of Biden 100-day grid security plan Full Text
Abstract
The plan, which encourages owners and operators of industrial control systems to “implement measures or technology that enhance their detection, mitigation, and forensic capabilities,” was not released in full to the public — or to many vendors who might be instrumental in actualizing key objectives.SCMagazine
April 20, 2021
The Cyberlaw Podcast: Cybersecurity Issues on the Congressional Agenda Full Text
Abstract
Our interview is with Mark Montgomery and John Costello, both staff to the Cyberspace Solarium Commission. The commission, which issued its main report more than a year ago, is swinging through the pitch, following up with new white papers, draft legislative language and enthusiastic advocacy fLawfare
April 20, 2021
Biden administration kicks off 100-day plan to shore up cybersecurity of electric grid Full Text
Abstract
The Biden administration on Tuesday announced it was kicking off a 100-day plan aimed at protecting the electric grid against cyberattacks.The Hill
April 20, 2021
UK Government Reviews Nvidia-Arm Deal on National Security Fears Full Text
Abstract
Competition regulator will begin phase one investigationInfosecurity Magazine
April 19, 2021
Hillicon Valley: Apple approves Parler’s return to App Store | White House scales back response to SolarWinds, Microsoft incidents | Pressure mounts on DHS over relationship with Clearview AI Full Text
Abstract
Apple told Republicans it will welcome an updated version of Parler back into its App Store with approved content moderation changes. Meanwhile, the Biden administration announced it is scaling back its initial response to both the SolarWinds and Microsoft Exchange Server hacking incidents, and the Department of Homeland Security is coming under pressure to discontinue its relationship with Clearview AI.The Hill
April 19, 2021
No Server Left Behind: The Justice Department’s Novel Law Enforcement Operation to Protect Victims Full Text
Abstract
The U.S. Department of Justice recently announced that it undertook a law enforcement operation to remove malware from hundreds of victim systems in the United States. What’s the significance of the move?Lawfare
April 19, 2021
White House closes SolarWinds, Microsoft Exchange focus groups, signaling return to normalcy Full Text
Abstract
The Biden administration’s handling of the two cyber incidents in coordination with industry leaves some in the community hopeful that a functioning interagency system will reemerge after years of atrophy.SCMagazine
April 19, 2021
White House ‘standing down’ emergency response groups to SolarWinds, Microsoft hacks Full Text
Abstract
The Biden administration is “standing down” coordinated efforts by several key agencies to respond to recent major cybersecurity incidents including the SolarWinds hack, a senior administration official announced Monday.The Hill
April 19, 2021
U.S. Takes Aim at Russia’s Cyber Ops Ecosystem Full Text
Abstract
Russian tech companies identified and sanctioned by the US Treasury Department include ERA Technopolis, Pasit AO, SVA, Neobit OOO, Advanced System Technology, and Pozitiv Teknolodzhiz.Security Boulevard
April 18, 2021
Nation-State Attackers Taking Over Global Cyber Realm Full Text
Abstract
New research sheds light on cyberattack incidents by the nation-backed cybercriminal groups, revealing a 100% rise in nation-state incidents between 2017 and 2020.Cyware Alerts - Hacker News
April 17, 2021
6 out of 11 EU Agencies Running SolarWinds Orion Software Were Hacked Full Text
Abstract
European Commissioner for Budget and Administration Johannes Hahn confirmed the hack of some EU agencies as result of the SolarWinds supply chain attack in a response to a question filed by an EU Parliament member.Security Affairs
April 17, 2021
6 out of 11 EU agencies running Solarwinds Orion software were hacked Full Text
Abstract
SolarWinds supply chain attack also impacted six European Union institutions, European Commissioner for Budget and Administration confirmed. European Commissioner for Budget and Administration Johannes Hahn confirmed the hack of some EU agencies as result...Security Affairs
April 17, 2021
‘Simple Photoshop’: how a Pakistani counterfeiter may have aided Russian trolls Full Text
Abstract
Amid the cascade of U.S. sanctions imposed on Russian cybersecurity companies and officials alleged to be operating on behalf of the Kremlin’s intelligence services, one company stood out: the Fresh Air Farm House in Karachi, Pakistan.Reuters
April 16, 2021
US Issues Russian SVR Warning Full Text
Abstract
America urges organizations to patch five vulnerabilities being exploited by Russia’s Foreign Intelligence ServiceInfosecurity Magazine
April 15, 2021
US Sanctions Russia and Expels 10 Diplomats Over SolarWinds Cyberattack Full Text
Abstract
The U.S. and U.K. on Thursday formally attributed the supply chain attack of IT infrastructure management company SolarWinds with "high confidence" to government operatives working for Russia's Foreign Intelligence Service (SVR). "Russia's pattern of malign behaviour around the world – whether in cyberspace, in election interference or in the aggressive operations of their intelligence services – demonstrates that Russia remains the most acute threat to the U.K.'s national and collective security," the U.K. government said in a statement. To that effect, the U.S. Department of the Treasury has imposed sweeping sanctions against Russia for "undermining the conduct of free and fair elections and democratic institutions" in the U.S. and for its role in facilitating the sprawling SolarWinds hack, while also barring six technology companies in the country that provide support to the cyber program run by Russian Intelligence Services. The comThe Hacker News
April 15, 2021
Sanctioning Russia for SolarWinds: What Normative Line Did Russia Cross? Full Text
Abstract
The United States has just sanctioned various Russian entities in express response to the SolarWinds Orion exploit campaign. But what normative line, if any, is the U.S. saying that Russia crossed?Lawfare
April 15, 2021
US Gov sanctions Russia and expels 10 diplomats over SolarWinds hack Full Text
Abstract
The U.S. and UK attributed with "high confidence" the recently disclosed supply chain attack on SolarWinds to Russia's Foreign Intelligence Service (SVR). The U.S. and U.K. attributed with "high confidence" the supply chain attack on SolarWinds to operatives...Security Affairs
April 15, 2021
Biden Races to Shore Up Power Grid Against Hacks Full Text
Abstract
A 100-day race to boost cybersecurity will rely on incentives rather than regulation, the White House said.Threatpost
April 15, 2021
Intelligence leaders face sharp questions during House worldwide threats hearing Full Text
Abstract
The nation's top intelligence leaders faced sharper political questions during a House hearing on global security threats, with lawmakers as focused on rehashing issues from the Trump era as future threats.The Hill
April 15, 2021
Sanctions Escalate US–Russia Tensions Full Text
Abstract
Russia hints at confrontation after being sanctioned by US for hacking and election interferenceInfosecurity Magazine
April 15, 2021
US government confirms Russian SVR behind the SolarWinds hack Full Text
Abstract
The United States government is formally accusing the Russian government of the SolarWinds supply-chain attack that gave hackers access to the network of multiple U.S. agencies and private tech sector companies.BleepingComputer
April 15, 2021
New US sanctions further chill Biden-Putin relations Full Text
Abstract
The U.S. and Russia entered a new phase of heightened tensions Thursday after President Biden announced punishing sanctions over cyberattacks, election interference and threats against U.S. soldiers in Afghanistan.The Hill
April 15, 2021
As US takes sweeping action against Russia for years of hacking, industry skeptical of impact Full Text
Abstract
Anticipated for months, the Biden administration unveiled a sweeping set of sanctions and other actions against the Russian government, as well as private individuals and a number of Russian tech and defense companies. While applauded in cyber circles, some remain skeptical that the efforts will deter Moscow’s cyberespionage efforts.SCMagazine
April 15, 2021
Biden administration sanctions Russia for SolarWinds hack, election interference Full Text
Abstract
The Biden administration on Thursday announced sanctions against Russia for its involvement in a recent major cyber espionage operation against the U.S., foreign influence operations around U.S. elections, and other concerns.The Hill
April 15, 2021
Months after hack, US poised to announce sanctions on Russia Full Text
Abstract
The Biden administration is preparing to announce sanctions and the expulsion of diplomats from the U.S. in response to a massive Russian hacking campaign that breached vital federal agencies, as well as for election interference.AP News
April 15, 2021
Victorian government earmarks AU$30m to lift hospital cyber capabilities Full Text
Abstract
The Victorian government plans to invest a total of AU$30 million to upgrade and modernize the IT infrastructure of 28 of the state's hospitals and health services in a bid to guard against further cyber-attacks.ZDNet
April 15, 2021
CISA Urges Caution for Security Researchers Targeted in Attack Campaign Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) is cautioning cybersecurity researchers to keep their guard up amid a wave of attacks targeting this particular group.Dark Reading
April 14, 2021
House Republicans raise concerns about new Chinese tech companies Full Text
Abstract
Two leading Republicans on the House Homeland Security Committee on Wednesday raised concerns about security and privacy threats posed by emerging Chinese tech companies, specifically zeroing in on electronics group Xiaomi.The Hill
April 14, 2021
Wray: FBI opens investigation into China every 10 hours Full Text
Abstract
FBI Director Christopher Wray told Senate Intelligence Committee members on Wednesday that the agency is opening an investigation into various Chinese government actions every 10 hours.The Hill
April 14, 2021
Bolstering Our Nation’s Defenses Against Cybersecurity Attacks Full Text
Abstract
Shawn Henry, former Executive Assistant Director of the FBI and current CrowdStrike president of services and CSO, shares the top three cybersecurity priorities that the Biden administration needs to address.Dark Reading
April 14, 2021
FBI silently removed web shells planted on Microsoft Exchange servers in the US Full Text
Abstract
FBI log into web shells that hackers installed on Microsoft Exchange email servers across the US and removed the malicious code used by threat actors. A US judge granted the FBI the power to log into web shells that were injected by nation-state hackers...Security Affairs
April 14, 2021
FBI blasts away web shells on US servers in wake of Exchange vulnerabilities Full Text
Abstract
The Department of Justice revealed on Tuesday that the FBI gained authorization to remove web shells installed on compromised servers related to the Exchange vulnerabilities.ZDNet
April 14, 2021
Sweden blames Russia for Swedish Sports Confederation hack Full Text
Abstract
The Swedish Sports Confederation organization was compromised in 2017-18 by hackers working for Russian military intelligence, officials said. The Swedish Sports Confederation is the umbrella organisation of the Swedish sports movement, it was hacked...Security Affairs
April 14, 2021
The Biden Administration’s Cybersecurity Roadmap Full Text
Abstract
The pandemic has forced state and local governments to shift so much of their operations and provision of services online, but their technology has often struggled to keep up, and even worse it has exposed their cybersecurity vulnerabilities.Nextgov
April 14, 2021
FBI Removes Web Shells from Infected Exchange Servers Full Text
Abstract
Aggressive action designed to head-off persistent security threatInfosecurity Magazine
April 13, 2021
FBI nuked web shells from hacked Exchange Servers without telling owners Full Text
Abstract
A court-approved FBI operation was conducted to remove web shells from compromised US-based Microsoft Exchange servers without first notifying the servers' owners.BleepingComputer
April 13, 2021
FBI launches operation to remove malware from computers in US Full Text
Abstract
A court in Texas has authorized the FBI to fix malware in hundreds of hacked servers in the U.S. running certain versions of Microsoft Exchange Server software.The Hill
April 13, 2021
DoJ used court order to thwart ‘hundreds’ of Exchange Server web shells Full Text
Abstract
The move is unprecedented, and implies an understanding that cyber risks should be addressed with the same urgency of other threats to national security and critical infrastructure.SCMagazine
April 13, 2021
CISA gives federal agencies until Friday to patch Exchange servers Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to install newly released Microsoft Exchange security updates by Friday.BleepingComputer
April 13, 2021
Federal agencies urge groups to patch systems over new Microsoft vulnerabilities Full Text
Abstract
Federal agencies urged organizations using a Microsoft email application to immediately patch their systems to stop malicious hackers from exploiting newly discovered vulnerabilities.The Hill
April 13, 2021
Joe Biden Appointed two Former Senior NSA Officials for Senior Cyber Security Roles Full Text
Abstract
Joe Biden, the President of the United States of America, has appointed two senior ex-National Security Agency (NSA) executives for key cyber...Cyber Security News
April 13, 2021
US Federal Reserve Chairman Jerome Powell Says Cyberattacks are the Number One Threat to the Global Financial System Full Text
Abstract
Cyberattacks are now the foremost risk to the global financial system, even more so than the lending and liquidity risks that led to the 2008 financial crisis, according to Federal Reserve Chairman Jerome Powell.CNN Money
April 12, 2021
Two former NSA Officials appointed by Joe Biden for prominent cyber roles Full Text
Abstract
President Joe Biden has appointed two former senior NSA officials for two prominent cyber roles in his administration. President Joe Biden has assigned to two former senior National Security Agency (NSA) officials key cyber roles in his administration. The...Security Affairs
April 12, 2021
Lawmakers, industry call on Biden to fund semiconductor production amid shortage Full Text
Abstract
A bipartisan group of more than 70 House and Senate lawmakers on Monday called on President Biden to support funds for semiconductor research and manufacturing as Biden hosted a meeting with technology leaders to discuss a critical shortage in chips.The Hill
April 12, 2021
Biden Nominates More Ex-NSA Officials to Top Cybersecurity Roles Full Text
Abstract
Two former National Security Agency workers selected by Biden for senior cyber jobsInfosecurity Magazine
April 12, 2021
Bipartisan lawmakers signal support for Biden cybersecurity picks Full Text
Abstract
Key lawmakers on Monday expressed support for President Biden’s picks to lead federal efforts on securing the nation against cyber threats.The Hill
April 12, 2021
Biden scores praise for nominations of White House, DHS cyber leaders Full Text
Abstract
The announcement ends months of speculation over the key positions, during which time the government has had to face fallout from both the Solarwinds and Hafnium Exchange Server campaigns without leadership in place.SCMagazine
April 12, 2021
