CISA

A “cascade” of errors let Chinese hackers into US government inboxes

A “cascade” of errors let Chinese hackers into US government inboxes 2024-04-03 at 16:46 By Zeljka Zorz Microsoft still doesn’t known how Storm-0558 attackers managed to steal the Microsoft Services Account cryptographic key they used to forge authentication tokens needed to access email accounts belonging to US government officials. “The stolen 2016 MSA key in […]

React to this headline:

Loading spinner

A “cascade” of errors let Chinese hackers into US government inboxes Read More »

Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094)

Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094) 2024-03-29 at 20:31 By Zeljka Zorz A vulnerability (CVE-2024-3094) in XZ Utils, the XZ format compression utilities included in most Linux distributions, may “enable a malicious actor to break sshd authentication and gain unauthorized access to the entire system remotely,” Red Hat warns.

React to this headline:

Loading spinner

Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094) Read More »

Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955)

Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955) 2024-03-28 at 12:32 By Zeljka Zorz The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-24955 – a code injection vulnerability that allows authenticated attackers to execute code remotely on a vulnerable Microsoft SharePoint Server – to its KEV catalog and is demanding that

React to this headline:

Loading spinner

Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955) Read More »

CISA Moving Forward With Cyber Incident Reporting Rules Impacting 316,000 Entities

CISA Moving Forward With Cyber Incident Reporting Rules Impacting 316,000 Entities 2024-03-28 at 12:01 By Eduard Kovacs CISA is seeking comment on the implementation of CIRCIA, which will cost $2.6 billion and will impact 316,000 entities. The post CISA Moving Forward With Cyber Incident Reporting Rules Impacting 316,000 Entities appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

CISA Moving Forward With Cyber Incident Reporting Rules Impacting 316,000 Entities Read More »

US Government Urges Software Makers to Eliminate SQL Injection Vulnerabilities

US Government Urges Software Makers to Eliminate SQL Injection Vulnerabilities 2024-03-26 at 13:16 By Ionut Arghire CISA and the FBI issue a secure-by-design alert on eliminating SQL injection vulnerabilities from software. The post US Government Urges Software Makers to Eliminate SQL Injection Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

US Government Urges Software Makers to Eliminate SQL Injection Vulnerabilities Read More »

CISA: Here’s how you can foil DDoS attacks

CISA: Here’s how you can foil DDoS attacks 2024-03-22 at 13:46 By Zeljka Zorz In light of the rise of “DDoS hacktivism” and the recent DDoS attacks aimed at disrupting French and Alabama government websites, the Cybersecurity and Infrastructure Security Agency (CISA) has updated its guidance of how governmental entities (but also other organizations) should

React to this headline:

Loading spinner

CISA: Here’s how you can foil DDoS attacks Read More »

CISA’s OT Attack Response Team Understaffed: GAO

CISA’s OT Attack Response Team Understaffed: GAO 2024-03-12 at 15:46 By Eduard Kovacs GAO study finds that CISA does not have enough staff to respond to significant OT attacks in multiple locations at the same time. The post CISA’s OT Attack Response Team Understaffed: GAO appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

CISA’s OT Attack Response Team Understaffed: GAO Read More »

10 free cybersecurity guides you might have missed

10 free cybersecurity guides you might have missed 2024-03-11 at 09:07 By Help Net Security This collection of free cybersecurity guides covers a broad range of topics, from resources for developing cybersecurity programs to specific guides for various sectors and organizations. Whether you work for a small business, a large corporation, or a specific industry,

React to this headline:

Loading spinner

10 free cybersecurity guides you might have missed Read More »

CISA Outlines Efforts to Secure Open Source Software

CISA Outlines Efforts to Secure Open Source Software 2024-03-08 at 18:03 By Ionut Arghire Concluding a two-day OSS security summit, CISA details key actions to help improve open source security. The post CISA Outlines Efforts to Secure Open Source Software appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

CISA Outlines Efforts to Secure Open Source Software Read More »

Securing software repositories leads to better OSS security

Securing software repositories leads to better OSS security 2024-03-04 at 14:03 By Zeljka Zorz Malicious software packages are found on public software repositories such as GitHub, PyPI and the npm registry seemingly every day. Attackers use a number of tricks to fool developers or systems into downloading them, or they simply compromise the package developer’s

React to this headline:

Loading spinner

Securing software repositories leads to better OSS security Read More »

JCDC’s strategic shift: Prioritizing cyber hardening

JCDC’s strategic shift: Prioritizing cyber hardening 2024-03-01 at 08:01 By Mirko Zorz In this Help Net Security interview, Geoffrey Mattson, CEO of Xage Security, discusses the evolution of the Joint Cyber Defense Collaborative (JCDC) since its 2021 inception and tackles its 2024 strategic priorities in response to escalating cyber threats. He elaborates on JCDC’s strategies

React to this headline:

