natacs-logo-192x85

Cybersecurity

Top News in Cybersecurity

Defending yourself against cyberattacks starts with understanding the risks associated with cyber activity, what some of the basic cybersecurity terms mean, and what you can do to protect yourself.

 

Hacking Gets Dangerously Real: 8 Cybersecurity Predictions to Watch Out For

Published by ZDNet 27 June 2022

"Many businesses will fail to see the benefits of their zero-trust efforts over the next few years, while legislation around paying off ransomware gangs will be extended and attacks on operational technology might have real-life consequences, according to set of cybersecurity predictions.

"The list comes from tech analyst Gartner, which said business leaders should build these strategic planning assumptions into their security strategies for the next two years."

To read this article, click here.

 

 

This New Android Malware Bypasses Multi-Factor Authentication to Steal Your Passwords

Published by ZDNet 16 June 2022

"A newly discovered form of Android malware steals passwords, bank details and cryptocurrency wallets from users – and it does so by bypassing multi-factor authentication protections. 

"The malware has been detailed by cybersecurity researchers at F5 Labs, who've dubbed it MaliBot. It's the latest in a string of powerful malware targeting Android users."

To read this article, click here.

 

 

Cybersecurity Threats in Aviation

Published by Airport Technology 8 June 2022

"Airports face many cybersecurity threats, even though they can sometimes be preventable. A recent example of this is a distributed denial-of-service (DDOS) attack on the website of Bradley International Airport in Connecticut, US."

To read this article, click here.

 

 

Hacking Scenarios: How Hackers Choose Their Victims

Published by The Hacker News 7 June 2022

"Cyber hackers can now do just as much analyzing and evaluating as security teams for their products. They have the same or even more tools to scan any given system, so it's practical to be able to foresee their motivation and profiles."

To read this article, click here.

 

 

Cloud Computing Security: Five Things You are Probably Doing Wrong

Published by ZDNet 1 June 2022

"The ability to log in from anywhere using cloud applications is convenient for employees, but it's also a potential new opportunity for cyber criminals, who, with a set of stolen passwords, could gain access to sensitive information. There's even the prospect of hackers abusing cloud services to launch ransomware attacks and other malware campaigns."

To read this article, click here.

 

 

Secure Tomorrow Series Toolkit

Published by Cybersecurity & Infrastructure Security Agency May 2022

"The Secure Tomorrow Series Toolkit is a diverse array of interactive and thought-provoking products uniquely designed to assist stakeholders across the critical infrastructure community to self-facilitate and conduct strategic foresight activities that will enable them to derive actionable insights about the future, identify emerging risks, and develop risk management strategies that, if taken today, could enhance long-term critical infrastructure security and resilience to implement now."

To access this toolkit, click here.

 

 

The Weak Password Report 2022

Published by SPECOPS 2022

"Password attacks are on the rise because passwords themselves are very vulnerable to attack. What specifically makes them vulnerable? This year’s Weak Password Report takes a look at both the human side and the tech side of why passwords are the weakest link in an organization’s network."

To download this report, click here.

 

 

FBI Alert I-050422-PSA: Business Email Compromise: The $43 Billion Scam

Published by FBI 4 May 2022

"This Public Service Announcement is an update and companion piece to Business Email Compromise PSA I-091019-PSA posted on www.ic3.gov. This PSA includes new Internet Crime Complaint Center complaint information and updated statistics from October 2013 to December 2021."

To read this announcement, click here.

 

 

National Security Memorandum on Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems

Published by The White House 4 May 2022

The White House has issued a memorandum to multiple government agencies and organizations. 

"It identifies key steps needed to maintain the Nation’s competitive advantage in quantum information science (QIS), while mitigating the risks of quantum computers to the Nation’s cyber, economic, and national security.  It directs specific actions for agencies to take as the United States begins the multi-year process of migrating vulnerable computer systems to quantum-resistant cryptography."

To read this memorandum, click here.

 

 

Connecticut Becomes Fifth State With Data Privacy Law

Published by The Record 4 May 2022

"Connecticut’s recently passed data privacy bill became law on Wednesday, making it the fifth state in the U.S. with some form of data privacy protections for its residents.

"S.B. No. 6 – The ‘Act Concerning Personal Data Privacy and Online Monitoring’ – became law without the governor’s signature because the state has a rule that passed bills become law automatically five days after they are passed during a legislative session."

To read this article, click here.

 

 

Aviation Cyber Security – High Level Analysis, Major Challenges and Where the Industry is Heading

Published by 1st Global Cyber Security Observatory April 2022

"During recent years we have witnessed important attacks on large corporations, critical infrastructures of all kinds, governments and SMEs with different levels of sophistication and diverse severity in their impact.

"As we might expect, the aviation industry is not an exception to this status quo. Nevertheless, there is a major difference with other industries like financial services, insurance or e-commerce to name just a few. In transportation and particularly in aviation there is a key life safety issue. A cyberattack, if successful, might end up in loss of numerous lives  – resulting in a complete catastrophe. If that were not enough, it might also destroy trust and eventually the brand."

To read this article, click here.

 

 

Here’s What Hackers Can Do with Just Your Cell Phone Number

Published by Reader's Digest 28 April 2022

Knowing what to do in the event a threat-actor has honed in on your personal, identifiable information can protect your accounts from considerable harm.

In this article, several examples of what can happen if your mobile phone is compromised are presented. Useful tips about the next actions to take, to rectify the situation, are laid out in detail.

To read this article, click here.

 

 

Hack DHS: Homeland Security's First Bug Bounty Turns Up 122 Vulnerabilities

Published by ZDNet 25 April 2022

"The US Department of Homeland Security (DHS)'s first bug bounty with external researchers called 'Hack DHS' helped discover 122 vulnerabilities. 

"DHS announced the Hack DHS bounty in December and in phase one of the program invited more than 450 'vetted security researchers' to get involved. DHS suggests the program produced solid results: 27 or about 22% of the 122 vulnerabilities participants found were deemed 'critical'."

To read this article, click here.

 

 

 

Most Email Security Approaches Fail to Block Common Threats

Published by Threat Post 20 April 2022

"An overwhelming number of security teams believe their email security systems to be ineffective against the most serious inbound threats, including ransomware.

"That’s according to a survey of business customers using Microsoft 365 for email commissioned by Cyren and conducted by Osterman Research, which examined concerns with phishing, business email compromise (BEC), and ransomware threats, attacks that became costly incidents, and preparedness to deal with attacks and incidents."

To read this article, click here.

 

 

Israeli Charged in Global Hacker-For-Hire Scheme Pleads Guilty

Published by U.S. News & World Report 20 April 2022

"An Israeli private detective detained in New York since 2019 on charges of involvement in a hacker-for-hire scheme pleaded guilty to wire fraud, conspiracy to commit hacking and aggravated identity theft on Wednesday.

"Federal prosecutors say the detective, Aviram Azari, organized a series of hacking missions on behalf of unnamed third parties against American companies based in New York, using fake websites and phishing messages to steal email account passwords."

To read this article, click here.

 

 

Behind the Push to Finally Eliminate Passwords

Published by Cybersecurity Dive 20 April 2022

"The FIDO Alliance wants to use smartphones as a true mobile authenticator, but the proposal faces some obstacles.

"For more than 10 years, the FIDO Alliance has been working to end password dependency. Now, the group has a new proposal in mind that enlists smartphones as roaming authenticators to sign into any account on any device, thereby leaving passwords in the dust."

To read this article, click here.

 

 

Threat Detection Accelerates in Asia, Europe, as Notification Trends Shift

Published by Cybersecurity Dive 19 April 2022

"Global cyberattacks were discovered faster over the past year, driven largely by a rise in ransomware and greater use of third-party cybersecurity firms in Europe and the Asia-Pacific region, according to Mandiant’s 2022 M-Trends report.

"The global median dwell time, which measures the number of days a cyberattack goes undetected, fell to 21 days last year, down from 24 days in 2020, Mandiant found. The decrease was driven mainly by reductions in the Asia-Pacific region, where median dwell time dropped sharply to 21 days from 76 days. Dwell times fell in Europe, the Middle East and Africa (EMEA) declined to 48 days versus 66. In those regions, third-party sources detected the majority of cyberattacks, reversing a previous trend."

To read this article, click here.



 

Oracle Releases April 2022 Critical Patch Update

Published by Cybersecurity & Infrastructure Security Agency 19 April 2022

"Oracle has released its Critical Patch Update for April 2022 to address 520 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system."

To read this notice, click here.

 

 

 

CISA Releases Secure Cloud Business Applications (SCuBA) Guidance Documents for Public Comment

Published by Cybersecurity & Infrastructure Security Agency 18 April 2022

"CISA has released draft versions of two guidance documents—along with a request for comment (RFC)—that are a part of the recently launched Secure Cloud Business Applications (SCuBA) project:

  • Secure Cloud Business Applications (SCuBA) Technical Reference Architecture (TRA) 
  • Extensible Visibility Reference Framework (eVRF) Program Guidebook" 

"The public comment period for the RFC guidance documents closes on May 19, 2022."

To read this announcement, click here.