Biden makes nominations for top cyber posts Full Text
Abstract
U.S. President Joe Biden is nominating Chris Inglis to be the National Cyber Director and Jen Easterly to be director of the Cybersecurity and Infrastructure Security Agency, the White House said on Monday.Reuters
April 12, 2021
Biden to nominate former NSA deputy director to serve as cyber czar Full Text
Abstract
President Biden on Monday will roll out a slate of key leaders to head his administration’s approach to cybersecurity, including nominating Chris Inglis, the former deputy director of the National Security Agency (NSA), as the national cyber director at the White House.The Hill
April 12, 2021
India seeks US help as China-backed hacks threaten military Full Text
Abstract
India’s top military official says the country plans to seek help from the US and other countries to shore up its defense infrastructure that is vulnerable to China-backed cyber-attacks.The Times Of India
April 09, 2021
Biden budget request calls for major investments in cybersecurity, emerging technologies Full Text
Abstract
President Biden called for over $1.3 billion in cybersecurity funds as part of his proposed budget request sent to Congress on Friday, along with major investments in emerging technologies such as quantum computing and artificial intelligence.The Hill
April 9, 2021
The U.S. Government Needs to Overhaul Cybersecurity. Here’s How. Full Text
Abstract
In advance of the new Biden administration cybersecurity executive order, it’s time for the federal government to get proactive about cybersecurity.Lawfare
April 9, 2021
CISA releases post-compromise tool Aviary to review Microsoft 365 Full Text
Abstract
CISA released a Splunk-based dashboard for post-compromise activity in Microsoft Azure Active Directory (AD), Office 365, and MS 365 environments. The Cybersecurity and Infrastructure Security Agency (CISA) has released a Splunk-based dashboard,...Security Affairs
April 08, 2021
CISA releases tool to review Microsoft 365 post-compromise activity Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) has released a companion Splunk-based dashboard that helps review post-compromise activity in Microsoft Azure Active Directory (AD), Office 365 (O365), and Microsoft 365 (M365) environments.BleepingComputer
April 08, 2021
Commerce blacklists seven Chinese supercomputing groups Full Text
Abstract
The Commerce Department on Thursday blacklisted seven Chinese supercomputing groups, adding the companies to its "entity list” as potential national security threats.The Hill
April 07, 2021
Key House leader to press for inclusion of cybersecurity in infrastructure bill Full Text
Abstract
Rep. Yvette Clarke (D-N.Y.), the chair of a key cyber House panel, said Wednesday that she would push for inclusion of language on securing critical systems as part of negotiations around President’s Biden’s infrastructure proposal.The Hill
April 7, 2021
IG: Cybersecurity Weaknesses Persist in US Energy Dept. Full Text
Abstract
Cybersecurity weaknesses persist throughout the U.S. DOE's unclassified networks, including those of the National Nuclear Security Administration, according to an inspector general audit.Gov Info Security
April 7, 2021
CISA: Patch Legacy SAP Vulnerabilities Urgently Full Text
Abstract
Onapsis report claims some exploited bugs date back to 2010Infosecurity Magazine
April 7, 2021
EU institutions experienced hack attempt in March: spokesman Full Text
Abstract
The European Commission and other EU institutions were the target of a cyber attack last month, but there has been no evidence so far of any major information breach, a Commission spokesman said.Reuters
April 7, 2021
European Commission and other institutions were hit by a major cyber-attack Full Text
Abstract
Not only the European Commission, but many other organizations of the European Union have been targeted by a cyberattack in March. A European Commission spokesperson confirmed that the European Commission, along with other European Union organizations,...Security Affairs
April 06, 2021
Senators call for update on investigations into SolarWinds, Microsoft hacks Full Text
Abstract
Bipartisan leaders of a key Senate panel on Tuesday pressed the Biden administration for more information on its investigation into two recent, massive foreign espionage hacking incidents.The Hill
April 06, 2021
Intel heads to resume worldwide threats hearing scrapped under Trump Full Text
Abstract
The House and Senate Intelligence committees will question leaders of five major intelligence and security agencies next week, resuming the annual tradition of a worldwide threats hearing that was abandoned under the Trump administration.The Hill
April 6, 2021
CISA: Patch These Three Fortinet Bugs Now to Avoid Compromise Full Text
Abstract
Attackers targeting government, commercial and tech firmsInfosecurity Magazine
April 3, 2021
Biden’s cyber executive order to include new rules for federal agencies, contractors Full Text
Abstract
Under a forthcoming White House order, companies that do business with the federal government would have to meet software security standards and swiftly report cyber incidents to a new entity within the DHS.Cyberscoop
April 2, 2021
Canada’s Defense Strategy Falls Behind in the Quantum Age Full Text
Abstract
Spurred on by recent quantum computing milestones, a global “quantum race” is underway—but Canada is still without a strategy.Lawfare
April 2, 2021
DHS CISA requires federal agencies to assess their Microsoft Exchange servers by April 5 Full Text
Abstract
The DHS CISA has issued a supplemental directive that requires all federal agencies to identify vulnerable Microsoft Exchange servers in their infrastructure within five days. The Department of Homeland Security’s Cybersecurity and Infrastructure...Security Affairs
April 02, 2021
Lack of cyber funds in Biden infrastructure plan raises eyebrows Full Text
Abstract
President Biden's $2.25 trillion infrastructure plan does not include any funds to protect critical infrastructure against cyberattacks, even as the threat grows against targets like the electric grid.The Hill
April 2, 2021
NIST Publishes Guide for Securing Hotel Property Management Systems Full Text
Abstract
The National Institute of Standards and Technology (NIST) has released a cybersecurity guide for the hospitality industry to help reduce security risks related to hotel property-management system software.Dark Reading
April 2, 2021
After Hack, Officials Draw Attention to Supply Chain Threats Full Text
Abstract
The U.S. government is working to draw attention to supply chain vulnerabilities, an issue that received particular attention late last year after suspected Russian hackers gained access to federal agencies and private corporations.Security Week
April 1, 2021
CISA encourages everyone to follow updated guidance for Microsoft Exchange fixes Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday issued a supplemental direction to Emergency Directive (ED) 21-02, which lays out hardening, forensic triage and reporting requirements designed to mitigate vulnerabilities found in the wake of the massive Microsoft Exchange vulnerability hacks that have affected tens of thousands of organizations. The update directs federal departments…SCMagazine
April 1, 2021
Just like cyber became a C-suite issue, it’s also now your governor’s concern Full Text
Abstract
The National Governors Association announced five U.S. states have been selected for its 2021 Policy Academy to Advance Whole-of-State Cybersecurity.SCMagazine
April 1, 2021
DHS Secretary Mayorkas Outlines His Vision for Cybersecurity Resilience Full Text
Abstract
The department will conduct a series of 60-day sprints which will mobilize action by elevating existing efforts, removing roadblocks, and launching new initiatives where necessary.DHS
April 1, 2021
DHS Secretary Outlines Biden Administration’s Cybersecurity Vision Full Text
Abstract
DHS secretary Alejandro Mayorkas spoke during RSAC webcastInfosecurity Magazine
March 31, 2021
National infrastructure plan could strain CISA despite modernizing systems Full Text
Abstract
Plans to upgrade the electric grid, revitalize manufacturing and secure U.S. supply chains will have a palpable impact on cybersecurity.SCMagazine
March 31, 2021
National infrastructure plan could replace insecure old equipment, but also strain CISA Full Text
Abstract
Plans to upgrade the electric grid, revitalize manufacturing and secure U.S. supply chains will have a palpable impact on cybersecurity.SCMagazine
March 31, 2021
CISA gives federal agencies 5 days to find hacked Exchange servers Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to scan their networks again for any signs of compromised on-premises Microsoft Exchange servers and report their findings within five days.BleepingComputer
March 31, 2021
DHS chief lays out actions to strengthen cybersecurity in wake of major hacks Full Text
Abstract
Homeland Security Secretary Alejandro Mayorkas on Wednesday issued a “call for action” to confront mounting cybersecurity threats to the federal government, laying out a plan to combat hacking efforts following two major foreign cyberattacks.The Hill
March 31, 2021
CISA and RH-ISAC to Run Cybersecurity Drill Full Text
Abstract
First retail, hospitality, and travel industry–wide cybersecurity exercise announcedInfosecurity Magazine
March 31, 2021
President Biden extended Executive Order 13694 regarding cyberattack sanctions Full Text
Abstract
President Joe Biden has extended Executive Order 13694, issued in 2015 by President Obama, regarding sanctions issued in response to cyberattacks. President Joe Biden this week has extended Executive Order 13694 regarding sanctions issued in response...Security Affairs
March 31, 2021
What Did Gen. Nakasone Say About Defense Department Operations (Not Just Cyber Operations)? Full Text
Abstract
Some notes on a curious comment from Gen. Paul Nakasone, commander of U.S. Cyber Command.Lawfare
March 31, 2021
UK Cyber Security Council Officially Launches as Independent Body Full Text
Abstract
The council will be working on boosting professional standards in the cybersecurity industryInfosecurity Magazine
March 30, 202
Officials say executive order with ‘a dozen’ actions forthcoming after SolarWinds, Microsoft breaches Full Text
Abstract
Officials at the Department of Homeland Security (DHS) on Tuesday said that the Biden administration is working on “close to a dozen” action items to be included in an upcoming executive order meant to strengthen federal cybersecurity in the wake of two major breaches.The Hill
March 30, 2021
The Cyberlaw Podcast: Can Editorial Middleware Cut the Power of the Big Platforms? Full Text
Abstract
The latest episode of the Cyberlaw Podcast.Lawfare
March 30, 2021
US govt warns that buying fake COVID-19 vaccine cards is a crime Full Text
Abstract
US federal agencies have warned today against making or selling fake COVID-19 vaccination record cards as this is breaking the law.BleepingComputer
March 28, 2021
US Gov Executive Order would oblige to disclose security breach impacting gov users Full Text
Abstract
According to a proposed executive order of the Biden administration, software vendors would have to disclose breaches to U.S. government users. The Reuters agency revealed that an executive order proposed by the Biden administration will oblige software...Security Affairs
March 26, 2021
Watch out for Russia and China, UK’s cyber security boss says Full Text
Abstract
Russia poses the most acute immediate threat to the United Kingdom in cyberspace while China’s ambition to be dominant in a host of new technologies will transform the 21st Century world we live in, the head of Britain’s cybersecurity center said.Reuters
March 26, 2021
Exec Order Could Force Software Vendors to Disclose Breaches to Federal Gov’t Customers Full Text
Abstract
In wake of the SolarWinds hack, the White House is prepping an executive order to require software vendors to notify federal government customers if they experience a breach.Dark Reading
March 25, 2021
Senators urge Energy chief to prioritize cybersecurity amid growing threats Full Text
Abstract
Bipartisan leaders of the Senate Energy and Natural Resources Committee on Thursday urged Energy Secretary Jennifer Granholm to prioritize cybersecurity and maintain leadership for the agency’s key cybersecurity office in the face of growing threats to the power grid.The Hill
March 25, 2021
Cyber Command chief says dozens of cyber operations carried out to defend 2020 elections Full Text
Abstract
The nation’s top military cybersecurity leader said Thursday that U.S. Cyber Command conducted dozens of operations ahead of the 2020 elections aimed at securing voting against foreign interference.The Hill
March 24, 2021
Making the National Cyber Director Operational With a National Cyber Defense Center Full Text
Abstract
Without a National Cyber Defense Center, the Office of the National Cyber Director will fail to move the needle in improving the U.S. cybersecurity posture.Lawfare
March 22, 2021
EU Council Adopts Cybersecurity Strategy Full Text
Abstract
Cybersecurity conclusions presented in December officially adopted by EU CouncilInfosecurity Magazine
March 22, 2021
New Cybersecurity Programs to Protect US Energy Full Text
Abstract
US to launch three new research programs to safeguard energy securityInfosecurity Magazine
March 22, 2021
UK Govt Department Loses 306 Mobiles and Laptops in Two Years Full Text
Abstract
The figures raise concerns about the security of highly sensitive dataInfosecurity Magazine
March 22, 2021
FBI: State and Local Governments Losing Millions to BEC Full Text
Abstract
Alert urges improved education and awareness trainingInfosecurity Magazine
March 21, 2021
Biden under growing pressure to nominate cyber czar Full Text
Abstract
President Biden is coming under increasing pressure from lawmakers and other officials to nominate a White House cyber czar as the government starts formulating its response to two major foreign cyberattacks.The Hill
March 19, 2021
FBI warns of BEC attacks increasingly targeting US govt orgs Full Text
Abstract
The Federal Bureau of Investigation (FBI) is warning US private sector companies about an increase in business email compromise (BEC) attacks targeting state, local, tribal, and territorial (SLTT) government entities.BleepingComputer
March 18, 2021
House Republicans examine federal election funds awarded to Biden-linked firm Full Text
Abstract
Three House Republican leaders on Thursday raised questions about oversight of federal election funds awarded by California to a firm linked to now-President Biden in the months ahead of the election.The Hill
March 18, 2021
FBI Releases the IC3 Internet Crime Report 2020 Full Text
Abstract
The FBI received 791,790 cybercrime complaints in 2020—300,000 more than 2019— resulting in a loss of over $4.2 billion.Cyware Alerts - Hacker News
March 18, 2021
FBI Alert: Pysa Ransomware Targeting Education Sector Full Text
Abstract
Threat actors disable AV before deploying ransomwareInfosecurity Magazine
March 18, 2021
Prime Minister Boris Johnson wants to enhance UK cyber capabilities Full Text
Abstract
Prime Minister Boris Johnson declared that Britain needs to boost its cyber capability to conduct cyber attacks on foreign hostile actors. Prime Minister Boris Johnson said that his government needs to boost its capability to conduct cyber attacks...Security Affairs
March 17, 2021
Officials urge Biden to appoint cyber leaders after SolarWinds, Microsoft hacks Full Text
Abstract