Loading spinner

JCDC’s strategic shift: Prioritizing cyber hardening Read More »

ALPHV/BlackCat threatens to leak data stolen in Change Healthcare cyberattack

ALPHV/BlackCat threatens to leak data stolen in Change Healthcare cyberattack 2024-02-29 at 14:46 By Helga Labus The ALPHV/BlackCat ransomware group has claimed responsibility for the cyberattack that targeted Optum, a subsidiary of UnitedHealth Group (UHG), causing disruption to the Change Healthcare platform and affecting pharmacy transactions across the US. ALPHV/BlackCat is back Last December, US

React to this headline:

Loading spinner

ALPHV/BlackCat threatens to leak data stolen in Change Healthcare cyberattack Read More »

US Gov Says Software Measurability is ‘Hardest Problem to Solve’

US Gov Says Software Measurability is ‘Hardest Problem to Solve’ 2024-02-27 at 22:31 By Ryan Naraine White House calls for the “timely, complete, and consistent” publication of CVE and CWE data to help solve the security metrics problem. The post US Gov Says Software Measurability is ‘Hardest Problem to Solve’ appeared first on SecurityWeek. This

React to this headline:

Loading spinner

US Gov Says Software Measurability is ‘Hardest Problem to Solve’ Read More »

APT29 revamps its techniques to breach cloud environments

APT29 revamps its techniques to breach cloud environments 2024-02-27 at 14:16 By Helga Labus Russian threat actors APT29 are changing their techniques and expanding their targets to access cloud environments, members of the Five Eyes intelligence alliance have warned. About APT29 APT29 (aka Midnight Blizzard, aka Cozy Bear) is a cyber espionage group believed to

React to this headline:

Loading spinner

APT29 revamps its techniques to breach cloud environments Read More »

Russian Cyberspies Targeting Cloud Infrastructure via Dormant Accounts

Russian Cyberspies Targeting Cloud Infrastructure via Dormant Accounts 2024-02-26 at 19:17 By Ionut Arghire US government and allies expose TTPs used by notorious Russian hacking teams and warn of the targeting of dormant cloud accounts. The post Russian Cyberspies Targeting Cloud Infrastructure via Dormant Accounts appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Russian Cyberspies Targeting Cloud Infrastructure via Dormant Accounts Read More »

Microsoft begins broadening free cloud logging capabilities

Microsoft begins broadening free cloud logging capabilities 2024-02-22 at 14:47 By Helga Labus After select US federal agencies tested Microsoft’s expanded cloud logging capabilities for six months, Microsoft is now making them available to all agencies using Microsoft Purview Audit – regardless of license tier. “This change will impact government departments & agencies who do

React to this headline:

Loading spinner

Microsoft begins broadening free cloud logging capabilities Read More »

CISA Warns of Roundcube Webmail Vulnerability Exploitation

CISA Warns of Roundcube Webmail Vulnerability Exploitation 2024-02-13 at 13:31 By Eduard Kovacs CISA has added the Roundcube flaw tracked as CVE-2023-43770 to its known exploited vulnerabilities catalog. The post CISA Warns of Roundcube Webmail Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

CISA Warns of Roundcube Webmail Vulnerability Exploitation Read More »

Roundcube webmail XSS vulnerability exploited by attackers (CVE-2023-43770)

Roundcube webmail XSS vulnerability exploited by attackers (CVE-2023-43770) 2024-02-13 at 11:46 By Zeljka Zorz CVE-2023-43770, a vulnerability in the Roundcube webmail software that has been fixed in September 2023, is being exploited by attackers in the wild, CISA has warned by adding the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. About CVE-2023-43770 Roundcube is

React to this headline:

Loading spinner

Roundcube webmail XSS vulnerability exploited by attackers (CVE-2023-43770) Read More »

Decryptor for Rhysida ransomware is available!

Decryptor for Rhysida ransomware is available! 2024-02-12 at 13:46 By Zeljka Zorz Files encrypted by Rhysida ransomware can be successfully decrypted, due to a implementation vulnerability discovered by Korean researchers and leveraged to create a decryptor. About Rhysida Rhysida is a relatively new ransomware-as-a-service gang that engages in double extortion. First observed in May 2023,

React to this headline:

Loading spinner

Decryptor for Rhysida ransomware is available! Read More »

CISA: China’s Volt Typhoon Hackers Planning Critical Infrastructure Disruption

CISA: China’s Volt Typhoon Hackers Planning Critical Infrastructure Disruption 2024-02-08 at 01:01 By Ryan Naraine New CISA alert includes technical mitigations to harden attack surfaces and instructions to hunt for the Chinese government-backed hackers. The post CISA: China’s Volt Typhoon Hackers Planning Critical Infrastructure Disruption appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

CISA: China’s Volt Typhoon Hackers Planning Critical Infrastructure Disruption Read More »

Scroll to Top