 

 

T-Mobile Sounds the Alarm Over Unblockable SMS Phishing Attacks

Published by Microsoft News Network 18 April 2022

"Mobile network operator T-Mobile has warned its users of an unblockable smishing campaign that aims to steal their personal information and passwords, or install malware.

"According to a BleepingComputer report, T-Mobile warned its users after the company was itself alerted by the New Jersey Cybersecurity / Communications Integration Cell (NJCCIC), an arm of the Office of Homeland Security and Preparedness working on cybersecurity threat analysis and incident reporting."

To read this article, click here.

 

 

Ransomcloud: Ransomware's Latest Manifestation Targets the Cloud

Published by Infosecurity Magazine 15 April 2022

"Within the mob of malware, ransomware is leading the pack. While other malicious software ransacks computer systems, ransomware goes further by making demands. It’s the age-old tactic of extortion but re-enacted in the digital world. As we’ve become more dependent on the internet, the playing field for this particular strain of malware has expanded immeasurably. At the same time, cybersecurity threats are growing – in 2020, malware and ransomware attacks increased by 358% and 435%, respectively – and are outpacing societies’."

To read this article, click here.

 



Washburn University, Rick Rescorla Homeland Security Lecture Series Featuring Jen Easterly, CISA Director

Published by Washburn University, 14 April 2022

"On April 14, 2022, Jen Easterly, Director of the U.S. Cybersecurity and Infrastructure Security Agency, joined Francis Q. Hoang, mcj '00, for a chat on the importance of cybersecurity and how the department works to defend against today's threats and collaborates with the private sector to build a more secure and resilient infrastructure."

To listen to the lecture, click here.

 

 

More Than 60% of Organizations Suffered a Breach in the Past 12 Months

Published by Dark Reading 13 April 2022

"The majority of companies — 63% — have suffered at least one breach in the past 12 months. The global average breach cost $2.4 million — a price tag that increases to $3.0 million for companies unprepared to respond to compromises.

"The new data from Forrester Research, released on April 8 in a report titled "The 2021 State Of Enterprise Breaches," found that the number of breaches and the cost of breaches varied widely depending on the geographic location of the business and to what degree the organization is prepared to respond to breaches. Companies in North America had the largest disparity between the haves and have-nots: While the average organization required 38 days to find, eradicate, and recover from a breach, companies that failed to adequately prepare for security challenges took 62 days."

To read this article, click here.

 

 

Ransomware Tracker: The Latest Figures [April 2022]

Published by The Record 10 April 2022

How many ransomware attacks are currently taking place?

Find out with this tracker, which is updated each month.  

To view the tracker, click here.

 

Your Digital Footprints are More Than a Privacy Risk – They Could Help Hackers Infiltrate Computer Networks

Published by The Conversation 8 April 2022

"When you use the internet, you leave behind a trail of data, a set of digital footprints. These include your social media activities, web browsing behavior, health information, travel patterns, location maps, information about your mobile device use, photos, audio and video. This data is collected, collated, stored and analyzed by various organizations, from the big social media companies to app makers to data brokers. As you might imagine, your digital footprints put your privacy at risk, but they also affect cybersecurity."

To read this article, click here.

 

 

VMware Releases Security Updates

Published by Cybersecurity & Infrastructure Security Agency 7 April 2022

"VMware has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system."

To read this notice, click here.

 

 

How QR Codes Work and What Makes Them Dangerous – A Computer Scientist Explains

Published by The Conversation 7 April 2022

Everyone should use caution when reviewing and capturing a QR code. Aircraft pilots who use a company-issued device should ensure that the code is safe to transfer. While the QR code is certainly a convenience when researching weather conditions or other aviation-related sites, they can also be harmful. Malevolent codes can route the user to an altogether different site, potentially infiltrating personal or company account information.

To read this article, click here.

 

 

Nearly Two-Thirds of Ransomware Victims Paid Ransoms Last Year

Published by TechRepublic 5 April 2022

"A concerning number of ransomware victims have paid their attackers to retrieve their data or devices, according to CyberEdge Group’s annual Cyberthreat Defense Report. The 2022 edition features a survey of 1,200 IT security professionals and found that a whopping 63% of those suffering from ransomware attacks last year ended up compensating the malicious parties responsible for the attacks."

To read this article, click here.

 

 

CISA Adds 66 Known Exploited Vulnerabilities to Catalog

Published by Cybersecurity & Infrastructure Security Agency 25 March 2022

"CISA has added 66 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise."

To read this notice, click here.

 

 

Senate Report Examines REvil Ransomware Attacks on US Firms

Published by The Record 24 March 2022

"The top Republican on the Senate Homeland Security Committee released a report early Thursday examining the approaches of three unnamed U.S. companies that were the targeted by the Russia-based ransomware group REvil.

"The report from Sen. Rob Portman (R-Ohio) follows warnings from several senior government officials — including President Biden himself — that Russian hackers might unleash a wave of digital attacks against American companies and critical infrastructure. '“Today, my Administration is reiterating those warnings based on evolving intelligence that the Russian Government is exploring options for potential cyberattacks,”' Biden said in a statement on Monday."

To read this article, click here.

 

 

FBI and FinCEN Release Advisory on AvosLocker Ransomware

Published by Cybersecurity & Infrastructure Security Agency 22 March 2022

"The Federal Bureau of Investigation (FBI) and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) have released a joint Cybersecurity Advisory identifying indicators of compromise associated with AvosLocker ransomware. AvosLocker is a ransomware-as-a-service affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors."

To read this advisory, click here.

 

 

Microsoft confirms Lapsus$ hackers stole source code via ‘limited’ access

Published by The Verge 22 March 2022

"The hacking group Lapsus$, known for claiming to have hacked NvidiaSamsung, and more, this week claimed it has even hacked Microsoft. The group posted a file that it claimed contains partial source code for Bing and Cortana in an archive holding nearly 37GB of data."

To read this article, click here.

 

 

OpenSSL Releases Security Updates

Published by Cybersecurity & Infrastructure Security Agency 17 March 2022

"OpenSSL has released security updates addressing a vulnerability affecting multiple versions of OpenSSL. An attacker could exploit this vulnerability to cause a denial-of-service condition."

To read the updates, click here.

 

 

CISA’s Zero Trust Guidance for Enterprise Mobility Available for Public Comment

Published by Cybersecurity & Infrastructure Security Agency 8 March 2022

"CISA has released a draft version of Applying Zero Trust Principles to Enterprise Mobility for public comment. The paper guides federal agencies as they evolve and operationalize cybersecurity programs and capabilities, including cybersecurity for mobility. The public comment period will close April 18, 2022."

To read this press release, click here.

 

 

Adobe Releases Security Updates for Multiple Products

Published by Cybersecurity & Infrastructure Security Agency 8 March 2022

"Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

"CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates."

To read the updates, click here.

 

 

Cloudflare, CrowdStrike and Ping Identity to Provide Free Cybersecurity to Vulnerable Industries

Published by Silicon Angle 7 March 2022

"Cloudflare Inc., CrowdStrike Holdings Inc. and Ping Identity Corp. today are teaming up to form the Critical Infrastructure Defense Project, a project that will provide free cybersecurity services to vulnerable industries."

To read this article, click here.

 

 

CISA Adds 11 Known Exploited Vulnerabilities to Catalog 

Published by Cybersecurity & Infrastructure Security Agency 7 March 2022

"CISA has added 11 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise."

To read this update, click here.

 

 

CISA Adds 95 Known Exploited Vulnerabilities to Catalog

Published by Cybersecurity & Infrastructure Security Agency 3 March 2022

"CISA has added 95 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the arrow on the of the "Date Added to Catalog" column, which will sort by descending dates."

To read this update, click here.

 

 

How to Prepare Employees for Elevated Cyber Risk from the Ukraine Crisis

Published by CIO Dive 3 March 2022

"As calls for peace sound from every corner of the globe, the Ukraine war continues. The conflict embodies several fronts, not the least of which is cyber warfare.

"Even in the days preceding Russia's Feb. 24 invasion, U.S. authorities said they had linked a spate of distributed denial-of-service attacks to Russia's government, according to Cybersecurity Dive. Later, observers began detecting a series of destructive malware on Ukrainian machines."

To read this article, click here.

 

 

Senate Approves Cyber Incident Reporting Bill Amid Worries About Russian Threats

Published by The Record 1 March 2022

"The Senate on Tuesday easily approved a bipartisan package of cybersecurity bills, including legislation that would require mandatory incident reporting for critical infrastructure firms.

"The swift passage — done by unanimous consent ahead of President Joe Biden’s State of the Union address — marks an about face from just months ago when the measure was stripped from the annual defense policy bill."

To read this article, click here.

 

 

How COVID-19 Accelerated the Demand for a Trust Framework

Published by IDC March 2022

"The aftermath of a global pandemic is forcing businesses and society in general to take stock of operational dynamics pre-pandemic, and see which of those continue to hold weight in a changed world."

To read this report, click here.