Homeland Security Secretary Alejandro Mayorkas and leading lawmakers on Wednesday urged President Biden to nominate officials to lead federal cybersecurity policy, particularly as the government continues to grapple with the fallout from two massive cyber espionage attacks.The Hill
March 17, 2021
White House forms public-private task force to tackle Microsoft Exchange hack Full Text
Abstract
The Unified Coordination Group established by the National Security Council includes officials from the FBI, the Cybersecurity and Infrastructure Security Agency at DHS, the Office of the Director of National Intelligence and the NSA, as well as private sector companies with “specific insights to this incident.”SCMagazine
March 17, 2021
TIA CEO: Supply chain standard shows feds ‘they don’t have to be heavy handed’ Full Text
Abstract
Nobody likes a new standard, said TIA CEO David Stehlin. But with security concerns tied to Huawei and SolarWinds still fresh, government and businesses alike need assurance that industry is addressing the problem.SCMagazine
March 16, 2021
US intel says Russia, Iran sought to influence 2020 election Full Text
Abstract
Russia and Iran undertook campaigns to influence the 2020 U.S. election but intelligence agencies found no evidence that foreign actors tried to alter technical aspects of the voting process, according to conclusions of a declassified report released Tuesday.The Hill
March 16, 2021
UK Cyber Security Council Unveils Inaugural Leadership Team Full Text
Abstract
UK Cyber Security Council introduces its first four trusteesInfosecurity Magazine
March 15, 2021
Canada Revenue Agency locks out over 800,000 online accounts — here’s what to know Full Text
Abstract
On Friday, the agency said the move is a precautionary cybersecurity measure and is being taken after a similar action in February, when over 100,000 accounts were locked.CBC
March 15, 2021
Britain must boost cyber-attack capacity, PM Boris Johnson says Full Text
Abstract
Britain needs to boost its capacity to conduct cyber attacks on foreign enemies, Prime Minister Boris Johnson said before the publication of a national security review next week.The Times Of India
March 14, 2021
Security Affairs newsletter Round 305 Full Text
Abstract
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Chinese hackers...Security Affairs
March 13, 2021
U.S. government to respond to SolarWinds hackers in weeks: Senior Official Full Text
Abstract
The Biden administration will respond “in weeks, not months” to the perpetrators of the SolarWinds hack, who used the U.S. tech company as a springboard to compromise a raft of U.S. government agencies, a senior administration official said onReuters
March 12, 2021
China blasts Biden administration over new restrictions on Huawei Full Text
Abstract
China criticized the Biden administration on Friday over new restrictions on the Chinese telecom giant Huawei, arguing the move shows that the U.S. cannot be trusted.The Hill
March 12, 2021
France, Cyber Operations and Sovereignty: The ‘Purist’ Approach to Sovereignty and Contradictory State Practice Full Text
Abstract
The rule of sovereignty that France asserts applies to cyberspace is incompatible with several of its own operations. The “purist” approach to a rule of sovereignty for cyber operations is at odds with the state practice of cyber-capable states.Lawfare
March 11, 2021
Lawmakers roll out bill to protect critical infrastructure after Florida water hack Full Text
Abstract
A group of bipartisan House lawmakers on Thursday introduced legislation intended to protect critical infrastructure from cyberattacks after an unsuccessful hack of a Florida water treatment facility.The Hill
March 11, 2021
CISA: No federal civilian agency hacked in Exchange attacks, so far Full Text
Abstract
CISA officials said that, so far, there is no evidence of US federal civilian agencies compromised during ongoing attacks targeting Microsoft Exchange servers.BleepingComputer
March 11, 2021
CISA Will Manage .Gov Domain in Effort to Enhance Security Full Text
Abstract
The CISA will take over the day-to-day management of the official .gov top-level domain in April, adding a greater emphasis on security for the domains used for government websites.Gov Info Security
March 10, 2021
How Biden’s Cyber Strategy Echoes Trump’s Full Text
Abstract
Comparing the Biden administration’s Interim National Security Strategic Guidance with Trump’s National Cyber Strategy.Lawfare
March 10, 2021
Federal agencies warn Microsoft vulnerabilities pose ‘serious risk’ to government, private sector Full Text
Abstract
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) warned Wednesday that recently uncovered vulnerabilities in a Microsoft email application pose a “serious risk” to federal agencies and the private sector, noting that thousands of groups were at risk of being targeted by hackers.The Hill
March 10, 2021
House approves cyber funds in relief package as officials press for more Full Text
Abstract
The House on Wednesday allocated almost $2 billion toward cybersecurity and technology modernization as part of passing the American Rescue Plan, which officials described as a “down payment” on the funds needed to fully confront recent massive foreign cyberattacks.The Hill
March 10, 2021
US cyber chief reports ‘widespread’ hacks after Microsoft app flaw Full Text
Abstract
The nation’s top cybersecurity official told lawmakers Wednesday that the federal government is seeing “widespread” hacking using recently uncovered vulnerabilities in a Microsoft email application, with researchers saying almost a dozen hacking groups have used the flaw to target a variety of organizations.The Hill
March 10, 2021
Senators introduce bill to fund election official cybersecurity training Full Text
Abstract
Senate Rules Committee Chairwoman Amy Klobuchar (D-Minn.) and Sen. Susan CollinsSusan Margaret CollinsSchumer moves to break GOP holds on Haaland Republicans put procedural delay on Haaland's nomination The Hill's Morning Report - Presented by the National Shooting Sports Foundation - CDC news on gatherings a step toward normality MORE (R-Maine) on Wednesday reintroduced legislation to designate funding to provide cybersecurity training to election officials.The Hill
March 09, 2021
Biden appoints Clare Martorana as federal CIO Full Text
Abstract
The White House on Tuesday announced that President Biden had appointed Clare Martorana to serve as both the federal chief information officer and administrator of the Office of Management and Budget’s Office of Electronic Government.The Hill
March 9, 2021
Was SolarWinds a Different Type of Cyber Espionage? Full Text
Abstract
There is a gap between how administration officials are framing the nature of the SolarWinds incident and what the available evidence indicates about it.Lawfare
March 09, 2021
Russia: Reported US plans for cyber strike ‘alarming’ Full Text
Abstract
Russia on Tuesday expressed concerns over reported plans by the Biden administration to wage a series of retaliatory actions in response to large-sale hacking of U.S. government agencies.The Hill
March 09, 2021
Biden challenged by early cyber threats Full Text
Abstract
The Biden administration is grappling with two major cyber incidents in its first 50 days in office, underscoring the challenge the new White House faces from foreign actors.The Hill
March 8, 2021
How Europe’s Intelligence Services Aim to Avoid the EU’s Highest Court—and What It Means for the United States Full Text
Abstract
The United States now finds itself forced to consider changes to its foreign surveillance law and practices in order to reestablish a stable basis for transatlantic transfers of personal data.Lawfare
March 08, 2021
CISA takes over .GOV top-level domain (TLD) administration Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) is taking over the administration of the.gov top-level domain (TLD) as its new policy and management authority.BleepingComputer
March 8, 2021
U.S. DOJ warns of fake unemployment benefit websites stealing data Full Text
Abstract
According to a press release issued on March 5, the department said that it received reports that there were certain bad actors who were creating fake websites which copied the websites of SWAs.Hackread
March 7, 2021
Microsoft Server Flaws Raise Alarms at White House, DHS Full Text
Abstract
Newly discovered flaws in Microsoft Corp.’s software for email and contacts has raised concerns at the highest levels of the U.S. government, which is urging users to immediately apply patches.BNN Bloomberg
March 6, 2021
Government briefed on breach of at least 30,000 Microsoft Exchange Servers Full Text
Abstract
The latest details confirm a trend SC Media reported earlier in the week, that security investigators were finding substantially more instances of breached Microsoft Exchange servers than Microsoft’s original report of “limited and targeted” attacks may have let on.SCMagazine
March 5, 2021
White House says Microsoft email hackers have ‘large number of victims’ Full Text
Abstract
Microsoft said this week that targets included infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and non-governmental groups.Reuters
March 5, 2021
U.S. DoD Weapons Programs Lack ‘Key’ Cybersecurity Measures Full Text
Abstract
The lack of cybersecurity requirements in weapons contracts from the Department of Defense opens the door for dangerous cyberattacks.Threatpost
March 05, 2021
White House calls Microsoft email breach an ‘active threat’ Full Text
Abstract
White House press secretary Jen Psaki said Friday that the Biden administration is closely following the breach of a Microsoft email application, reportedly carried out by Chinese hackers, calling it an “active threat” with a “large number of victims.”The Hill
March 5, 2021
GAO report finds DOD’s weapons programs lack clear cybersecurity guidelines Full Text
Abstract
In a new report released Thursday, the GAO said the Department of Defense fails to communicate clear cybersecurity guidelines to contractors tasked with building systems for its weapons programs.ZDNet
March 04, 2021
Senate includes nearly $2 billion in cyber, tech funds to COVID-19 bill Full Text
Abstract
The Senate included close to $2 billion for federal cybersecurity and technology modernization programs in its version of President Biden’s proposed COVID-19 relief package.The Hill
March 04, 2021
Senators introduce bill creating technology partnerships to compete with China Full Text
Abstract
Senate Intelligence Committee Chairman Mark Warner (D-Va.) and a coalition of bipartisan senators on Thursday introduced legislation intended to help the U.S. create international partnerships on emerging technologies to better compete with China.The Hill
March 4, 2021
NSA, CISA, issue guidance on Protective DNS services Full Text
Abstract
The information sheet offers a list of providers, but NSA and CISA were clear that the federal agencies do not endorse one provider over another.SCMagazine
March 4, 2021
CISA Orders Federal Agencies to Patch Exchange Servers Full Text
Abstract
Espionage attacks exploiting the just-patched remote code-execution security bugs in Microsoft Exchange servers are quickly spreading.Threatpost
March 4, 2021
CISA emergency directive urges to fix Microsoft Exchange zero-days Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive related to recently fixed Microsoft Exchange zero-days. The US Cybersecurity and Infrastructure Security Agency (CISA) has issued the Emergency Directive...Security Affairs
March 04, 2021
DHS orders agencies to urgently patch or disconnect Exchange servers Full Text
Abstract
The Department of Homeland Security's cybersecurity unit has ordered federal agencies to urgently update or disconnect Microsoft Exchange on-premises products on their networks.BleepingComputer
March 4, 2021
CISA Official Calls for Update of Identity Management Guidance in Wake of SolarWinds Compromise Full Text
Abstract
“Our takeaway from this at CISA's space is that identity is everything now,” Jay Gazlay said, noting that level of success the adversary achieved with tactics like password spraying was not normal.Nextgov
March 04, 2021
CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws Full Text
Abstract
Following Microsoft's release of out-of-band patches to address multiple zero-day flaws in on-premises versions of Microsoft Exchange Server, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive warning of " active exploitation " of the vulnerabilities. The alert comes on the heels of Microsoft's disclosure that China-based hackers were exploiting unknown software bugs in Exchange server to steal sensitive data from select targets, marking the second time in four months that the U.S. has scrambled to address a widespread hacking campaign believed to be the work of foreign threat actors. While the company mainly attributed the campaign to a threat group called HAFNIUM, Slovakian cybersecurity firm ESET said it found evidence of CVE-2021-26855 being actively exploited in the wild by several cyber espionage groups, including LuckyMouse, Tick, and Calypso targeting servers located in the U.S., Europe, Asia, and theThe Hacker News
March 03, 2021
Federal agencies ordered to patch systems immediately following flaw in Microsoft app Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday ordered federal agencies to immediately investigate, patch or disconnect their systems from a Microsoft email application after the company discovered a vulnerability exploited by Chinese hackers.The Hill
March 03, 2021
Blinken vows renewed focus on emerging tech after hack Full Text
Abstract
Secretary of State Antony Blinken on Wednesday vowed that the U.S. will prioritize positioning itself as a global leader on technology to shore up its national security defenses, particularly following the recent breach of the federal government known as the SolarWinds hack.The Hill
March 3, 2021
ENISA and CERT-EU to improve the EU cybersecurity framework Full Text
Abstract
The Head of CERT-EU, Saâd Kadhi, said: “We are proud of this achievement, which sets the path for a greater collaboration between our two organisations, to better serve our respective constituencies.Help Net Security
March 02, 2021
Senate confirms Biden Commerce secretary pick Gina Raimondo Full Text
Abstract
The Senate confirmed Gina Raimondo as Commerce secretary on Tuesday in a broad bipartisan vote despite early GOP efforts to block her nomination.The Hill
March 02, 2021
Wray hints at federal response to SolarWinds hack Full Text
Abstract
FBI Director Christopher Wray on Tuesday hinted at the planned federal response to what has become known as the SolarWinds hack, stressing that confronting foreign attacks in cyberspace would be “a long, hard slog.”The Hill
March 02, 2021
Government watchdog finds federal cybersecurity has ‘regressed’ in recent years Full Text
Abstract
Federal cybersecurity has "regressed" since 2019 due to factors including the lack of centralized cyber leadership at the White House, the Government Accountability Office (GAO) said in a report released Tuesday.The Hill
March 2, 2021
Hearing on Hack Prompts Call for Review of Government’s Cloud Procurement Full Text
Abstract
A key lawmaker highlighted a profit motive for “basic” cybersecurity as problematic, following an exchange with Microsoft President Brad Smith at a Congressional hearing Friday.Nextgov
March 1, 2021
NSA embraces the Zero Trust Security Model Full Text
Abstract
The National Security Agency (NSA) published a document to explain the advantages of implementing a zero-trust model. The National Security Agency (NSA) recently published a document to explain the benefits of adopting a zero-trust model, and advice...Security Affairs