 

 

How HR Can Prepare for a Cyberattack

Published by Cybersecurity Dive 4 March 2022

"With the risk of cyberattacks on the rise due to the war in Ukraine, experts say HR teams should be increasingly vigilant for threats that will disrupt operations.

"Beyond phishing trainings and ransomware education, HR may feel divorced from cybersecurity concerns. In the event of an outage or attack, however, people operations managers will be the ones to put their companies back on track, serving as a key liaison between the IT department and company staff at large, so preparation is key."

To read this article, click here.

 

 

Ukraine Conflict Spotlights Business Need for Cyber Resilience

Published by CIO Dive 24 February 2022

"What the world saw Thursday: a land, air and sea attack by Russian forces into Ukraine. What enterprise IT executives heard: cyber risk is level red.

"Modern IT and supply chains are interlinked, and recent attacks have shown the potential financial and physical consequences. Military operations and cyberattacks Wednesday on Ukrainian government agencies and high-profile companies telegraphed a clear and present danger, especially for infrastructure and global businesses."

To read this article, click here.

 

 

Free Cybersecurity Services and Tools

Published by Cybersecurity & Infrastructure Security Agency 21 February 2022

"As part of our continuing mission to reduce cybersecurity risk across U.S. critical infrastructure partners and state, local, tribal, and territorial governments, CISA has compiled a list of free cybersecurity tools and services to help organizations further advance their security capabilities. This living repository includes cybersecurity services provided by CISA, widely used open source tools, and free tools and services offered by private and public sector organizations across the cybersecurity community. CISA will implement a process for organizations to submit additional free tools and services for inclusion on this list in the future."

To access the services, click here.

 

 

CISA Releases New Insight to Help Critical Infrastructure Owners Prepare for and Mitigate Foreign Influence Operations

Published by Cybersecurity & Infrastructure Security Agency 18 February 2022

"WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) released a new CISA Insight today, Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure, which provides critical infrastructure owners and operators with guidance on how to identify and mitigate the risks of influence operations that use mis-, dis-, and malinformation (MDM) narratives." 

To read this press release, click here.

 

 

Cybercrime Group Relentlessly Targets Aviation and Transportation Sectors for Years

Published by The Record 15 February 2022

"A little-known cybercrime group has been relentlessly targeting companies across several industry sectors, including aviation, defense, and transportation, since at least 2017, security firm Proofpoint said in a report published today.

"Tracked using the codename of TA2541, the group has been one of the most persistent threats in recent years, even if their attacks have been largely unsophisticated and have relied on infecting and deploying commodity malware on targets’ networks."

To read this article, click here.

 

 

National Science Foundation Adds 8 Universities to Cybersecurity Scholarship Program

Published by SC Media 15 February 2022

"The National Science Foundation has invested more than $29 million in scholarships over the next five years to eight universities as part of its CyberCorps Scholarship for Service (SFS) program to address the demand for cybersecurity professionals, especially for government agencies.

"Founded in 1998, as of December 2021, some 3,842 CyberCorps students have graduated from the program, and a total of 4,773 students have been enrolled in the program since its inception."

To learn more, click here.

 

 

CISOs Reveal Biggest Challenges for Security Teams

Published by InfoSecurity Magazine 10 February 2022

"The evolution of cyber-threats and the confluence of new systems and legacy systems are the most significant current challenges for security teams, according to a panel of CISOs speaking during a virtual event organized by HP Wolf Security."

To read this article, click here.

 

 

Microsoft 365 Phishing Attack Makes Comeback

Published by InfoSecurity Magazine 8 February 2022

"Microsoft 365 users are being tricked into exposing their credentials by a vintage phishing technique involving mislabeled files.

"According to cybersecurity researchers at Vade, malicious actors are dusting off Right-to-Left Override (RLO) attacks to trick victims into executing files with disguised extensions. When victims open the files, they are prompted to enter their Microsoft 365 login information."

To read this article, click here.

 

 

Cobalt Strike Targets VMware Horizon After UK Warnings of Log4Shell Threats

Published by Cybersecurity Dive 18 January 2022

"Days after NHS Digital researchers cautioned of Log4Shell-related threat activity against VMware Horizon, threat actors are exploiting the vulnerability to install Cobalt Strike implants in VMware Horizon servers, multiple U.S. firms warned."

To read this article, click here.

 

 

Feds Want Businesses to Report Cyberattacks — the Agency Doesn't Matter

Published by Cybersecurity Dive 14 January 2022

"As the Cybersecurity and Infrastructure Security Agency (CISA) becomes a more dominant player in private sector cyber response, organizations are still confused as to what federal agency cyber victims should contact first following an incident.

"CISA is responsible for asset response, or net defense and cyber resiliency, while the FBI and Secret Service are responsible for threat response investigations, said Bryan Vorndran, assistant director within the FBI's cyber division, speaking during the Incident Response Forum Ransomware on Thursday."

To read this article, click here.

 

 

Big Tech Pushes White House for Open Source Funding, Standards After Log4j

Published by Cybersecurity Dive 14 January 2022

"The White House convened an Open Source Software Security Summit Thursday, bringing together top national security and cyber officials to discuss ways to boost the open source software security following the Log4j vulnerability, which threatened millions of devices and applications."

To read this article, click here.

 

 

White House Hosts Open-Source Software Security Summit In Light Of Expansive Log4j Flaw

Published by Cyberscoop 13 January 2022

"Tech giants and federal agencies will meet at the White House on Thursday to discuss open-source software security, a response to the widespread Log4j vulnerability that’s worrying industry and cyber leaders.

"Among the attendees are companies like Apple, Facebook and Google, as well as the Apache Software Foundation, which builds Log4ja ubiquitous open-source logging framework for websites."

To read this article, click here.

 

 

FCC Seeks Stronger Breach Reporting Rules for Telecoms

Published by Cybersecurity Dive 13 January 2022

"The Federal Communications Commission is proposing changes to bolster data breach regulations for the U.S. telecommunications industry, including faster notification to customers and stronger law enforcement.

"The proposed regulations would cut the seven business day waiting period for customer notification, force firms to report inadvertent breaches and require companies immediately notify the FCC, the FBI and the U.S. Secret Service of a breach."

To read this article, click here.

 

 

Chairwoman Rosenworcel Circulates New Data Breach Reporting Requirements

Published by Federal Communications Commission 12 January 2022

"Today Federal Communications Commission Chairwoman Jessica Rosenworcel shared with her colleagues a Notice of Proposed Rule-making (NPRM) that would begin the process of strengthening the Commission’s rules for notifying customers and federal law enforcement of breaches of customer proprietary network information (CPNI). The updates would better align the Commission’s rules with recent developments in federal and state data breach laws covering other sectors."

To read this press release, click here.

 

 

Google Drive, OneDrive Top Cloud Apps for Malware Delivery: Report

Published by Cybersecurity Dive 12 January 2022

"Cloud apps are the leading malware distributor, overtaking web downloads, according to research from Netskope. The research is based on anonymized data collected from the Netskope Security Cloud between Jan. 1, 2020 to Nov. 30, 2021.

"Widespread adoption led cloud storage apps to account for 69% of malware downloads in 2021."

To read this article, click here.

 

 

Log4j Threat Activity Limited, But CISA Says Actors Lay In Wait

Published by Cybersecurity Dive 11 January 2022

"Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, said the agency has not yet seen the Log4j vulnerability used for significant intrusions but cautioned that sophisticated threat actors may be lying in wait for cybersecurity defenders to be caught off guard during a lower level of awareness."

To read this article, click here.

 

 

Phishing Lures Await In Google Docs Comments

Published by Cybersecurity Dive 10 January 2022

"Despite the increased use of productivity tools in the enterprise, email remains a favored attack vector for bad actors because credentials for platforms like Slack are less sought-after by cybercriminals. Attackers often initiate attacks from compromised email accounts."

To read this article, click here.

 

 

Log4Shell Threat Activity Targeting VMware Horizon, UK Researchers Warn

Published by Cybersecurity Dive 10 January 2022

"NHS Digital, an information technology partner for the U.K. health system, said threat actors are targeting Log4Shell vulnerabilities in VMware Horizon to to create web shells, which can be used to steal data, introduce additional malicious software or launch a ransomware attack." 

To read this article, click here.

 

 

Cybersecurity for the New Frontier: Reforming the Federal Information Security Management Act

Published by U.S. House Committee on Oversight and Reform 7 January 2022

"On January 11, 2022, at 10:00 a.m. ET, Rep. Carolyn B. Maloney, Chairwoman of the Committee on Oversight and Reform, will hold a remote hearing to examine strategies to strengthen the Federal Information Security Management Act (FISMA), which establishes the roles and responsibilities of federal agencies related to the security of federal information systems and data and requires compliance with cybersecurity standards."

To view this hearing, click here.

 

 

Deposits to Illicit Crypto Addresses Nearly Doubled in 2021, Chainalysis Finds

Published by Cyberscoop 6 January 2022

"Cryptocurrency-based crime hit a new all-time high in 2021, researchers at Chainalysis said in a report published Thursday.

"According to the report, illicit addresses tracked by Chainalysis received $14 billion in deposits over the course of 2021, almost double the amount they collected in 2020."

"To read this article, click here.

 

 

NY Attorney General Probes Widespread Credential Stuffing, 17 Companies Affected

Published by Cybersecurity Dive 6 January 2022

"Credential stuffing works because it preys on reused passwords, a common practice for personal and professional online accounts."

To read this article, click here.

 

 

Partially Unpatched VMware Bug Opens Door to Hypervisor Takeover

Published by Threatpost 6 January 2022

"A security vulnerability in VMware’s Cloud Foundation, ESXi, Fusion and Workstation platforms could pave the way for hypervisor takeover in virtual environments – and a patch is still pending for some users."

To read this article, click here.

 

 

Malsmoke Hackers Abuse Microsoft Signature Verification in ZLoader Cyberattacks

Published by ZDNet 5 January 2022

"The Malsmoke hacking group is now abusing a vulnerability in Microsoft's e-signature verification tool to deploy malware and steal user data.

"On Wednesday, Check Point Research (CPR) said that as of now, over 2,100 victims have been detected worldwide in a new campaign, with the majority resident in the United States, Canada, and India – although evidence of the malware has been found in 111 countries."

To read this article, click here.

 

 

FTC Threatens Enforcement on Firms Lax About Log4j Vulnerability

Published by Cybersecurity Dive 5 January 2022

"The FTC action underscores a commitment by federal regulators to ensure a more secure environment for enterprise and consumer software, according to legal experts and industry analysts."

To read this article, click here.

 

 

Log4j Threats Expected to Play Out Well Into 2022

Published by CIO Dive 4 January 2022

"Security researchers say the longer term effects of Log4j are just beginning to play out across the industry.

"As we move into 2022 we are seeing the ripples on the effects of the Log4j critical vulnerability being the new preferred threat vector for cybercriminals," said Chuck Everette, director of cybersecurity advocacy at Deep Instinct."

To read this article, click here.

 

 

What You Missed from the Log4j Holiday Cleanup

Published by Politico 3 January 2022

Hackers leveled several cyber attacks in time for festive events across the globe. 

Gaps in the Log4j program created a doorway for these threat actors. Advisories were sent out via numerous agencies.

To read this article, click here.

 

 

Data Security and Privacy with the Privacy Professor

Published by VoiceAmerica Internet Talk Radio January 2022

"There are more information security and privacy threats than ever before. As more technologies emerge, more surveillance tactics are used, and more artificial intelligence systems are deployed, cybersecurity and privacy risks grow exponentially. Rebecca has spent her entire career working to improve information security and privacy protections, by not only raising awareness of the issues within businesses and other types of organizations, but also by raising the awareness of these risks in the public and helping them to understand how to better protect their own personal data, allowing them to take their privacy protections into their own hands."

To select and listen to an episode, click here.

 

 

An Inside Look At How CISA Is Building An Agency For Elite Cybersecurity Talent

Published by The Record 26 December 2021

"Dave Bittner: The Cybersecurity and Infrastructure Security Agency, better known as CISA, was spun up in 2018 operating under the Department of Homeland Security. In July of 2021, Jen Easterly was confirmed by the US Senate as Director of CISA, and under her leadership the organization has continued its efforts toward public-private partnerships in cybersecurity. CISA recently established the Joint Cyber Defense Collaborative, an effort by the agency to lead the development of proactive cyber defense operation plans. Kiersten Todt is Chief of Staff at the Cybersecurity and Infrastructure Security Agency, and she joins us with insights on CISA’s efforts…"

To read this interview, click here.

 

 

Harris Calls for 'Cyber Doctrine' to Address Increasing Attacks

Published by The Hill 22 December 2021

During a recent television broadcast, the Vice President of the United States, Kamala Harris, emphasized her collaboration with one leader of another country in mitigating cyber attacks. 

She "is calling for a "cyber doctrine" and greater international coordination to address cybersecurity concerns after a year of mounting attacks." 

To read this article, click here.

 

 

Taking Legal Action Against Phishing Attacks

Published by Meta 20 December 2021

"Today, we filed a federal lawsuit in California court to disrupt phishing attacks designed to deceive people into sharing their login credentials on fake login pages for Facebook, Messenger, Instagram and WhatsApp. Phishing is a significant threat to millions of Internet users."

To read this article, click here.

 

 

2021 Was the Year Cybersecurity Became Everyone's Problem

Published by Axios 17 December 2021

Some individuals or companies can fall victim to a cyberattack when an abrasion of assurance in some institutions occurs.

In order to combat these attacks, and others like them, a global agreement may be the answer, per subject matter experts.

To read this article, click here.

 

 

Experts: All Breach Victims Should Freeze Credit

Published by Infosecurity Magazine 16 December 2021

Have you recently learned that your bank or credit account has been compromised? If so, there is an important step that you should take immediately. 

Even your children's accounts could be affected. In any case, threat actors can be stopped by a simple step that costs nothing. 

To read this article, click here.

 

 

Facebook Bans 7 'Surveillance-For-Hire' Companies That Spied On 50,000 Users

Published by National Public Radio 16 December 2021

Pseudo social media accounts were constructed by "surveillance for hire" firms as a means to conduct online monitoring without peoples' knowledge. The actions caused Facebook and other large platforms to prohibit the companies' access.

To read this article, click here.

 

 

One Year Later: Has SolarWinds Changed How Industry Builds Software?

Published by Cybersecurity Dive 14 December 2021

"The SolarWinds hack caused government and industry leaders to rethink how software is made and secured, giving rise to close scrutiny of the software supply chain."

To read this article, click here.

 

 

Kronos Hack Will Likely Affect How Employers Issue Paychecks and Track Hours

Published by National Public Radio 14 December 2021

"A ransomware attack on one of the largest human resources companies may impact how many employees get paid and track their paid time off.

"Human resources management company Ultimate Kronos Group (known as Kronos) said it suffered a ransomware attack that may keep its systems offline for weeks.

"Companies that rely on the software are working to find backup plans to ensure their employees are paid — including issuing paper checks, some for the first time in years."

To read this article, click here.

 

 

“Worst-Case Scenario” Log4j Exploits Travel the Globe

Published by Infosecurity Magazine 13 December 2021

Subject matter experts in the cyber industry are recommending that businesses and individuals should take stock of their operating systems. The number of attack attempts by Log4j and the susceptibility of some companies' networks has been brought to light over recent weeks. 

To read this article, click here.

 

 

CISA Holds Inaugural Meeting of New Cybersecurity Advisory Committee

Published by Cybersecurity & Infrastructure Security Agency 10 December 2021

"WASHINGTON - Today, the Cybersecurity and Infrastructure Security Agency (CISA) held its first meeting for newly appointed members of the Agency’s Cybersecurity Advisory Committee. Members discussed Committee objectives and initiatives, received a classified threat briefing, elected Committee leadership, and established subcommittees to focus on key objectives.

"CISA Director Jen Easterly chaired the meeting and was pleased to be joined by Deputy Secretary of Homeland Security John Tien and National Cyber Director Chris Inglis who helped kick off a discussion of the group’s core objectives and priorities."

To read this press release, click here.

 

 

Homeland Secretary and Top Cybersecurity Officials Meet with Silicon Valley Leaders to Stress Cybersecurity Priorities

Published by U.S. Department of Homeland Security 7 December 2021

"SAN FRANCISCO – Secretary of Homeland Security Secretary Alejandro N. Mayorkas, National Cyber Director Chris Inglis, Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly, and DHS Under Secretary for Policy Rob Silvers met yesterday with industry leaders in technology, business, and cybersecurity to discuss how the federal government and the private sector can better and more proactively partner to tackle the most pressing cybersecurity challenges."

To read this press release, click here.

 

 

 

Before the United States House of Representatives Committee on Transportation and Infrastructure: the Evolving Cybersecurity Landscape: Federal Perspectives on Securing the Nation's Infrastructure

Published by Federal Aviation Administration 2 December 2021

Larry Grossman, Chief Information Security Officer

Written Testimony

"Good morning Chair DeFazio, Ranking Member Graves, and Members of the Committee:

"Thank you for the opportunity to be here with you today to discuss the Federal Aviation Administration’s (FAA) approach to cybersecurity, both in terms of how the FAA addresses cybersecurity matters internally and how the FAA interacts with the aviation community on cybersecurity matters."

To read this testimony, click here.

 

 

Ransomware Attacks Are on the Rise. These Are the Industries Most at Risk

Published by World Economic Forum 26 November 2021

"Yaroslav Vasinskyi, a member of now-defunct hacker group REvil and alleged orchestrator behind the ransomware attack against U.S. tech company Kaseya, has been charged by the Department of Justice after his arrest in Poland last month. The hack, which targeted approximately 1,500 businesses and resulted in ransom demands totaling $70 million according to TechCrunch, is only one of several hundred publicized ransomware attacks in 2021 as our chart indicates."

To read this article, click here.

 

 

 

Vulnerability Summary for the Week of November 15, 2021

Published by Cybersecurity & Infrastructure Security Agency 22 November 2021

"The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available."

To read this bulletin, click here.