February 28, 2021
Foreign perpetrators among fraudsters shamming state’s unemployment systems Full Text
Abstract
State governments plan to update their security systems as they prepare for a new round of enhanced unemployment payments in an attempt to barr fraudsters from around the world believed to have already obtained billions of dollars from pandemic jobless aid.The Hill
February 26, 2021
Lawmakers blame SolarWinds on ‘collective failure’ to prioritize cybersecurity Full Text
Abstract
The leaders of the House Homeland Security Committee on Friday will call for immediate changes to how Congress handles cybersecurity in the wake of a massive hack of the federal government, blaming the breach on a “collective failure" to prioritize cybersecurity.The Hill
February 26, 2021
Senate SolarWinds Hearing: 4 Key Issues Raised Full Text
Abstract
The Senate Intelligence Committee's hearing Tuesday about the SolarWinds supply chain attack answered some questions about what went wrong but also raised four key issues.Bank Info Security
February 25, 2021
DHS Secretary Mayorkas announces new initiative to fight ‘epidemic’ of cyberattacks Full Text
Abstract
Homeland Security Secretary Alejandro Mayorkas on Thursday announced new funding and initiatives to prioritize the nation’s cybersecurity, particularly in order to confront what he described as an “epidemic” of ransomware attacks.The Hill
February 25, 2021
Vietnam Spying on its Dissenters Full Text
Abstract
Vietnam-linked Ocean Lotus was found involved in a cyberespionage campaign on the country’s human rights defenders and a nonprofit organization that continued for roughly three years.Cyware Alerts - Hacker News
February 25, 2021
Iraqi MP Suffers Online Extortion Full Text
Abstract
Intimidation campaign against senior Iraqi MP leads to arrests in Australia and CanadaInfosecurity Magazine
February 25, 2021
Facebook Takes Out Myanmar Military After Bloody Coup Full Text
Abstract
Tatmadaw-incited violence and disinformation force social network’s handInfosecurity Magazine
February 25, 2021
The big takeaway from the Senate’s SolarWinds hearing Full Text
Abstract
Intel sharing on malicious actors is a key component of fighting the bad guys, with both Microsoft and FireEye calling for the government to consider mandatory disclosure of significant breaches.Axios
February 25, 2021
Government Handling of Zero-Days: More Sunlight, Fewer Shadows Full Text
Abstract
Governments require carefully structured, transparent, and holistic decision-making frameworks tailored to their respective institutional contexts to handle high-value vulnerabilities with care.cyber Threat Alliance
February 25, 2021
U.S. municipalities are the perfect target for cybercriminals in 2021 Full Text
Abstract
For cybercriminals looking for vulnerable targets, local governments and municipalities with lax remote work security protocols are perfect targets for ransomware and other malicious actions.Help Net Security
February 24, 2021
Biden CIA pick pledges to confront China if confirmed, speak ‘truth to power’ Full Text
Abstract
William Burns, President BidenJoe BidenHoyer: House will vote on COVID-19 relief bill Friday Pence huddles with senior members of Republican Study Committee Powell pushes back on GOP inflation fears MORE’s pick to lead the Central Intelligence Agency (CIA), had his first appearance before lawmakers Wednesday, where he pledged to ramp up the agency’s response to China while tackling a wide range of ongoing threats.The Hill
February 24, 2021
SolarWinds, Microsoft, FireEye, CrowdStrike defend actions in major hack - U.S. Senate hearing Full Text
Abstract
One of the worst hacks yet discovered had an impact on all four. SolarWinds and Microsoft programs were used to attack others and the hack struck at about 100 U.S. companies and nine federal agencies.Reuters
February 24, 2021
How the National Cyber Director Position Is Going to Work: Frequently Asked Questions Full Text
Abstract
Two members of the Cyberspace Solarium Commission answer questions about the new position.Lawfare
February 23, 2021
Biden administration to respond to Russian hacking, poisoning in ‘weeks not months’ Full Text
Abstract
The Biden administration is preparing to take action against Russia for actions including a massive hack of the federal government and the poisoning of a Russian opposition leader in “weeks, not months," White House press secretary Jen Psaki said Tuesday.The Hill
February 23, 2021
Senate Intelligence Holds Hearing on the SolarWinds Breach Full Text
Abstract
On Tuesday, February 23, 2020, at 2:30 p.m., the Senate Intelligence Committee will hold a hearing on the recent hack of U.S. networks by a foreign adversary. The committee will hear testimony from Kevin Mandia, CEO of Fireye; Sudhakar Ramakrishna, CEO of SolarWinds; Brad Smith, president of Microsoft; and George Kurtz, president and CEO of Crowdstrike.You can watch a livestream of the hearing here or below:Lawfare
February 23, 2021
Federal Laws and Grants Are Insufficient to Combat Against Cyber Threats Full Text
Abstract
The coronavirus pandemic has been a boon for malicious cyber actors who engage in criminal activity.Lawfare
February 23, 2021
Hearings examine consequences of massive SolarWinds breach Full Text
Abstract
The massive Russian hacking incident that has become known as the SolarWinds breach will be in the spotlight on Capitol Hill this week as multiple House and Senate panels examine the extent of what is likely the largest cyber breach in U.S. history.The Hill
February 23, 2021
Lawmakers to roll out legislation reorganizing State cyber office Full Text
Abstract
A group of bipartisan lawmakers led by House Foreign Affairs Committee ranking member Michael McCaul (R-Texas) will reintroduce legislation Tuesday intended to increase the ability of the State Department to address international cybersecurity cooperation issues.The Hill
February 23, 2021
NY Department of Financial Services Issues Cyber Fraud Alert to Regulated Entities Using Instant Quote Websites Full Text
Abstract
The NYDFS learned of the threat after receiving reports from auto insurers that cybercriminals were targeting their premium quote sites to steal driver’s license numbers.The National Law Review
February 23, 2021
FBI Issued a Warning About the Risks of Telephony denial-of-service (TDoS) Full Text
Abstract
The Federal Bureau of Investigation (FBI) has issued a notification last week alerting all about the effects of a TDOS attack and...Cyber Security News
February 22, 2021
DHS announces new measures to boost nation’s cybersecurity Full Text
Abstract
The Department of Homeland Security (DHS) on Monday announced a range of steps it will take to bolster the nation’s cybersecurity posture, including increasing funding for key cybersecurity issues.The Hill
February 20, 2021
The US Government is going to respond to the SolarWinds hack very soon Full Text
Abstract
The US is going to respond to the SolarWinds supply chain attack within weeks, national security adviser Jake Sullivan told CNN. The US will respond within weeks to the devastating SolarWinds supply cyber attack, national security adviser Jake Sullivan...Security Affairs
February 19, 2021
‘If you wait for government, you’re going to be waiting a long time’: A look at Biden’s cyber funding Full Text
Abstract
How much of Biden’s promised funding for cyber will support small and medium businesses? Tugboat Logic CEO Ray Kruck offers tips for managing the risk in the meantime.SCMagazine
February 19, 2021
Biden calls for creating ‘rules’ on cyber, tech to combat China and Russia threats Full Text
Abstract
President Biden on Friday called on the United States and other democratic nations to shape the “rules of the road” on cybersecurity and tech issues, particularly as part of efforts to confront China and Russia.The Hill
February 18, 2021
Senate Intelligence panel to hold hearing on SolarWinds breach next week Full Text
Abstract
The Senate Intelligence Committee will hold a hearing on the massive Russian breach of the federal government that has become known as the SolarWinds hack next week in one of the first major congressional hearings on the issue.The Hill
February 18, 2021
Congress’s IT Infrastructure Is a Disaster Waiting to Happen—Here’s How to Start Fixing It Full Text
Abstract
Over a month after the insurrection, the significance of the cybersecurity-related damage remains unknown. Congress should take this moment as an opportunity to shore up the Capitol's digital systems.Lawfare
February 17, 2021
Hillicon Valley: Biden to take ‘executive action’ to address SolarWinds breach | Facebook and Google respond to Australian proposed law | DOJ charges North Korean hackers with stealing $1.3 billion in cryptocurrency Full Text
Abstract
Biden will be rolling out action to address cybersecurity following the recent Russian hack, while the Justice Department announced major indictments against North Korean hackers. Meanwhile, Silicon Valley’s eyes were on an Australian proposal today, with Facebook announcing it would restrict news content in the country and Google reaching a deal to pay News Corp to distribute content. In other news, you win some, you Zoom some.The Hill
February 17, 2021
The U.S. Needs a Cyber State of Distress to Withstand the Next SolarWinds Full Text
Abstract
The SolarWinds hack exposed shortcomings in the U.S. government’s capacity to respond to cyberattacks. In a hard-hitting, far-reaching, and nearly undetectable attack, the perpetrators behind the SolarWinds intrusion secretly inserted malicious code into a software update and subsequently programmed it to appear legitimate.Lawfare
February 17, 2021
Hassan to chair Senate emerging threats subcommittee Full Text
Abstract
Sen. Maggie Hassan (D-N.H.) will chair the Senate Homeland Security and Governmental Affairs Committee’s subcommittee focused on national security threats and spending oversight, committee leaders announced Wednesday.The Hill
February 17, 2021
Biden to take ‘executive action’ to address SolarWinds breach Full Text
Abstract
President Biden will soon take executive action in response to the alleged Russian hack of at least nine federal agencies, according to a White House official.The Hill
February 17, 2021
Senate Intel leader demands answers on Florida water treatment center breach Full Text
Abstract
Senate Intelligence Committee Chairman Mark Warner (D-Va.) on Wednesday demanded answers around the investigation into the recent attempt by a hacker to breach and poison the water supply in a Florida city.The Hill
February 17, 2021
China requiring bloggers to obtain government credentials Full Text
Abstract
The Chinese government is launching new rules requiring bloggers and online influencers to acquire state credentials in order to publish content on certain topics, including politics, health and economics.The Hill
February 17, 2021
NIST Issues ‘Foundational Profile’ for Secure GPS Use Full Text
Abstract
The NIST released new guidance based on its cybersecurity framework toward satisfying an executive order on securely using position, navigation, and timing services like the GPS.Nextgov
February 16, 2021
‘Everyone’s half asleep, and bosses don’t want trouble’: The struggle to secure utilities Full Text
Abstract
Padraic O’Reilly, co-founder of cyber risk firm CyberSaint, shared insights with SC Media, about the struggles faced by water plants, energy companies and other utilities to assess cyber risk and prevent cyberattacks.SCMagazine
February 16, 2021
Federal cyber agency gets deputy director after months-long vacancy Full Text
Abstract
Nitin Natarajan on Tuesday was appointed the deputy director of the Cybersecurity and Infrastructure Security Agency (CISA), building back the agency’s leadership months after its top leaders were forced to step down.The Hill
February 15, 2021
Langevin hopeful new Armed Services panel will shine new spotlight on cybersecurity Full Text
Abstract
Rep. Jim Langevin (D-R.I.), the newly minted chairman of the House Armed Services Committee’s new cybersecurity subcommittee, is looking to bring a new spotlight to the nation’s defensive cyber capabilities and international cyber diplomacy.The Hill
February 15, 2021
Post Office Announces New Digital ID Solutions Full Text
Abstract
Customers will be able to conduct transactions more easily and securelyInfosecurity Magazine
February 12, 2021
Water plant’s missteps illustrates need for critical infrastructure security controls Full Text
Abstract
Before implementing controls, facilities may first need to conduct a thorough risk assessment and prioritization exercise. And if they don’t start to apply some of these measures themselves, government just might step in.SCMagazine
February 12, 2021
South Carolina looks to align cyber ecosystem, economic growth Full Text
Abstract
South Carolina becomes the latest region to invest in cybersecurity capacity as foundational to grow the economy, coordinating opportunities from across state government, multiple state universities, local industry, and critical infrastructure.SCMagazine
February 12, 2021
Anne Neuberger coordinating Biden’s SolarWinds efforts Full Text
Abstract
The announcement came after Sens. Mark Warner, D-Va., and Marco Rubio, R-Fla., sent a letter to the U.S. intelligence services asking them to assign a leader for the response.SCMagazine
February 11, 2021
Researchers Uncover Android Spying Campaign Targeting Pakistan Officials Full Text
Abstract
Two new Android surveillanceware families have been found to target military, nuclear, and election entities in Pakistan and Kashmir as part of a pro-India, state-sponsored hacking campaign. Dubbed Hornbill and Sunbird, the malware impersonates legitimate or seemingly innocuous services to cover its tracks, only to stealthily collect SMS, encrypted messaging app content, and geolocation, among other types of sensitive information. The findings published by Lookout is the result of an analysis of 18GB of exfiltrated data that was publicly exposed from at least six insecurely configured command-and-control (C2) servers located in India. "Some notable targets included an individual who applied for a position at the Pakistan Atomic Energy Commission, individuals with numerous contacts in the Pakistan Air Force (PAF), as well as officers responsible for electoral rolls (Booth Level Officers) located in the Pulwama district of Kashmir," the researchers said in a Wednesday anaThe Hacker News
February 11, 2021
India Calls Out Twitter for Differential Treatment Full Text
Abstract
Indian government slams micro-blogging company for “double standards” over violence at Red Fort and Capitol HillInfosecurity Magazine
February 11, 2021
Biden to sign executive order addressing chip shortage Full Text
Abstract
President Biden is planning to sign an executive order to address the shortage of semiconductors, or chips, an issue that industry has begged him to take action on recently.The Hill
February 11, 2021
Illinois Is State Hit Hardest by Cybercrime Full Text
Abstract
Illinois has the highest concentration of cybercrime victims in the United StatesInfosecurity Magazine
February 11, 2021
UK Govt Reveals Plans to Build Trust in Use of Digital Identities Full Text
Abstract
Public invited to contribute to draft rules around data protection, security and inclusivityInfosecurity Magazine
February 11, 2021
FBI Warns About the Use of TeamViewer, Out-of-date Windows 7 Systems Following the Oldsmar Incident Full Text
Abstract
The alert warns about the use of out-of-date Windows 7 systems, poor passwords, and TeamViewer, urging private companies and government agencies to review internal networks and access policies.ZDNet
February 10, 2021
Old Iranian Spying Operation Resumes After Long Break Full Text
Abstract
The new malware, security researchers say, appears to have been designed to expand the capabilities of Foudre, but released as a separate component, most probably to be deployed only when needed.Security Week
February 10, 2021
CISA, SolarWinds up interest in security scoring Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) recently included security ratings or scoring as part of its cyber risk reduction initiative. But what’s behind the numbers? Sachin Bansal, general counsel at SecurityScorecard, spoke with SC Media about ratings, and how they can be used to strengthen the supply chain, determine cyber insurance premiums and as…SCMagazine
February 10, 2021
US Coast Guard orders maritime facilities to report SolarWinds breaches Full Text
Abstract
The U.S. Coast Guard (USCG) has ordered MTSA-regulated facilities and vessels using SolarWinds software for critical functions to report security breaches in case of suspicions of being affected by the SolarWinds supply-chain attack.BleepingComputer
February 10, 2021
Krebs, other officials urge Congress to take strong action to tamp down cyber threats Full Text
Abstract
Christopher Krebs, the nation’s former top cybersecurity official, and other officials pushed hard Wednesday for taking a strong stance against malicious hackers in the wake of a devastating cyberattack on the federal government.The Hill
February 10, 2021
Katko calls for bipartisanship on cyber issues as threats intensify Full Text
Abstract
Rep. John Katko (R-N.Y.) says he is looking to shine a bipartisan spotlight on cybersecurity concerns as the newly appointed ranking member of the House Homeland Security Committee.The Hill
February 10, 2021
Krebs: Oldsmar water treatment plant’s security is ‘rule, not the exception’ Full Text
Abstract
The former director of the Cybersecurity and Infrastructure Security Agency suggested a multipronged approach to shoring up municipal utilities, including adding funding to update aging technology.SCMagazine
February 10, 2021
Election commission approves new guidelines to secure, update voting equipment Full Text
Abstract
A federal election commission on Wednesday approved new national guidelines to overhaul voting equipment standards, including boosting security, privacy and the use of paper ballots as well as the auditing of election results.The Hill
February 10, 2021
Watch live: Trump cybersecurity chief Krebs testifies before House panel Full Text
Abstract
Christopher Krebs, former President Trump's top cybersecurity official, will testify before the House Homeland Security Committee on Wednesday on threats facing the U.S.The Hill
February 10, 2021
New cyber panel chair zeros in on election security, SolarWinds hack Full Text
Abstract
Rep. Yvette Clarke (D-N.Y.), the new chair of the House Homeland Security Committee’s cyber panel, said she plans to tackle a wide range of cybersecurity challenges, but with an early focus on bolstering election security and responding to a massive hack that has compromised much of the federal government.The Hill
February 09, 2021
Senators ask federal officials to designate leader in ‘disorganized’ SolarWinds response Full Text
Abstract
Senate Intelligence Committee Chairman Mark Warner (D-Va.) and Vice Chairman Marco RubioMarco Antonio RubioThe GOP's impeachment 'prisoner's dilemma' Lawmakers wager barbecue, sweets and crab claws ahead of Super Bowl Republican 2024 hopefuls draw early battle lines for post-Trump era MORE (R-Fla.) on Tuesday criticized the “disorganized” federal response to the recently uncovered Russian hack of IT group SolarWinds, calling for agencies to designate a leader.The Hill
February 09, 2021
Huawei founder doubts Biden will lift sanctions Full Text
Abstract
The founder of Chinese tech giant Huawei said Tuesday that he does not expect the Biden administration to lift sanctions imposed on the company under former President Trump.The Hill
February 08, 2021
Detailed: Here’s How Iran Spies on Dissidents with the Help of Hackers Full Text
Abstract
Twin cyber operations conducted by state-sponsored Iranian threat actors demonstrate their continued focus on compiling detailed dossiers on Iranian citizens that could threaten the stability of the Islamic Republic, including dissidents, opposition forces, and ISIS supporters, and Kurdish natives. Tracing the extensive espionage operations to two advanced Iranian cyber-groups Domestic Kitten (or APT-C-50) and Infy , cybersecurity firm Check Point revealed new and recent evidence of their ongoing activities that involve the use of a revamped malware toolset as well as tricking unwitting users into downloading malicious software under the guise of popular apps. "Both groups have conducted long-running cyberattacks and intrusive surveillance campaigns which target both individuals' mobile devices and personal computers," Check Point researchers said in a new analysis. "The operators of these campaigns are clearly active, responsive and constantly seeking new attThe Hacker News
February 5, 2021
South Carolina Plans Cyber-Ecosystem Full Text
Abstract
University partners with state government to improve South Carolina’s cyber-capabilities under one umbrellaInfosecurity Magazine
February 04, 2021
Cruz blocks vote on Biden Commerce secretary nominee over Huawei concerns Full Text
Abstract
Sen. Ted Cruz (R-Texas) on Thursday formally placed a hold on the Senate voting on the nomination of Gina RaimondoGina RaimondoOn The Money: Biden commits to ,400 checks, but open to eligibility limits | House approves budget resolution for COVID-19 package | McConnell seeks to inflict political pain on budget votes Hillicon Valley: Federal cyber agency reevaluating role in countering election disinformation | Senate panel advances Biden's Commerce secretary pick | House Armed Services panel establishes new cybersecurity panel GOP warns Biden nominees on hold until after impeachment MORE, President Biden’s pick for Commerce secretary, due to concerns Raimondo has not clarified her stance on Chinese telecom giant Huawei.The Hill
February 4, 2021
US DARPA bug bounty helps strengthen military research agency’s security defenses Full Text
Abstract
The US Defense Advanced Research Projects Agency (DARPA) has reported back on its first ever security bug bounty program, saying the scheme has highlighted strengths as well as weaknesses.The Daily Swig
February 04, 2021
Biden: US taking ‘urgent’ steps to improve cybersecurity Full Text
Abstract
President Biden said Thursday that his administration is launching an “urgent initiative” to improve the nation’s cybersecurity, pointing to concerns around malign efforts by Russia and China.The Hill
February 4, 2021
DOD to Try Out Its Vulnerability Disclosure Program with Contractors Full Text
Abstract
The DoD’s Cyber Crime Center will soon be accepting applications for a limited number of companies within the defense industrial base to benefit from security researchers already working for it.Nextgov
February 03, 2021
House Armed Services panel establishes new cybersecurity subcommittee Full Text
Abstract
House Armed Services Committee Chairman Adam Smith (D-Wash.) and Rep. Jim LangevinJames (Jim) R. LangevinThe next pandemic may be cyber — How Biden administration can stop it Hillicon Valley: Parler sues Amazon, asks court to reinstate platform | Twitter stock falls after Trump ban | Facebook pauses political spending in wake of Capitol attack Cyber czar to draw on new powers from defense bill MORE (D-R.I.) on Wednesday announced the establishment of a new cybersecurity-focused subcommittee on the panel.The Hill
February 03, 2021
Federal cyber agency reevaluating its role in countering election disinformation Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA), the key federal group responsible for election security, is reevaluating its role in countering disinformation and misinformation after the agency stood up a web page to address misleading election claims last year.The Hill
February 3, 2021
Singapore assessing WhatsApp privacy policy change, not ‘adversely affected’ in SolarWinds breach Full Text
Abstract
Government reveals there has been no indication its systems or the country's critical information infrastructures have been severely impacted by the SolarWinds supply chain breach.ZDNet
February 03, 2021
Senate panel advances Biden’s Commerce secretary pick in 21-3 vote Full Text
Abstract
The Senate Commerce Committee on Wednesday advanced President Biden’s nominee to lead the Commerce Department, Gina Raimondo, in a broadly bipartisan 21-3 vote.The Hill
February 3, 2021
US Payroll Agency Targeted in Separate SolarWinds Attack - Report Full Text
Abstract
Suspected Chinese attackers exploited since-patched Orion bugInfosecurity Magazine
February 3, 2021
The Transition to TIC 3.0: Ensuring Agency Readiness for Network Modernization Full Text
Abstract
The recent sophisticated attacks on multiple federal agencies by nation-state hackers demonstrate that new approaches are required to protect federal networks and IT infrastructures.Nextgov
February 02, 2021
US payroll agency targeted by Chinese hackers: report Full Text
Abstract
A federal payroll agency was targeted by suspected Chinese hackers who exploited a flaw within SolarWinds software, Reuters reported on Tuesday, citing five people familiar with the matter.The Hill
February 2, 2021
State auditor’s office clashes with file transfer service provider after breach Full Text
Abstract
The Accellion product was near end of life at the time of the breach. Should customers have switched sooner?SCMagazine
February 02, 2021
Officials applaud confirmation of Mayorkas as DHS secretary over cybersecurity concerns Full Text
Abstract
Key cyber-focused members of Congress and other officials on Tuesday applauded the Senate confirmation of Alejandro Mayorkas as secretary of the Department of Homeland Security (DHS), citing the need for his leadership following the hack of IT group SolarWinds.The Hill
February 02, 2021
House Republicans urge Senate to block vote on Commerce secretary over Huawei Full Text
Abstract
A coalition of House Republicans on Tuesday urged their Senate colleagues to place a hold on Gina Raimondo, President Biden’s nominee for Commerce secretary, arguing that she has not clarified her stance on Chinese telecommunications giant Huawei.The Hill
February 01, 2021
Intel agency warns of threats from China collecting sensitive US health data Full Text
Abstract
The National Counterintelligence and Security Center (NCSC) on Monday warned that efforts by the Chinese government to obtain U.S. health data, particularly DNA, through hacking and other means had been stepped up during the COVID-19 pandemic.The Hill
February 1, 2021
SolarWinds Hack Prompts Congress to Put NSA in Encryption Hot Seat Full Text
Abstract
Congress is demanding the National Security Agency come clean on what it knows about the 2015 supply-chain attack against Juniper Networks.Threatpost
February 1, 2021
CISA Says Many Victims of SolarWinds Hackers Had No Direct Link to SolarWinds Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) says many of the victims of the threat group that targeted Texas-based IT management firm SolarWinds were not directly linked to SolarWinds.Security Week
January 31, 2021
New State Department cyber bureau stirs opposition Full Text
Abstract
A newly established State Department bureau focused on cybersecurity and emerging technologies could give the Biden administration a launch pad for strengthening ties with allies after a massive Russian hack on the federal government.The Hill
January 29, 2021
Lawmakers grill NSA on years-old breach in the wake of massive Russian hack Full Text
Abstract
A group of House and Senate Democrats led by Sens. Ron Wyden (D-Ore.) and Cory BookerCory BookerNew sitcom follows 'The Rock' as he runs for president in 2032 What the shift in Senate control means for marijuana policy reform Democrats seek answers on impact of Russian cyberattack on Justice Department, Courts MORE (D-N.J.) this week grilled the National Security Agency (NSA) on a years-old breach of a company that potentially compromised the federal government in a similar way to the recently uncovered breach of IT group SolarWinds.The Hill
January 28, 2021
Democrats introduce measure to boost privacy, security of health data during pandemic Full Text
Abstract
A group of Democratic lawmakers in the House and Senate on Thursday introduced legislation intended to increase the privacy and security of personal health data collected in connection to the COVID-19 pandemic.The Hill
January 28, 2021
US Launches Global Action Against NetWalker Full Text
Abstract
America goes after group that made millions selling ransomware-as-a-serviceInfosecurity Magazine
January 27, 2021
McCaul urges senators to block vote on Commerce secretary over Huawei concerns Full Text
Abstract
Rep. Michael McCaul (R-Texas), ranking member on the House Foreign Affairs Committee, on Wednesday called on the Senate to block a vote to confirm Gina RaimondoGina RaimondoBiden's Cabinet gradually confirmed by Senate Hillicon Valley: Raimondo wades into 230 debate | Google cuts donations to election result deniers | House GOP unveils tech plan Rep. Rodgers outlines GOP 'Big Tech Accountability Platform' MORE, President's Biden nominee for Commerce secretary, over concerns about her stance on Chinese telecommunications group Huawei.The Hill
January 27, 2021
Biden’s cyber priorities zero in on Russian hack Full Text
Abstract
President Biden and his administration have hit the ground running on cybersecurity during his first week in office, with a particular emphasis on addressing the recent Russian hack that hit the federal government and major U.S. companies.The Hill
January 27, 2021
UK Spies Called on to Help in Fraud Fight Full Text
Abstract
RUSI report warns of government “responsibility vacuum”Infosecurity Magazine
January 26, 2021
Biden administration appoints Chris DeRusha as federal CISO Full Text
Abstract
The Biden administration has picked Chris DeRusha, the former top cyber official on the Biden campaign, to fill the role of federal chief information security officer.The Hill
January 26, 2021
Senate committee advances Biden’s DHS pick despite Republican pushback Full Text
Abstract
The Senate Homeland Security and Governmental Affairs Committee advanced President Joe Biden’s pick to lead the Department of Homeland Security (DHS) despite a push by Republicans to stall the nomination.The Hill
January 26, 2021
Russian hack of US agencies exposed supply chain weaknesses Full Text
Abstract
The elite Russian hackers who gained access to computer systems of federal agencies last year didn't bother trying to break one by one into the networks of each department.The Times Of India
January 25, 2021
Speed of White House cyber appointments should make CISOs ‘a bit more confident’ Full Text
Abstract
The appointments and presumed future appointments draw heavily from people with public sector experience, a move that some praise and others criticize as a failure to consider private sector expertise.SCMagazine
January 25, 2021
Breaking Down Joe Biden’s $10B Cybersecurity ‘Down Payment’ Full Text
Abstract
Tom Kellermann, head of cybersecurity strategy for VMware Carbon Black, talks about the top security challenges facing the US government as a new presidential administration steps in.Threatpost
January 25, 2021
Outgoing FCC Chair Issues Final Security Salvo Against China Full Text
Abstract