 

 

Fake Emails Sent From FBI Server Linked to “Ethical Hacker”; Security Researcher Accuses Him of Secret Double Life as a “Black Hat” Criminal

Published by CPO Magazine 19 November 2021

"If one were to gain illicit access to the Federal Bureau of Investigation’s email servers, there are countless more valuable possibilities than using it to make fun of a particular cybersecurity researcher. But that is exactly what appeared to happen last week, as a blast of thousands of fake emails from ic.fbi.gov named security professional and author Vinny Troia as a member of TheDarkOverlord hacking group and the perpetrator of a botnet attack."

To read this article, click here.

 

 

Hackers in Syria, Pakistan Taken Down by Meta After Sustained Cyber Attacks

Published by Middle East Monitor 18 November 2021

"The social media company Meta – previously known as Facebook – has taken down four malicious cyber hacking networks operating in Syria and Pakistan, which targeted Syrian opposition elements and governmental entities in Afghanistan."

To read this article, click here.

 

 

Iran is ‘Leapfrogging Our Defenses’ in a Cyber War ‘My Gut Is We Lose’: Hacking Expert Kevin Mandia

Published by CNBC 18 November 2021

"On Thursday, a federal grand jury indicted two Iranian hackers for election interference that included obtaining confidential voter information from at least one state’s election website for a cyber-based disinformation campaign targeting 100,000 Americans. Earlier this week, the U.S. government warned that Iranian hackers also have been on the ransomware offensive.

"To Kevin Mandia, the CEO of cybersecurity firm Mandiant, Iran’s success in the hacking realm is no surprise, as the nation has been upping its cyber-offensive capabilities for years to take advantage of U.S. weaknesses."

To read this article, click here.

 

 

Why Cyber Crime Groups Are Some of the World’s Most Effective Startups

Published by Information Age 17 November 2021

"Keiron Holyome, vice-president EMEA at BlackBerry, explores how the top cyber crime groups are deploying talent and technology that some startups can only dream of.

"In today’s business landscape, competition is tough. There will always be competitors looking for you to falter so they can capitalise on your success. However, there is one industry that poses arguably the greatest threat of all. One that attracts young talent, is well-attuned to social issues like politics and health, and seizes trends like the subscription model, mobile banking and cryptocurrency."

To read this article, click here.

 

 

In Alabama, Training for Cyber Crime and Competing in War Games

Published by The Wall Street Journal 16 November 2021

Whether it is a drone used for malicious purposes, or a computer employed as a means to deliver a dangerous virus, cyber crime affects everyone. As such, the need to understand and respond to cyber crime has extended to local law enforcement agencies and officers. 

Recently, local law enforcement "students" participated in a cyber war game, practiced neutralizing a live harmful virus and engaged in other educational activities hosted by federal agents from the U.S. Secret Service. 

To read this article, click here.

 

 

In a Quantum Future, Our Economy Needs to Be Protected. A Cyber Security Expert Explains Why

Published by World Economic Forum 10 November 2021

"The privacy of online communication is currently protected by cryptography, which shields information as it travels around the internet. It secures everything from making online purchases to accessing work email remotely. With capabilities of quantum computing growing rapidly, industry experts reckon that it will take at least another 10 years before quantum computers with very large numbers of qubits are available."

To read this article, click here.

 

 

A Ransomware Reality Check for CISOs

Published by Help Net Security 3 November 2021

"The rising tide of ransomware attacks targeting critical infrastructure sectors has reached unprecedented heights. Now at the top of many CISOs’ agendas, a confluence of technical, legal, ethical, and regulatory shifting winds is making this scourge on industrial environments increasingly difficult to navigate."

To read this article, click here.

 

 

Which Technologies Are Transforming Airport Security?

Published by Security Informed.com 26 October 2021

"Air travel is returning to pre-pandemic levels. COVID and its aftermath have added new compliance and operational concerns for airport security, and social and political volatility around the world emphasises the need for constant vigilance. A range of new technologies are enhancing airport security, not to mention providing new tools to simplify processes throughout the airport. We asked our Expert Panel Roundtable: Which technologies are transforming airport security?" 

To read this article, click here.

 

 

Cybersecurity Awareness Month Resources

Published by Cybersecurity & Infrastructure Security Agency 25 October 2021

"During Cybersecurity Awareness Month, the following resources are invaluable tools for reducing cybersecurity risks and protecting yourself online. Use these resources in your communities and share them with your stakeholders throughout the year to encourage strong, nationwide cybersecurity. These materials are free and may be modified to meet your needs."

To access the resources list, click here.

 

 

US FCC Commissioner Calls to Ban Chinese Drone Maker DJI

Published by Insider Paper 20 October 2021

Steps have been taken by several branches of the U.S. government to eliminate the use of drones manufactured by a Chinese company. 

Now, a request has been made by the US FCC Commissioner to ban the use of federal funds for the purchase of the company's drones, citing national security concerns. 

To read this article, click here.

 

 

Joint Statement of the Ministers and Representatives From the Counter Ransomware Initiative Meeting October 2021

Published by The White House 14 October 2021

"Having gathered virtually on October 13 and 14 to discuss the escalating global security threat from ransomware, we the Ministers and Representatives of Australia, Brazil, Bulgaria, Canada, Czech Republic, the Dominican Republic, Estonia, European Union, France, Germany, India, Ireland, Israel, Italy, Japan, Kenya, Lithuania, Mexico, the Netherlands, New Zealand, Nigeria, Poland, Republic of Korea, Romania, Singapore, South Africa, Sweden, Switzerland, Ukraine, United Arab Emirates, the United Kingdom, and the United States recognize that ransomware is an escalating global security threat with serious economic and security consequences."

To read this article, click here.

 

 

U.S. Unveils New Cybersecurity Requirements for Rail, Air

Published by Homeland Security News Wire 7 October 2021

"DHS has unveiled new measures to make sure the U.S. air and surface transportation sectors will not be crippled by ransomware or cyberattacks. The new measures will apply to “higher risk” rail companies, “critical” airport operators, and air passenger and air cargo companies.

"The United States is taking new steps to make sure the country’s air and surface transportation sectors will not be crippled by ransomware or cyberattacks."

To read this article, click here.

 

 

White House to Convene 30-Country Cybersecurity Meeting

Published by ZDNet 1 October 2021

"President Biden said in a statement Friday that the White House plans to convene a 30-country meeting this month to address cybersecurity."

"The topics of the meeting, Biden said, will include combating cybercrime, improving law enforcement collaboration, stemming the illicit use of cryptocurrency, building trusted 5G technology and better securing supply chains."

To read this article, click here.

 

 

Protecting Aircraft Networks From Cybersecurity Breaches

Published by AIN Online 1 October 2021

The data applications used on general aviation aircraft, including SATCOM, an acronym for satellite communications, can be as vulnerable as any other network connection. Many cybersecurity technology companies are working to alleviate threat potential. Phishing has become a particularly popular hacking method. Online conversations on private aircraft are of interest to threat actors, who can then gain access to corporate proprietary information.

To read this article, click here.

 

 

AT&T Phone-Unlocking Malware Ring Costs Carrier $200M

Published by Threat Post 17 September 2021

"With the help of malicious insiders, a fraudster was able to install malware and remotely divorce iPhones and other handsets from the carrier’s U.S. network — all the way from Pakistan.

"The ringleader of a seven-year phone-unlocking and malware scheme will head to the clink for 12 years, according to the Department of Justice, after effectively compromising AT&T’s internal networks to install credential-thieving malware."

To read this article, click here.

 

 

Cyber Arms Dealer Exploits New Apple iPhone Software Vulnerability That Affects Most Versions, Watchdog Group Says

Published by CNBC 13 September 2021

A company in Israel is under scrutiny at a high government level. A nearly undetectable method of cybercrime has recently plagued software giant, Apple. To thwart problems for their clientele, Apple's experts had to work quickly.

To read this article, click here.

 

 

#HowTo: Defend Against Increasingly Convincing Phishing Attacks

Published by Infosecurity Magazine 13 September 2021

"Phishing attacks have been written about since at least the late 1980s, yet their impact on business has never been so big. Crime statistics published by the FBI show that social engineering — which includes phishing — was the top digital crime by victim count in 2020, causing over $54m of losses. But the total harm caused by phishing is likely far larger because about a quarter of ransomware incidents begin with a phishing email. Conceived initially to trick users into disclosing login credentials and other sensitive information, phishing in recent years has been more commonly used to infect computers with malware by tricking people into opening malicious links and documents."

To read this article, click here.

 

 

National Insider Threat Awareness Month Focuses On Workplace Culture

Published by Homeland Security Today 3 September 2021

"The NITAM campaign seeks to encourage employees in government and the private sector to recognize behaviors of concern and report them so early intervention can occur.

"The National Counterintelligence and Security Center (NCSC), the National Insider Threat Task Force (NITTF), the Office of the Under Secretary of Defense Intelligence and Security, the Defense Counterintelligence and Security Agency, and the Department of Homeland Security launched the third-annual “National Insider Threat Awareness Month” (NITAM).

"NITAM is an annual, month-long campaign during September to educate government and industry about the risks posed by insider threats and the role of insider threat programs.  Federal insider threat programs are composed of multi-disciplinary teams that address insider threats while protecting privacy and civil liberties of the workforce; maximizing organizational trust and ensuring positive work cultures that foster diversity and inclusion."

To read this article, click here.

 

 

LockFile Ransomware Uses Never-Before Seen Encryption To Avoid Detection

Published by Threat Post 31 August 2021

Once a cyber attack has occurred, mitigating it becomes complicated. Corporate and other business operations may be at an even higher risk due to ever-evolving threat mechanisms.  

For read this article, click here.

 

 

Man Robbed of 16 Bitcoin Sues Young Thieves’ Parents

Published by Krebs on Security 25 August 2021

As buyers make investments online, sometimes the result is not what the user bargained for. Unlike conventional banking institutions’ policies, theft protection is not always available for online, unconventional purchases. In this example of cybercrime, the costly process of flushing out the culprits took years.

To read this article, click here.

 

 

BRICS NSAs Discuss Strengthening Cooperation On Counter-Terrorism, Cyber Security

Published by Rebublicworld.com 24 August 2021

Several countries met recently to discuss important security and political ideas. Cybersecurity is always a concern and information-sharing is key to successful threat intervention. 

To read this article, click here.

 

 

Senate Measure Seeks Report on GPS Vulnerabilities

Published by AINonline 23 August 2021

The need for a systems contingency plan is more important than ever. Some government entities have been asked to review what could happen during a GPS service disruption. A collaborative effort is underway between agencies to understand the service gaps.

To read this article, click here.

 

 

DOT and DHS Release Ransomware Warning Letter

Published by U.S. Department of Transportation & U.S. Department of Homeland Security August 2021

The U.S. Department of Transportation (DOT) and the U.S. Department of Homeland Security (DHS) has issued the following letter concerning ransomware:

"Dear Owners and Operators of the Transportation Systems Sector,"

"We write to express our grave concerns about the growing threat posed by malicious cyber actors and to urge you to take steps today to protect yourself from a ransomware attack before you become a victim. As you no doubt are aware, malicious hackers have targeted critical infrastructure, including hospitals, pipelines, food processing facilities, and water utilities, as well as police departments, community banks, and schools."

"These attacks directly impact Americans' daily lives, our economy, and the security of our Nation. Roughly $350 million in ransom was paid to malicious cyber actors in 2020, a more than 300% increase from the previous year. There have already been multiple notable ransomware attacks in 2021. Importantly, the majority of ransomware victims are small businesses for whom an attack is an existential threat."

"It is critical that you have the information you need to protect yourself. Earlier this month, the United States Government launched StopRansomware.gov, which provides a one-stop shop with best practices from across the federal government to protect against ransomware, clear guidance on how to report attacks, and the latest ransomware-related alerts from participating agencies. It is the first such central hub by the federal government and includes resources and content from the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Secret Service, the Department ofJustice's FBI, the Department of Commerce's NIST, and the Departments of the Treasury and Health and Human Services."

"Tackling this challenge requires collaboration across every level of government, the private sector, and our communities. Many organizations have yet to adequately protect their networks. Like many cyber-attacks, ransomware exploits the weakest link. StopRansomware.gov provides basic information that can help you take simple steps to protect your networks against ransomware and other malicious cyber activity. We encourage you to visit this website and take advantage of the tips and resources that can, collectively, better protect your organization and our Nation from cyber threats."

To download a copy of this letter, click here

 

 

DemonWare Solicits Staff to Deploy Ransomware

Published by Infosecurity Magazine 20 August 2021

Know your employees and understand their susceptibility. Proactive security awareness training can protect users from ransomware attacks.  

To read this article, click here.

 
 
 

Why Three Random Words Make the Best Passwords

Published by Homeland Security Today 9 August 2021

Creating passwords is like playing chess with cyber hackers. The wrong move could put your data under attack. One way to thwart online criminals is using a three- random-word sequence, cyber experts say.

To read this article, click here.

 

 

Top 5 Mobile Device Security Tips

Published by Infosecurity Magazine 7 August 2021

Mobile device technology has advanced significantly over the past decade, in many instances, replacing the traditional computer. Having so much data stored on these devices increases their vulnerability, but there are ways to keep these devices secure.

To read this article, click here.

 

 

CISA Launches New Joint Cyber Defense Collaborative

Published by Cybersecurity & Infrastructure Security Agency 5 August 2021

"WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) announced the standup of the Joint Cyber Defense Collaborative (JCDC) today, a new agency effort to lead the development of cyber defense operations plans, and to execute those plans in coordination with partners from the federal interagency, private sector, and state, local, tribal, territorial (SLTT) government stakeholders to drive down risk before an incident and to unify defensive actions should an incident occur."

To read this announcement, click here.

 

 

NSA Issues Guidance On Securing Wireless Devices In Public Settings

Published by National Security Agency 29 July 2021

Many people rely on public Wi-Fi and Bluetooth connections to run their laptops and mobile devices, but don't realize this makes their devices more vulnerable to cyber threats. To "help National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) teleworkers identify potential threats," a new cybersecurity information sheet has been published by the National Security Agency (NSA).

To read this announcement, click here.

 

 

Shifting the Cyber Mindset From ‘Assume Breach’ to ‘Breach Prevention’ Is Critical in Next Three Years, Say 91 Percent of Government Cyber Leaders

Published by Homeland Security Today 28 July 2021

From local to federal organizations, over 300 cybersecurity leaders filled out a survey, providing an insight into how organizations overall are approaching risk management and cybersecurity.

To read this article, click here.

 

 

U.S. Government Releases Indictment And Several Advisories Detailing Chinese Cyber Threat Activity

Published by Cybersecurity & Infrastructure Security Agency 19 July 2021

As today’s announcement from the White House indicates, the cyber threat from the People’s Republic of China (PRC) continues to evolve and poses a real risk to the nation’s critical infrastructure, as well as businesses and organizations of all sizes at home and around the world. The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with National Security Agency (NSA) and Federal Bureau of Investigation (FBI), published new advisories to help organizations assess and harden their networks against malicious Chinese state-sponsored cyber actors.

First, CISA, NSA, and FBI published a Joint Cybersecurity Advisory (CSA) to detail various Chinese state- sponsored cyber techniques used to target U.S. and Allied networks. This advisory, “Chinese State-Sponsored Cyber Operations: Observed TTPs”, is a deep dive into the techniques used when targeting U.S. and Allied networks.

Second, CISA and FBI published a Joint Cybersecurity Advisory on a Chinese Advanced Persistent Threat (APT) group known in open-source reporting as APT40. This advisory provides APT40’s tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help cybersecurity practitioners identify and remediate APT40 intrusions and established footholds. This accompanies action by the U.S. Department of Justice (DOJ) today with unsealing indictments against four APT40 cyber actors for their illicit computer network exploitation (CNE) activities via front company Hainan Xiandun Technology Development Company (Hainan Xiandun).

Third, “CISA Insights: Chinese Cyber Threat Overview for Leaders” is a joint analysis from CISA, FBI, and NSA that provides recommendations to organizational public and private sector leadership to reduce the risk of cyber espionage and data theft from Chinese state-sponsored cyber actors. Chinese state-sponsored cyber actors aggressively target U.S. and Allied political, economic, military, educational, and critical infrastructure (CI) personnel and organizations to steal sensitive data, emerging and key technology, intellectual property, and personally identifiable information (PII).

CISA also encourages users and administrators to review the blog post, Safeguarding Critical Infrastructure against Threats from the People’s Republic of Chinaby CISA Executive Assistant Director Eric Goldstein and the China Cyber Threat Overview and Advisories webpage.

CISA continues to work with our partners – both at home and abroad – to assess and identify malicious cyber activity by state-sponsored or criminals and provide the actionable information to our partners so they can protect their organization.

 

 

Phishing Continues to be One of the Easiest Paths for Ransomware

Published by ZD Net 15 July 2021

Cyber criminals routinely use phishing emails to find a way into a company's network. While phishing emails can often be easily identified, criminals are changing the game by creating ones that look legitimate in every way.

To read this article, click here.

 

 

United States Government Launches First One-Stop Ransomware Resource at StopRansomware.gov

Published by U.S. Department of Homeland Security 14 July 2021

"StopRansomware.gov establishes a one-stop hub for ransomware resources for individuals, businesses, and other organizations. The new StopRansomware.gov is a collaborative effort across the federal government and the first joint website created to help private and public organizations mitigate their ransomware risk."

To read this press release, click here.

 

 

The Aviation Industry Needs to Move Towards Cyber Resilience

Published by Tripwire 5 July 2021

All elements of aviation (e.g.; aircraft manufacturers, operators, airports) must work together to address current and emerging cyber risks, according to a new report put out by the World Economic Forum. "This report includes recommendations on three levels: international, national and organizational."

To read this article, click here.

 

 

Cyber Insurance Isn't Helping with Cybersecurity, and It Might Be Making the Ransomware Crisis Worse, Say Researchers

Published by ZD Net 28 June 2021

A group of cybersecurity researchers are recommending that cyber insurance companies require their clients to put certain controls in place to prevent a ransomware attack, in a new paper. The paper also states: "Cyber insurers may be unintentionally facilitating the behaviour of cyber criminals by contributing to the growth of targeted ransomware operations." 