Ajit Pai says Chinese telecom companies ‘biggest national security threat’ for regulators in exit interview.Threatpost
January 25, 2021
India: Chinese cyber actors target telecom to breach security, firewall ready in 6 months Full Text
Abstract
The Indian government seems determined to implement the new security directives in the telecom sector, cleared by the Cabinet Committee on Security (CCS), within the next six months.The Times Of India
January 25, 2021
Russian Government Agency Warns Firms of US Attack Full Text
Abstract
Alarmist security notice talks of Biden reprisals for SolarWinds campaignInfosecurity Magazine
January 23, 2021
Russian government warns of US retaliatory cyberattacks Full Text
Abstract
The Russian government has issued a security warning to organizations in Russia about possible retaliatory cyberattacks by the USA for the SolarWinds breach.BleepingComputer
January 23, 2021
Biden hires ‘world class’ cybersecurity team after massive hack Full Text
Abstract
President Joe Biden is hiring a group of national security veterans with deep cyber expertise, drawing praise from former defense officials and investigators as the US government works to recover from one of the biggest hacks of its agencies..Al Jazeera
January 23, 2021
FSB warns of US cyberattacks after Biden administration comments Full Text
Abstract
The Russian government has issued a security alert warning Russian businesses of potential cyberattacks launched by the United States in response to the SolarWinds incident.ZDNet
January 22, 2021
After big hack of U.S. government, Biden enlists ‘world class’ cybersecurity team Full Text
Abstract
President Joe Biden is hiring a group of national security veterans with deep cyber expertise, drawing praise from former defense officials, investigators, and cyber experts.Reuters
January 22, 2021
FSB warns Russian businesses of cyber attacks as retaliation for SolarWinds hack Full Text
Abstract
Russian authorities are alerting Russian organizations of potential cyberattacks launched by the United States in response to SolarWinds attack. The Russian intelligence agency FSB has issued a security alert this week warning Russian organizations...Security Affairs
January 22, 2021
Democrats seek answers on impact of Russian cyberattack on Justice Department, Courts Full Text
Abstract
A group of Senate Democrats led by Sen. Richard Blumenthal (Conn.) this week sought to get answers on the impact of the recently discovered breach of IT group SolarWinds on the Department of Justice (DOJ) and the U.S. Courts (AO), both of which were compromised.The Hill
January 21, 2021
SolarWinds Attack, Cyber Supply Chain Among Priorities for Biden Administration Full Text
Abstract
During Senate confirmation hearings, President Joe Biden's nominees for Secretary of Homeland Security and Director of National Intelligence pledged to focus on cybersecurity.Dark Reading
January 21, 2021
Michael Sulmeyer, who held cyber posts under Trump and Obama, gets Biden White House gig Full Text
Abstract
Michael Sulmeyer, a senior adviser to National Security Agency and U.S. Cyber Command leader Gen. Paul Nakasone, will take the position of senior director for cyber in the Biden White House.Cyberscoop
January 20, 2021
US Marines Create “Blue Team” Full Text
Abstract
Marine Corps establishes adversarial cyber-assessment "Blue Team"Infosecurity Magazine
January 20, 2021
Trump pardons ex-Google, Uber engineer who plead guilty to stealing trade secrets Full Text
Abstract
President Trump early Wednesday pardoned former Google and Uber engineer Anthony Levandowski, who was indicted in 2019 for stealing trade secrets from Google’s self-driving cars program.The Hill
January 19, 2021
Biden DHS, Intel picks stress need to prioritize cybersecurity after SolarWinds hack Full Text
Abstract
President-elect Joe Biden’s nominees to serve as secretary of the Department of Homeland Security (DHS) and as director of national intelligence (DNI) both said Tuesday that if confirmed they will make a priority out of bolstering the nation’s cybersecurity.The Hill
January 19, 2021
Rob Joyce to Take Over as NSA Cybersecurity Director Full Text
Abstract
Joyce will replace Anne Neuberger, who is now deputy national security advisor for the incoming Biden administration.Threatpost
January 19, 2021
Former Trump intel chief Coats introduces Biden nominee Haines at hearing Full Text
Abstract
Former Director of National Intelligence Dan Coats, who served under President TrumpDonald TrumpGiuliani used provisional ballot to vote in 2020 election, same method he disparaged in fighting to overturn results Trump gets lowest job approval rating in final days as president Fox News' DC managing editor Bill Sammon to retire MORE, on Tuesday introduced Avril Haines, President-elect Joe BidenJoe BidenWoman accused of trying to sell Pelosi laptop to Russians arrested Trump gets lowest job approval rating in final days as president Trump moves to lift coronavirus travel restrictions on Europe, Brazil MORE’s nominee to serve as DNI, at her Senate confirmation hearing.The Hill
January 19, 2021
U.S. National Cybersecurity Plan to Safeguard Maritime Sector Full Text
Abstract
The U.S Government released on January 5, 2021, a cybersecurity plan to secure the nation’s maritime sector against cybersecurity threats that could endanger national security.Tripwire
January 18, 2021
NSA Appoints Cyber Director Full Text
Abstract
America’s National Security Agency confirms Rob Joyce as Cybersecurity Directorate leaderInfosecurity Magazine
January 18, 2021
Rob Joyce is the new NSA Cyber Director Full Text
Abstract
The U.S. National Security Agency has appointed Rob Joyce as the agency’s new director of cybersecurity, who has long experience in US cybersecurity The National Security Agency (NSA) has appointed US cybersecurity official Rob Joyce as the new chief...Security Affairs
January 18, 2021
Rob Joyce Appointed Director of Cybersecurity at NSA Full Text
Abstract
The U.S. National Security Agency on Friday announced that Rob Joyce, an official who is highly respected in the cybersecurity community, has been named the agency’s new director of cybersecurity.Security Week
January 18, 2021
President Biden’s Peloton exercise equipment under scrutiny Full Text
Abstract
President Joe Biden can't bring his Peloton exercise equipment to the White House due to security reasons. According to a Popular Mechanics report, President Joe Biden is going to move to the White House and likely he will have to give up his Peloton...Security Affairs
January 16, 2021
Pro-Trump ‘Enemies of the People’ doxing site is still active Full Text
Abstract
Enemies of the People, the website inciting violence against U.S. officials who refused to support the President's claims to voter fraud, is still active and continues to expose personal details from more individuals.BleepingComputer
January 16, 2021
NSA Appoints Rob Joyce as Cyber Director Full Text
Abstract
The NSA has confirmed longtime US cybersecurity official Rob Joyce as the new leader of its Cybersecurity Directorate. He most recently has been serving as the NSA's top representative in the UK, a position he has held since 2018.Dark Reading
January 15, 2021
How to Make the National Cyber Director Position Work Full Text
Abstract
It will fall on the incoming Biden administration to implement the new office—and a great deal of hard work lies ahead.Lawfare
January 15, 2021
Biden to invest in cyber workforce, but without plan to overcome lingering staffing hurdles Full Text
Abstract
President-elect Joe Biden announced funding to modernize secure IT and lure cyber talent to the public sector as part of his plan to stimulate the economy and rebuild in the wake of the pandemic. But cybersecurity experts remain skeptical that the newfound funding focus on cybersecurity will be enough to draw the necessary talent. Noting…SCMagazine
January 15, 2021
NSA urges use of enterprise resolvers to protect DNS traffic on corporate networks Full Text
Abstract
NSA advises security pros to use designated enterprise DNS resolvers to lock down DoH on corporate networks.SCMagazine
January 15, 2021
NSA: DNS over HTTPS Provides “False Sense of Security” Full Text
Abstract
Agency urges most enterprises to avoid DoHInfosecurity Magazine
January 15, 2021
CISA tells agencies to consider ad blockers to fend off ‘malvertising’ Full Text
Abstract
The U.S. CISA urged federal agencies on Thursday to deploy ad-blocking software and standardize web browser usage across their workforces in order to fend off advertisements implanted with malware.Cyberscoop
January 14, 2021
NSA advises companies to avoid third party DNS resolvers Full Text
Abstract
The US National Security Agency (NSA) says that companies should avoid using third party DNS resolvers to block threat actors' DNS traffic eavesdropping and manipulation attempts and to block access to internal network information.BleepingComputer
January 14, 2021
Krebs: Infrastructure operators ‘need to be assembling their crisis management teams yesterday’ Full Text
Abstract
Christopher Krebs, the nation’s former top cybersecurity official, said Thursday that critical infrastructure owners and operations should already be assembling their “crisis management teams” in advance of potential violence on Inauguration Day next week.The Hill
January 14, 2021
CISA Warns of Cloud Attacks Exploiting Poor Cyber-Hygiene Full Text
Abstract
Remote workers targeted with phishing, brute force and moreInfosecurity Magazine
January 14, 2021
CISA warns of recent successful cyberattacks against cloud service accounts Full Text
Abstract
The US CISA revealed that several recent successful cyberattacks against various organizations’ cloud services. The Cybersecurity and Infrastructure Security Agency (CISA) announced that several recent successful cyberattacks hit various organizations’...Security Affairs
January 13, 2021
Senate panel to hold nomination hearing for Biden Intelligence director nominee this week Full Text
Abstract
The Senate Intelligence Committee will hold a hearing later this week to consider the nomination of Avril Haines, President-elect Joe Biden’s pick for director of national intelligence (DNI), committee leaders announced Wednesday.The Hill
January 13, 2021
Biden formally appoints NSA’s Anne Neuberger to key national security position Full Text
Abstract
President-elect Joe Biden's transition team on Wednesday announced three key national security appointments, including tapping Anne Neuberger, a top official at the National Security Agency (NSA), to serve in a new cybersecurity-focused role on the National Security Council.The Hill
January 13, 2021
Watchdog Raises Concerns About Census Bureau’s IT Security Full Text
Abstract
A watchdog agency for the U.S. Census Bureau says that proper information-technology security safeguards weren’t in place leading up to the start of the 2020 census last year.Security Week
January 12, 2021
White House establishes national artificial intelligence office Full Text
Abstract
The White House Office of Science and Technology Policy (OSTP) on Tuesday announced the establishment of a National Artificial Intelligence Initiative Office as part of an effort by the Trump administration to prioritize AI.The Hill
January 12, 2021
Agencies Propose Faster, Broader Reporting of Cyber Incidents for Banks Full Text
Abstract
Cyberspace Solarium Commission has called for a systematic way for critical private-sector entities to share cyber incidents toward gleaning more information about necessary defensive measures.Nextgov
January 12, 2021
Efforts to secure elections likely to gain ground in Democrat-controlled Congress Full Text
Abstract
Efforts to boost election security are likely to gain traction in the new Congress, as Democrats who have pushed for election reform take control of both chambers and the White House.The Hill
January 12, 2021
More federal victims of SolarWinds hacking likely to come forward, CISA chief says Full Text
Abstract
The number of U.S. federal agencies confirmed to have been breached in a suspected Russian espionage campaign will likely increase as the investigation continues, the head of the CISA said.Cyberscoop
January 11, 2021
Feds will weigh whether cyber best practices were followed when assessing HIPAA fines Full Text
Abstract
Organizations that can show they did their due diligence in protecting medical information will be better off, should a breach occur.SCMagazine
January 11, 2021
A Role for the Vulnerabilities Equities Process in Securing Software Supply Chains Full Text
Abstract
The Biden administration has an important opportunity to rebuild and sustain trust in the software ecosystem by reforming the government vulnerability disclosure process into a more transparent and frequently used system.Lawfare
January 11, 2021
US Announces Controversial State Department Cyber-Bureau Full Text
Abstract
Pompeo green lights CSET at eleventh hourInfosecurity Magazine
January 09, 2021
Cyber czar to draw on new powers from defense bill Full Text
Abstract
New authorities from the recently enacted defense bill are expected to help the U.S. government in its response to the SolarWinds hack believed to be perpetrated by Russia.The Hill
January 09, 2021
Space Force joins US Intelligence Community to secure outer space Full Text
Abstract
Director of National Intelligence John Ratcliffe announced that the US Space Force (USSF) is the ninth Department of Defense component to join the US Intelligence Community (IC).BleepingComputer
January 9, 2021
State Department creates bureau to reduce ‘likelihood of cyber conflict’ Full Text
Abstract
Secretary of State Mike Pompeo announced on Thursday the creation of a new bureau inside the US Department of State dedicated to addressing cybersecurity as part of the US' foreign policy and diplomatic efforts.ZDNet
January 8, 2021
Welcome Bureau of Cyberspace Security and Emerging Technologies (CSET) Full Text
Abstract
United States Department of State approved the creation of the Bureau of Cyberspace Security and Emerging Technologies (CSET). The United States Secretary of State Mike Pompeo approved the creation of the Bureau of Cyberspace Security and Emerging...Security Affairs
January 7, 2021
Biden’s pick as White House cyber czar provides critical federal leadership and diversity Full Text
Abstract
When Joe Biden assumes the presidency 13 days from now, as government grapples with fallout from the SolarWinds breach and an attack on the U.S. Capitol, veteran intelligence expert Anne Neuberger likely will be by his side as deputy national security advisor for cybersecurity on the National Security Council (NSC). Naming Neuberger to the newly…SCMagazine
January 7, 2021
CISA discovers SAML token abuse around SolarWinds hack, calls for full rebuild of affected networks Full Text
Abstract
The agency has found evidence of authentication token abuse in networks infected with corrupted versions of Orion software and say restoring integrity will require a full network rebuild in certain cases.SCMagazine
January 07, 2021
State Department sets up new bureau for cybersecurity and emerging technologies Full Text
Abstract
Secretary of State Mike Pompeo on Thursday approved the creation of a new office at the State Department to address cybersecurity and emerging technologies.The Hill
January 7, 2021
The physical breach of the Capitol building opens a cybersecurity Pandora’s box Full Text
Abstract
The incident, as well as the response among those on Capitol Hill tasked with securing government technology assets, serves as a dramatic and evolving case study for public and private sector entities on the scope of the cybersecurity risk tied to a physical breach.SCMagazine