To read this article, click here.

 

 

Bad Practices

Published by Cybersecurity & Infrastructure Security Agency

Not sure if your company implements strong cybersecurity safety practices? This new list of bad practices from the Cybersecurity & Infrastructure Security Agency (CISA) may help.

For details, click here.

 

 

Most Firms Face Second Ransomware Attack After Paying Off First

Published by ZDNet 8 June 2021 

Kidnapping someone and holding them for ransom is a practice that can be traced back hundreds of years, and it is popular with several criminal organizations today as a source of easy money. Likewise, cyber criminals have found that holding data for ransom can be lucrative and often target victim companies again after they pay the money. 

To read this article, click here

 
 
 
 

This is How Fast a Password Leaked on the Web Will Be Tested Out by Hackers

Published by ZDNet 8 June 2021 

A famous crime-fighting superhero has been quoted as saying that crime never sleeps. This appears to be especially true for cyber criminals as one group of researchers discovered recently. 

To read this article, click here

 
 
 
 

#RSAC: Solving the Ransomware Scourge Requires a Coordinated Effort

Published by InfoSecurity magazine 18 May 2021 

RSA Security LLC recently held its annual conference and one of the topics discussed was ransomware. During the discussion, experts within this field agreed that to really discourage those who are engaging in this criminal activity, it is important for government agencies and governments to join forces. 

To read this article, click here

 
 
 
 

10 Essential Steps to Cyber Resilience as Hackers Target Critical Infrastructure

Published by Homeland Security Today 18 May 2021 

Cyberattacks are commonplace nowadays and while there are many things a company can do to lower their risk, they should have a plan on what to do if they are targeted. 

To read this article, click here

 
 
 
 

NIST Releases Tips and Tactics for Dealing With Ransomware

Published by National Institute of Standards and Technology 13 May 2021 

Ransomware has become a common tactic in cybersecurity attacks, leaving companies with limited options. To help organizations mitigate their risk of becoming a victim, the National Institute of Standards and Technology (NIST), has put together a collection of recommendations and tips. 

To read this article, click here

 

 
 
 

#WorldPasswordDay: Five Tips to Make Passwords Secure AND Convenient

Published by Infosecurity magazine 6 May 2021 

How strong are the passwords you use? It is estimated by cybersecurity experts that many people are still relying on words or number combinations anyone could guess. Here are 5 tips that could help you utilize passwords effectively. 

To read this story, click here

 

 
 
 

HSI Investigation Leads to Seizure of 9th Fraudulent Website Seeking to Capitalize on COVID-19

Published by Homeland Security Today 5 May 2021 

Cyber criminals are always looking for new opportunities to capture personal information from victims. The COVID-19 pandemic is one such opportunity and law enforcement agencies have been kept busy trying to shut these groups down.

To read this story, click here

 
 
 
 

Can the Aviation Community Stop a Cyber Attack from Taking Off?

Published by Homeland Security Today 16 April 2021 

2021 has been designated as a Year of Security Culture (YOSC) by the International Civil Aviation Organization (ICAO), a continuation from last year. In November of 2020, ICAO released its first Cybersecurity Action Plan and this plan was one of the discussion points at a recent virtual cybersecurity event.

To read this story, click here

 
 
 
 

Over 90% of Organizations Hit by a Mobile Malware Attack in 2020

Published by InfoSecurity 12 April 2021 

Before downloading an application onto a mobile device, it is always advisable to research that application and verify it is not a malicious one. A new study shows just how prevalent malware attacks targeting mobile devices are.  

To read this story, click here

 
 
 
 

Responding to a Cybersecurity Incident

Published by Cybersecurity Guide 

Have you encountered issues while logging into your account, seen your device suddenly turn off and back on, or experienced mysterious changes to your files? You could be experiencing a cyber attack. Learn how to mitigate your risk and identify the signs. 

To read this story, click here

 
 
 
 

Ransomware Attacks Grew by 485% in 2020

Published by Infosecurity Magazine 6 April 2021

2020 was a year of transition; companies moved workers to remote status and began relying more heavily on video conferencing tools to communicate with them. Millions of people installed medical applications on their devices to stay informed on the COVID-19 pandemic.

Hackers were paying attention to these new trends and using them as a way to increase malware attacks, according to a new report.

To read this story, click here

 

 
 
 

Joint Cybersecurity Advisory: APT Actors Exploit Vulnerabilities to Gain Initial Accessfor Future Attacks

Published by Cybersecurity & Infrastructure Security Agency 2 April 2021

SUMMARY

In March 2021 the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) observed Advanced Persistent Threat (APT) actors scanning devices on ports 4443, 8443, and 10443 for CVE-2018-13379, and enumerated devices for CVE-2020-12812 and CVE-2019-5591. It is likely that the APT actors are scanning for these vulnerabilities to gain access to multiple government, commercial, and technology services networks. APT actors have historically exploited critical vulnerabilities to conduct distributed denial-of-service (DDoS) attacks, ransomware attacks, structured query language (SQL) injection attacks, spearphishing campaigns, website defacements, and disinformation campaigns.

To download this advisory, click here

 

 
 
 

What is a VPN and Why do You Need One? Everything You Have to Know

Published by ZDNet 26 March 2021 

Virtual Private Networks, commonly referred to as VPNs, is a term that is often heard these days. Companies rely on VPNs for employees working remotely or traveling, but there are some good reasons why everyone should consider using one. 

To read this article, click here. 

 
 
 

This Company was Hit by Ransomware. Here's What they Did Next, and Why They Didn't Pay Up

Published by ZDNet 25 March 2021

Ransomware has become a profitable business for cyber criminals; hacking a large company’s network can result in millions of dollars. One company decided it wouldn’t give in to the hackers' demands. 

To read this article, click here

 
 
 
 

What is Cyber Insurance? Everything You Need to Know About What it Covers and How it Works

Published by ZDNet 25 March 2021

Did you know the concept of insuring against risks to property or persons dates back to 1347? Insurance has come a long way since then. Now, companies can purchase some form of protection in the event of a hacking or cyberattack.

To learn more about cyber insurance, click here

 

 
 
 

Foreign Nationals Sentenced for Roles in Transnational Cybercrime Enterprise

Published by United States Department of Justice 19 March 2021

The internet is a global tool we have come to rely heavily on, especially for storing personal and sensitive information. It is also a way for criminal organizations to make money. One organization, run for over seven years, was called Infraud. Now two of its members are serving time in prison after pleading guilty. 

To read this press release, click here

 
 
 
 

FBI Releases the Internet Crime Complaint Center 2020 Internet Crime Report, Including COVID-19 Scam Statistics

Published by FBI 17 March 2021

Have you been the victim of an internet crime? Online extortion, non-payment/non-delivery scams and phishing scams were the top three categories of internet crime reported to the FBI in 2020. More than ever, it’s important to educate yourself and take steps to mitigate your risk.

To read this report, click here

 
 
 
 

FBI-CISA Joint Advisory Plus Two Additional Important Cyber Notices

Published by Cybersecurity & Infrastructure Security Agency 10 March 2021

Three new notices have been released by the Cybersecurity & Infrastructure Security Agency (CISA):

  1. FBI-CISA Joint Advisory on Compromise of Microsoft Exchange Server

Today (3/10), CISA and the Federal Bureau of Investigation (FBI) released a Joint Cybersecurity Advisory to address recently disclosed vulnerabilities in Microsoft Exchange Server. CISA and FBI assess that adversaries could exploit these vulnerabilities to compromise networks and steal information, encrypt data for ransom, or even execute a destructive attack. The Joint Cybersecurity Alert places the malicious cyber actor activity observed in the current Microsoft Exchange Server product compromise into the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework.

CISA recommends organizations to review Joint CSA: AA-21-069 Compromise of Microsoft Exchange Server as well as the CISA Remediating Microsoft Exchange Vulnerabilities web page for guidance on detecting, protecting against, and remediating this malicious activity.

  1. F5 Releases Security Advisory for Multiple Vulnerabilities in BIG-IP, BIG-IQ

Earlier today (3/10), F5 announced multiple CVEs impacting BIG-IP and BIG-IQ devices. Of these, four are criticalremote code execution vulnerabilities, whereby an attacker could exploit these to take control of an affected system. Two related CVEs are buffer-overflow vulnerabilities. If triggered, a buffer overflow would result in a DoS attack, and—in certain situations — may allow remote code execution.  To fully remediate the critical vulnerabilities, BIG-IP customers must update to a patched version as soon as possible.

CISA has published a current activity alert on the specific vulnerabilities affecting BIG-IP and BIG-IQ. For additional detail, organizations are encouraged to review the information provided by F5 — including related security advisories and supplemental information—to help determine the impact on their devices.

  1. Supply Chain Compromise Short Term Remediation

Last evening (3/9), CISA began releasing new resources to support federal departments and agencies affected by related threat activity associated with the compromise of certain versions of the SolarWinds Orion platform.