January 7, 2021
Biden to Appoint Cybersecurity Advisor to NSC – Report Full Text
Abstract
Anne Neuberger will join the National Security Council, according to sources.Threatpost
January 07, 2021
Warner says foreign adversaries ‘gained more’ from Capitol riot than from SolarWinds hack Full Text
Abstract
Sen. Mark Warner (Va.), the top Democrat and likely incoming chairman of the Senate Intelligence Committee, said Thursday that the nation’s adversaries “gained more” from rioters storming the Capitol than from the recently uncovered massive hack of the federal government.The Hill
January 07, 2021
Federal judiciary likely compromised as part of SolarWinds hack Full Text
Abstract
The U.S. federal judiciary reported this week that it had suffered an “apparent compromise” as part of the recently discovered Russian hack of IT company SolarWinds.The Hill
January 07, 2021
US Judiciary adds safeguards after potential breach in SolarWinds hack Full Text
Abstract
The Administrative Office of the U.S. Courts is investigating a potential compromise of the federal courts' case management and electronic case files system which stores millions of highly sensitive and confidential judiciary records.BleepingComputer
January 7, 2021
Army Reserve Gets First Cyber General Full Text
Abstract
United States Army promotes first Army Reserve cyber officer to brigadier generalInfosecurity Magazine
January 7, 2021
Cybersecurity and the Occupation of the Capitol Full Text
Abstract
This siege has created potentially serious cyber risks for Congress and other affected offices.Lawfare
January 07, 2021
Senior Commerce cyber official resigns after Capitol riot Full Text
Abstract
John Costello, a senior official for intelligence and security operations at the Department of Commerce, on Thursday announced his resignation in the wake of the riots at the U.S. Capitol.The Hill
January 7, 2021
US Govt kicked off ‘Hack the Army 3.0’ bug bounty program Full Text
Abstract
The U.S. government is going to launch the 'Hack the Army 3.0' bug bounty program in collaboration with the HackerOne platform. The U.S. government launched Hack the Army 3.0, the third edition of its bug bounty program, in collaboration with the HackerOne...Security Affairs
January 7, 2021
DoJ: SolarWinds Attackers Hit Thousands of O365 Inboxes Full Text
Abstract
Department first to reveal scope of the Russian campaignInfosecurity Magazine
January 7, 2021
Biden taps intelligence veteran for new White House cybersecurity role Full Text
Abstract
President-elect Joe Biden plans to pluck a career intelligence official from the National Security Agency to serve in a newly created cybersecurity role on his National Security Council.Politico
January 7, 2021
Why the UK’s National Cyber Force is an important step forward Full Text
Abstract
The UK’s vital ‘goal-line’ protection against such threats has also been well covered, especially since the creation of the UK’s innovative National Cyber Security Centre (NCSC).IISS
January 7, 2021
U.S. Government Announces ‘Hack the Army 3.0’ Bug Bounty Program Full Text
Abstract
Hack the Army 3.0, whose goal is to help the U.S. Army secure its digital assets and protect its systems against cyberattacks, takes place between January 6 and February 17.Security Week
January 7, 2021
Bug Bounty Program Launched to Discover US Army Vulnerabilities Full Text
Abstract
Defense Digital Service is working with HackerOne to launch the new programInfosecurity Magazine
January 7, 2021
SolarWinds hackers accessed some of the DOJ’s email accounts Full Text
Abstract
The DOJ learned of the hack on December 24th, at which point it closed the vulnerability. It said it doesn’t have any evidence that suggests the hackers accessed any classified information.Engadget
January 06, 2021
SolarWinds Hackers Also Accessed U.S. Justice Department’s Email Server Full Text
Abstract
The U.S. Department of Justice on Wednesday became the latest government agency in the country to admit its internal network was compromised as part of the SolarWinds supply chain attack. "On December 24, 2020, the Department of Justice's Office of the Chief Information Officer (OCIO) learned of previously unknown malicious activity linked to the global SolarWinds incident that has affected multiple federal agencies and technology contractors, among others," DoJ spokesperson Marc Raimondi said in a short statement. "This activity involved access to the Department's Microsoft Office 365 email environment." Calling it a "major incident," the DoJ said the threat actors who spied on government networks through SolarWinds software potentially accessed about 3% of the Justice Department's email accounts, but added there's no indication they accessed classified systems. The disclosure comes a day after the Federal Bureau of Investigation (FBThe Hacker News
January 06, 2021
Justice Department confirms breach as part of SolarWinds hack, says emails were accessed Full Text
Abstract
The Justice Department on Wednesday confirmed that it was breached as part of the recently discovered Russian hack of IT company SolarWinds, with around 3 percent of agency employee emails accessed by the hackers.The Hill
January 6, 2021
NSA Urges SysAdmins to Replace Obsolete TLS Protocols Full Text
Abstract
The NSA released new guidance providing system administrators with the tools to update outdated TLS protocols.Threatpost
January 6, 2021
Feds Pinpoint Russia as ‘Likely’ Culprit Behind SolarWinds Attack Full Text
Abstract
The widespread compromise affecting key government agencies is ongoing, according to the U.S. government.Threatpost
January 6, 2021
White House unveils maritime cybersecurity standards for government and industry Full Text
Abstract
Contributing $5.4 trillion to the U.S. economy, the maritime transportation system will adhere to guidelines for threat information sharing, creating a cybersecurity workforce, and establishing a risk framework for operational technology.SCMagazine
January 6, 2021
President Trump Releases the National Maritime Cybersecurity Plan Full Text
Abstract
The plan sets forth how the United States government will defend the American economy through enhanced cybersecurity coordination, policies and practices, aimed at mitigating maritime cyber risks.White House
January 6, 2021
US: Fewer Than 10 Govt Agencies Hit by SolarWinds Attack Full Text
Abstract
Government blames Russia for the first timeInfosecurity Magazine
January 6, 2021
FBI, CISA, ODNI and NSA blames Russia for SolarWinds hack Full Text
Abstract
A joint statement issued by US security agencies confirmed that Russia was likely the origin of the SolarWinds supply chain attack. The US agencies FBI, CISA, ODNI, and the NSA released a joint statement that blames Russia for the SolarWinds supply...Security Affairs
January 05, 2021
Officials see few security issues as voters go to the polls in Georgia Full Text
Abstract
Officials at the federal and state levels said that as of Tuesday afternoon, they were seeing few security concerns related to the hotly contested Georgia Senate runoff elections, as voters continued to make their ways to the polls.The Hill
January 05, 2021
US govt says Russian state hackers likely behind SolarWinds hack Full Text
Abstract
The Cyber Unified Coordination Group (UCG) said today that a Russian-backed Advanced Persistent Threat (APT) group is likely behind the SolarWinds hack.BleepingComputer
January 05, 2021
US intel agencies blame Russia for massive SolarWinds hack Full Text
Abstract
A group of U.S. intelligence agencies on Tuesday formally accused Russia of being linked to the recently discovered hack of IT group SolarWinds that compromised much of the federal government.The Hill
January 05, 2021
NSA shares guidance, tools to mitigate weak encryption protocols Full Text
Abstract
The National Security Agency has shared guidance on how to detect and replace outdated Transport Layer Security (TLS) protocol versions with up to date and secure variants.BleepingComputer
January 05, 2021
Trump administration rolls out plan to secure maritime sector against cyber threats Full Text
Abstract
The White House on Tuesday rolled out a plan to secure the nation’s maritime sector against cybersecurity threats that could endanger national security.The Hill
January 5, 2021
The Dramatic Year of the Pentagon’s Contractor Cybersecurity Program Full Text
Abstract
Before the idea of CMMC, companies within the defense industrial base simply pledged their adherence to cybersecurity practices outlined by the National Institute of Standards and Technology.Nextgov
January 5, 2021
Defense Funding Measure Includes 77 Cybersecurity Provisions Full Text
Abstract
Cyberspace Solarium Commission co-chairs called the legislation "the most comprehensive and forward-looking piece of national cybersecurity legislation in the nation's history."Gov Info Security
December 31, 2020
Cyber attack on U.S. government may have started earlier than initially thought - U.S. senator Full Text
Abstract
The unprecedented cyber attack on U.S. government agencies reported this month may have started earlier than last spring as previously believed, a U.S. senator involved in cybersecurity said.Reuters
December 31, 2020
CISA updates SolarWinds guidance, tells US govt agencies to update right away Full Text
Abstract
In an update posted late last night, CISA said that all US government agencies that still run SolarWinds Orion platforms must update to the latest 2020.2.1HF2 version by the end of the year.ZDNet
December 30, 2020
CISA demands US govt agencies to update SolarWinds Orion software Full Text
Abstract
US Cybersecurity and Infrastructure Security Agency (CISA) urges US federal agencies to update the SolarWinds Orion software by the end of the year. The US Cybersecurity and Infrastructure Security Agency (CISA) has updated its official guidance to order...Security Affairs
December 30, 2020
DHS orders federal agencies to update SolarWinds Orion platform Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered all US federal agencies to update the SolarWinds Orion platform to the latest version by the end of business hours on December 31, 2020.BleepingComputer
December 29, 2020
US Treasury warns of ransomware targeting COVID-19 vaccine research Full Text
Abstract
The US Treasury Department's Financial Crimes Enforcement Network (FinCEN) warned financial institutions of ransomware actively targeting vaccine research organizations.BleepingComputer
December 29, 2020
CISA releases a PowerShell-based tool to detect malicious activity in Azure, Microsoft 365 Full Text
Abstract
Cybersecurity and Infrastructure Security Agency (CISA) released a tool for detecting potentially malicious activities in Azure/Microsoft 365 environments. The Cybersecurity and Infrastructure Security Agency (CISA)'s Cloud Forensics team has released...Security Affairs
December 28, 2020
Biden calls for modernizing US defenses following massive hack Full Text
Abstract
President-elect Joe Biden on Monday stressed the need to modernize U.S. military forces to account for attacks in cyberspace following a massive hack of multiple government agencies that came to light earlier this month.The Hill
December 28, 2020
CISA releases Azure, Microsoft 365 malicious activity detection tool Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency (CISA) has released a PowerShell-based tool that helps detect potentially compromised applications and accounts in Azure/Microsoft 365 environments.BleepingComputer
December 25, 2020
Trust-Based Federated Login Abused for Local-to-Cloud Attacks Full Text
Abstract
The NSA has released a security advisory detailing to attack techniques allegedly used by the SolarWinds hackers to escalate access from local networks to cloud resources.Cyware Alerts - Hacker News
December 24, 2020
SolarWinds Hackers “Impacting” State and Local Governments Full Text
Abstract
CISA issues warning over widespread impact of SolarWinds hacking campaignInfosecurity Magazine
December 24, 2020
Preparing for the challenges of 2021 Full Text
Abstract
Organizations like the Cybersecurity and Infrastructure Security Agency, local and state governments, and private sector have all taken significant steps to mitigate and respond to cyber incidents.Help Net Security
December 24, 2020
Grid regulator warns utilities of risk of SolarWinds backdoor, asks how exposed they are Full Text
Abstract
The North American electric grid regulator has asked utilities to report how exposed they are to SolarWinds software that is at the center of a suspected Russian hacking operation.Cyberscoop
December 24, 2020
Government Security Experts Issue Farmers with New Advice Full Text
Abstract
NCSC guide intended to keep devices and software safe from attackInfosecurity Magazine
December 24, 2020
The Hack Roundup: CISA Guidance Warns Affected Systems May Need to Be Rebuilt Full Text
Abstract
The Cybersecurity and Infrastructure Security Agency released a guide for federal, state, and local government leaders on responding to the hack and an online hub for resources.Nextgov
December 24, 2020
U.S. cyber agency says SolarWinds hackers are ‘impacting’ state, local governments Full Text
Abstract
The CISA said on Wednesday that a sprawling cyber espionage campaign made public earlier this month is affecting state and local governments, although it released few additional details.Reuters
December 23, 2020
Top Democrat: ‘Critical’ that Pompeo brief senators on SolarWinds hack at State Dept. Full Text
Abstract
The top Democrat on the Senate Foreign Relations Committee is calling on Secretary of State Mike Pompeo to brief senators on the massive SolarWinds hack by suspected Russian hackers and its effect on the State Department.The Hill
December 23, 2020
DHS warns of data theft risk when using Chinese products Full Text
Abstract
The US Department of Homeland Security (DHS) warned American businesses of the data theft risks behind using equipment and data services provided by companies linked with the People's Republic of China (PRC).BleepingComputer
December 23, 2020
Nuclear weapons agency updates Congress on hacking attempt Full Text
Abstract
Energy Secretary Dan Brouillette, DOE’s Chief Information Officer Rocky Campione, and NNSA CIO Wayne Jones all participated in the briefings to the relevant congressional oversight bodies.Politico
December 23, 2020
U.S. House intel chair wants briefing on recent hacking campaign Full Text
Abstract
U.S. House Intelligence Committee chairman Adam Schiff on Tuesday asked for a briefing from U.S. agencies about a widespread hack of U.S. government networks and potential vulnerabilities.Reuters
December 23, 2020
Homeland Security: Chinese business dealings a ‘grave threat’ to data security Full Text
Abstract
The DHS advisory covers the various Chinese laws allowing Beijing to access data with employees, leadership, or ownership within its borders.SCMagazine
December 23, 2020
DHS warns against using Chinese hardware and digital services Full Text
Abstract
The US Department of Homeland Security has published a "business advisory" today warning US companies against using hardware equipment and digital services created or linked to Chinese companies.ZDNet
December 23, 2020
US agencies conclude Iran is likely behind website aimed at stoking violence against election officials Full Text
Abstract
The FBI and the Department of Homeland Security have concluded that Iran is very likely behind a website apparently aimed at inciting violence against election officials as well as the FBI director.Cyberscoop
December 23, 2020
US: Buying Chinese Tech is a “Grave Threat” to Your Data Security Full Text
Abstract
DHS advisory warns businesses of state-mandated IP theft risksInfosecurity Magazine
December 22, 2020
Biden blasts Trump administration over SolarWinds attack response Full Text
Abstract
U.S. President-Elect Joe Biden has criticized the Trump administration over the lack of response regarding the SolarWinds response and for failing to officially attribute the attacks.BleepingComputer
December 22, 2020
Biden faults Trump administration on cybersecurity following massive hack Full Text
Abstract
President-elect Joe Biden on Tuesday accused the Trump administration of failing to prioritize cybersecurity in the wake of a far-reaching breach of private and government systems and promised a serious response when he takes office.The Hill
December 22, 2020
‘Dozens of email accounts’ were hacked at U.S. Treasury -Senator Wyden Full Text
Abstract
Dozens of email accounts at the U.S. Treasury Department were compromised by hackers in the recent cyber-espionage campaign, the office of U.S. Senator Ron Wyden said on Monday.Reuters
December 21, 2020
Senate Democrat says cyberattack on Treasury ‘appears to be significant’ Full Text
Abstract
Sen. Ron Wyden (D-Ore.) said on Monday that a cyberattack at the Department of Treasury reported by media outlets last week “appears to be significant.”The Hill
December 21, 2020
Barr says Russia appears to be behind massive hack Full Text
Abstract
Attorney General William Barr on Monday said that Russia is likely behind the unprecedented hack into multiple federal agencies and thousands of private entities, becoming the second senior administration official to place the blame on Moscow in contradiction to statements by President TrumpDonald TrumpTrump signs bill extending government funding for 24 hours Congress passes one-day stopgap bill ahead of shutdown deadline What is in the 0 billion coronavirus relief bill MORE.The Hill
December 21, 2020
Breakup Plan for Cyber Command and NSA Full Text
Abstract
Trump administration reveals plan to split up leadership of US Cyber Command and the National Security AgencyInfosecurity Magazine
December 21, 2020
Security experts warn of long-term risk tied to Energy Department breach Full Text
Abstract
The department formally confirmed the hackers’ tentacles had reached into the agency, but that the malware injected had been isolated to its business networks. Some security experts argue, however, that visibility into the IT network may give hackers a path to the OT network.SCMagazine
December 21, 2020
Finnish government tables laws to protect data from cyber criminals Full Text
Abstract
At present, individuals are only permitted to change their personal ID numbers in exceptional cases, and the new law will tighten regulations and controls around secure handling of personal ID codes.Computer Weekly
December 21, 2020
NATO is checking its systems to determine the impact of SolarWinds hack Full Text
Abstract
“NATO also has cyber rapid reaction teams on standby to assist Allies 24 hours a day, and our Cyberspace Operations Centre is operational,” an unnamed NATO official told AFP.Security Affairs
December 20, 2020
Romney calls for response ‘of like magnitude or greater’ to Russia hack Full Text
Abstract
Sen. Mitt RomneyWillard (Mitt) Mitt RomneySunday shows preview: US rolls out first doses of coronavirus vaccine; Congress close on stimulus deal Trump must concede as a holiday gift to the nation Trump downplays impact of hack, questions whether Russia involved MORE (R-Utah) called for a response to a cyberattack on U.S. government systems on Sunday, and said that Russia should face consequences for its alleged involvement.The Hill
December 20, 2020
SolarWinds hackers also breached the US NNSA nuclear agency Full Text
Abstract
US DOE confirmed that threat actors behind the recent SolarWinds supply chain attack also hacked the networks of the US NNSA nuclear agency. US DOE confirmed this week that threat actors behind the recent SolarWinds supply chain attack also compromised...Security Affairs
December 20, 2020
Ending the “Dual-Hat” Arrangement for NSA and Cyber Command? Full Text
Abstract
Are big changes afoot at Cyber Command? What are the relevant legal constraints?Lawfare
December 19, 2020
Trump downplays impact of hack, questions whether Russia involved Full Text
Abstract
President TrumpDonald TrumpTrump signs bill to keep government open amid relief talks US to close two Russia consulates 'Guardians of the Galaxy' trends on social media following new Space Force name MORE on Saturday downplayed the impact of a sprawling hack on a litany of government agencies, defying officials’ assessments of its extent and indicating he disagreed with their conclusion that Russia was behind the attack.The Hill
December 19, 2020
Pompeo: Russia ‘pretty clearly’ behind massive cyberattack Full Text
Abstract
Secretary of State Mike PompeoMike PompeoChampioning Democracy: How America can blunt the rise of authoritarian powers Azar tells Health Department staff his wife has COVID-19: 'Mild symptoms but otherwise doing well' Pompeo speaks with Turkish counterpart following US sanctions MORE on Friday blamed Russia for the massive cyberattack affecting multiple federal agencies and thousands of individual federal and private entities, saying it was "pretty clearly" behind the attack.The Hill
December 19, 2020
US government caught blindsided over sophisticated cyber hack, experts say Full Text
Abstract
Russia has long been viewed as a threat in cyberspace. But after one of the most successful cyber intrusion campaigns in U.S. history, questions are being raised over how the federal government was so completely blindsided by an attack many experts have seen coming.The Hill
December 19, 2020
Apple, Google, Microsoft, and Mozilla ban Kazakhstan’s MitM HTTPS certificate Full Text
Abstract
Browser makers Apple, Google, Microsoft, and Mozilla, have banned today a root certificate that was being used by the Kazakhstan government to intercept and decrypt HTTPS traffic for residents in the country's capital, the city of Nur-Sultan.ZDNet
December 18, 2020
Lawmakers call for Trump to take action on massive government hack Full Text
Abstract
Lawmakers on both sides of the aisle criticized President Trump. Congress passes bill to avert shutdown as coronavirus talks drag into weekend Lawmakers call for Trump to take action on massive government hack Overnight Health Care: CVS, Walgreens to begin nursing home vaccinations | Pence receives coronavirus vaccine on camera | 8.2M people sign up for ObamaCare MORE for his ongoing silence on the massive suspected Russian hack of federal agencies this week, and urged him to sign the annual defense funding bill into law to take action immediately.The Hill
December 18, 2020
Lawmakers ask IRS if its systems were compromised in SolarWinds hack Full Text
Abstract
Two key House lawmakers are seeking answers from the Internal Revenue Service (IRS) about whether any of the agency's systems were compromised as part of a massive cyberattack.The Hill
December 18, 2020
Former NSA security chief details what’s happening inside DoD to respond to SolarWinds hack Full Text
Abstract
Former NSA Chief Security Officer Chris Kubic, now CSO at Fidelis, spoke with SC Media about the current focus in the Pentagon, much like the private sector, to track down any impacted systems, while scrambling to get updated detection signatures.SCMagazine
December 18, 2020
DIU, CISA Team Up to Coordinate Cybersecurity Tech Investments Full Text
Abstract
The Defense Innovation Unit and the Cybersecurity and Infrastructure Security Agency are teaming up to share information and coordinate cybersecurity technology investments, DOD announced Thursday.Nextgov
December 18, 2020
Lawmakers ask whether massive hack amounted to act of war Full Text
Abstract
Lawmakers are raising questions about whether the attack on the federal government widely attributed to Russia constitutes an act of war.The Hill
December 18, 2020
Federal investigators find evidence of previously unknown tactics used to penetrate government networks Full Text
Abstract
While many details remained unclear, revelation about new modes of attack raises fresh questions about the access that Russian hackers were able to gain in government and corporate systems globally.Washington Post
December 18, 2020
More Hacking Attacks Found as Officials Warn of ‘Grave Risk’ to U.S. Government Full Text
Abstract
The discovery suggests that the scope of the attack, which appears to extend beyond nuclear laboratories and Pentagon, Treasury and Commerce Departments, complicates the challenge for investigators.New York Times
December 18, 2020
Nuclear weapons agency breached amid massive cyber onslaught Full Text
Abstract
The hackers have been able to do more damage at FERC than the other agencies, and officials there have evidence of highly malicious activity, the officials said, but did not elaborate.Politico
December 17, 2020
Romney: ‘Stunning’ for White House not to respond on Russian cyberattack Full Text
Abstract
Sen. Mitt RomneyWillard (Mitt) Mitt RomneyEx-teachers union leader seen as leading candidate for Biden's Education secretary No, Biden hasn't won yet — one more nightmare scenario The Hill's Morning Report - Presented by Mastercard - Moderna vaccine nears US approval; Congress cites 'progress' toward relief bill MORE (R-Utah) on Thursday said it was "stunning" for the White House to not issue a response regarding multiple alleged U.S. government cyber attacks stemming from Russia.The Hill
December 17, 2020
Energy Dept., nuclear agency breached as part of massive cyberattack Full Text
Abstract
Agencies within the Department of Energy (DOE), including portions of the agency charged with maintaining the nation’s nuclear weapons stockpile, were breached as part of a massive hack on an IT group that has hit almost a dozen federal agencies, officials said Thursday.The Hill
December 17, 2020
Federal government finds evidence hackers used multiple methods to access agency networks Full Text
Abstract
The Department of Homeland Security’s (DHS) cybersecurity agency on Thursday warned of the “grave” threat posed to federal systems by a recent massive espionage attack by a nation state, warning that the hackers used multiple methods to access the systems for months.The Hill
December 17, 2020
Biden vows to make cybersecurity ‘imperative’ following massive hack Full Text
Abstract
President-elect Joe BidenJoe BidenBooker: Proposed COVID-19 relief bill is 'far short' of desired pandemic aid for states and communities Trump to name Giuliani's son to role on Holocaust Memorial Council Biden would save US .6 billion by halting border wall construction: report MORE on Thursday vowed to elevate cybersecurity as an “imperative” when he takes office and said he would not “stand idly by” in the face of cyberattacks following a massive breach that impacted the U.S. government.The Hill
December 17, 2020
Senators request IRS briefing on SolarWinds hack Full Text
Abstract
The leaders of the Senate Finance Committee on Thursday asked the IRS for a briefing about whether sensitive taxpayer information was stolen as part of the SolarWinds hack.The Hill
December 17, 2020
SolarWinds hackers breach US nuclear weapons agency Full Text
Abstract
Nation-state hackers have breached the networks of the National Nuclear Security Administration (NNSA) and the US Department of Energy (DOE).BleepingComputer
December 17, 2020
SolarWinds hackers breach agency in charge of US nuclear weapons Full Text
Abstract
Nation-state hackers have breached the networks of the National Nuclear Security Administration (NNSA) and the US Department of Energy (DOE).BleepingComputer
December 17, 2020
CISA: Hackers breached US govt using more than SolarWinds backdoor Full Text
Abstract
The US Cybersecurity and Infrastructure Security Agency (CISA) said that the APT group behind the recent compromise campaign targeting US government agencies used more than one initial access vector.BleepingComputer
December 17, 2020
FBI, CISA officially confirm US govt hacks after SolarWinds breach Full Text
Abstract
The compromise of multiple US federal networks following the SolarWinds breach was officially confirmed for the first time in a joint statement released earlier today by the FBI, DHS-CISA, and the Office of the Director of National Intelligence (ODNI).BleepingComputer
December 17, 2020
Schiff calls for ‘urgent’ work to defend nation in the wake of massive cyberattack Full Text
Abstract
House Intelligence Committee Chairman Adam Schiff called on Congress to undertake “urgent work” to defend critical networks in the wake of a massive cyber-espionage attack on the U.S. government.The Hill
December 17, 2020
White House activates cyber emergency response under Obama-era directive Full Text
Abstract
In the wake of the SolarWinds breach, the National Security Council has activated an emergency cybersecurity process that is intended to help the government plan its response and recovery efforts.Cyberscoop
December 17, 2020
India approves game-changing framework against cyber threats Full Text
Abstract
In a significant decision, India on Wednesday introduced its first and biggest framework to protect itself from cyber attacks, data theft, and other vulnerabilities threatening its national security.The Times Of India
December 17, 2020
Adversary Playbook: JavaScript RAT Looking for that Government Cheese Full Text
Abstract
The tactics, techniques, and procedures (TTPS) of the attackers behind the JsOutprox remote access trojan (RAT) indicate that these are experienced and sophisticated threat actors.Fortinet
December 15, 2020
How bad is the hack that targeted US agencies? Full Text
Abstract
The hack began as early as March when malicious code was snuck into updates to the popular SolarWinds Orion software that monitors computer networks of businesses and governments.The Times Of India
December 15, 2020
DHS, CISA and NCSC Issue Warnings After SolarWinds Attack Full Text
Abstract
Government agencies issue advice after apparent nation state attacksInfosecurity Magazine
December 15, 2020
Government Threatens Tech Firms with Fines of 10% of Turnover Full Text
Abstract
UK’s Online Safety Bill set to cause controversyInfosecurity Magazine
December 15, 2020
DHS, State, and NIH join list of 5 (and counting) federal agencies confirmed hacked in massive Russian cyberespionage campaign Full Text
Abstract
The DHS, the State Department, and the NIH joined the list of known victims of a months-long, highly sophisticated digital spying operation by Russia whose damage remains uncertain but is presumed to be extensive, experts say.Boing Boing
December 14, 2020
CISA Published Emergency Directive on SolarWinds Orion Code Compromise Full Text
Abstract
SolarWinds Orion products (affected versions are 2019.4 through 2020.2.1 HF1) are currently being exploited by malicious actors. This tactic permits an attacker to gain access to network traffic management systems.DHS
December 14, 2020
Cybersecurity in a fishbowl: How North Carolina’s Board of Elections handled it Full Text
Abstract
Election security has never been more scrutinized than the 2020 presidential elections. It left election boards fighting not only to protect the election from outside influences, but also to justify the legitimacy of their own work.SCMagazine
December 14, 2020
After high profile hacks hit federal agencies, CISA demands drastic SolarWinds mitigation Full Text
Abstract
Impact of the supply chain attacks are not limited to government, with consulting, technology, and telecom sectors all caught in the crosshairs.SCMagazine