These resources provide technical remediation guidance based on the three categories previously outlined in Activity Alert AA20-352A, to include related public and private sector resources recommended by CISA. The guidance will assist organizations with understanding the steps for detecting, mitigating, and evicting this threat actor from their networks, and prevent the actor’s re-use of similar tactics, techniques, and procedures. These steps will prepare federal departments and agencies for long-term actions to build more secure, resilient networks.

Although the information released will be tailored to federal departments and agencies, CISA encourages critical infrastructure, private sector organizations, and other affected entities to refer to Mitigating and Remediating APT-Compromised Networks for eviction guidance and technical resources and cisa.gov/supply-chain-compromise for general information on this compromise and related activity.

 

 

 

Microsoft Warns of Windows Win32k Privilege Escalation

Published by Cybersecurity & Infrastructure Security Agency 9 February 2021

The Cybersecurity & Infrastructure Security Agency (CISA) is sharing a new Microsoft Security Advisory. Microsoft announced there is, “...an escalation of privileges vulnerability (CVE-2021-1732) in Microsoft Win32k. A local attacker can exploit this vulnerability to take control of an affected system. Microsoft has stated that Windows 10 and Windows Server 2019 are affected by this vulnerability.”

To read this article, click here

 

 
 
 

FTC Reports Scammers Impersonating FTC

Published by Cybersecurity & Infrastructure Security Agency 26 January 2021

The Cybersecurity & Infrastructure Security Agency (CISA) newest alert comes from the Federal Trade Commission (FTC). The FTC, “...has released information on scammers attempting to impersonate the FTC. The scammers operate an FTC-spoofed website that claims to provide instant cash payments and tries to trick consumers into disclosing their financial information.”

To read this alert, click here

 

 
 
 

Personal Security Considerations

Published by Cybersecurity & Infrastructure Security Agency 14 January 2021

The Cybersecurity & Infrastructure Security Agency (CISA) has released a new fact sheet titled, “Personal Security Considerations.” CISA states that the new information, “encourages critical infrastructure owners and their personnel to remain vigilant and report suspicious behavior that individuals may exhibit in order to thwart an attack. It also contains several easily implementable security measures that can mitigate threats to personal safety.”

To learn how to protect yourself, click here.

 

 
 
 

Cybersecurity and Physical Security Convergence

Published by Cybersecurity & Infrastructure Security Agency 5 January 2021

The Cybersecurity & Infrastructure Security Agency (CISA) has released a new guide titled, “The Cybersecurity and Infrastructure Security Convergence Action Guide.” CISA states that the new guidance “describes the complex threat environment created by increasingly interconnected cyber-physical systems, and the impacts that this interconnectivity has on an organization’s cybersecurity and physical security functions.”

To read this guide, click here

 

 

 

Mitigate SolarWinds Orion Code Compromise

Published by Cybersecurity & Infrastructure Security Agency 13 December 2020

The Cybersecurity & Infrastructure Security Agency (CISA) has issued an Emergency Directive 21-01; this directive states, “SolarWinds Orion products (affected versions are 2019.4 through 2020.2.1 HF1) are currently being exploited by malicious actors. This tactic permits an attacker to gain access to network traffic management systems.”

To read this emergency directive, click here

To download the most recent update as of 18 December 2020, click here.

To read additional information and resources, click here.

To read continued updates, click here.

To read the most recent update as of 30 December 2020, click here.

To read the most recent update as of 6 January 2021, click here.

 

 
 
 

That Email About Your Delivery Could Be Fake: Phishing Scammers Increase Their Attack on Online Shoppers

Published by ZDNET 1 December 2020

Before you click on any links, it’s always a good idea to think twice – especially with those emails you’re receiving regarding tracking and delivery of purchased online orders. There is a good possibility that the email in your inbox could be a phishing attempt from an online scammer.

To read this article, click here

 
 
 
 

CISA Urges All Americans to be on Alert for Holiday Scams and Cyber Threats

Published by Cybersecurity & Infrastructure Security Agency 24 November 2020

There are several great advantages in doing your holiday shopping online, but if you aren't careful, you could find yourself the victim of a cyber crime. The Cybersecurity & Infrastructure Security Agency (CISA) provides great information on how to stay cyber-safe this holiday season.

To learn how to mitigate your risk of becoming a victim, click here.

 
 
 
 

Embry-Riddle Research Aims to Blunt Aviation Cyber Attacks

Published by Embry-Riddle Aeronautical University 13 November 2020

The Cyber Scholarship Program Award was given to Embry-Riddle Aeronautical University to help mitigate cyber threats within the aviation industry. This award will provide the funds needed for research and equipment to help combat attacks and threats, such as drone hacking.

To read this article, click here

 
 
 
 

Enhancing Cybersecurity For Aircraft Systems

Published by Aero-mag.com 4 November 2020

Aircraft systems are relying more on the internet and this is raising the potential for cyber attacks on aircraft. New amendments concerning cybersecurity are being introduced by the European Aviation Safety Agency (EASA).

To read this article, click here

 
 
 
 

IoT Security for Smart Airports and Aviation Systems

Published by IoT For All 22 October 2020

We’ve all heard of smart phones, but have you heard of smart airports? Take a look at the security challenges airports face when they implement internet-based systems in their ongoing efforts to improve passenger experience.

To read this article, click here

 
 
 
 

Cyber Essentials Toolkits

Published by Cybersecurity & Infrastructure Security Agency 15 October 2020

It’s National Cyber Security Awareness Month (NCSAM)! Are you ready for the next chapter in CISA’s Cyber Essentials Toolkit? Chapter 5 has been released and CISA states, “This chapter focuses on strategies for cultivating a proactive data protection culture aimed at making organizations more resilient against attacks that may harm data integrity or render data inaccessible. It includes links to resources for leaders to understand how to properly manage backups, and safeguard against ransomware, malware, and other attacks.”

To learn more, click here

 

 
 
 

Alert (AA20-283A): APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations

Published by Cybersecurity & Infrastructure Security Agency 9 October 2020

The Cybersecurity & Infrastructure Security Agency (CISA)  and the Federal Bureau of Investigation (FBI) has issued a new alert; this alert (AA20-283A) states, “CISA has recently observed advanced persistent threat (APT) actors exploiting multiple legacy vulnerabilities in combination with a newer privilege escalation vulnerability—CVE-2020-1472—in Windows Netlogon. The commonly used tactic, known as vulnerability chaining, exploits multiple vulnerabilities in the course of a single intrusion to compromise a network or application."

To read this alert, click here

 

 
 
 

Do Your Part. #BeCyberSmart

Published by Cybersecurity & Infrastructure Security Agency 1 October 2020

Did you know that October is National Cybersecurity Awareness Month (NCSAM)? Outreach and promotions regarding cybersecurity will be provided each week by the Cybersecurity & Infrastructure Security Agency (CISA), and the National Cyber Security Alliance (NCSA). You won’t want to miss out!

To learn more, click here.

 

 

CISA and MC-ISAC Release Ransomware Guide

Published by Cybersecurity & Infrastructure Security Agency 30 September 2020

The Cybersecurity & Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have released a new guide regarding ransomware: “...that details practices that organizations should continuously engage in to help manage the risk posed by ransomware and other cyber threats.”

For more information about ransomware, click here

 

 
 
 

Telework Essentials Toolkit

Published by Cybersecurity & Infrastructure Security Agency 30 September 2020

A Telework Essentials Toolkit has recently been published by the Cybersecurity & Infrastructure Security Agency (CISA). According to CISA, this document is “...a comprehensive resource of telework best practices. The Toolkit provides three personalized modules for executive leaders, IT professionals, and teleworkers.”

To view this toolkit, click here.

 

 
 
 

Emergency Directive 20-04

Published by Cybersecurity & Infrastructure Security Agency 18 September 2020

An Emergency Directive has been released by the Cybersecurity & Infrastructure Security Agency (CISA). This Emergency Directive (20-04) from CISA concerns "a critical vulnerability affecting Microsoft Windows servers with the domain controller role. An unauthenticated attacker with only network access to the domain controller could exploit the vulnerability to completely compromise all Active Directory identity services.”

To read this Emergency Directive, click here

 

 
 
 

Iran-Based Threat Actor Exploits VPN Vulnerabilities

Published by Cybersecurity & Infrastructure Security Agency 15 September 2020

The Cybersecurity & Infrastructure Security Agency (CISA) has issued a new alert; this alert (AA20-259A) states, “CISA and FBI are aware of an Iran-based malicious cyber actor targeting several U.S. federal agencies and other U.S.-based networks.”

To read this alert, click here

 

 
 
 

Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity

Published by Cybersecurity & Infrastructure Security Agency 14 September 2020

The Cybersecurity & Infrastructure Security Agency (CISA) has issued an alert; this alert (AA20-258A) states, “The Cybersecurity and Infrastructure Security Agency (CISA) has consistently observed Chinese Ministry of State Security (MSS)-affiliated cyber threat actors using publicly available information sources and common, well-known tactics, techniques, and procedures (TTPs) to target U.S. Government agencies.”

To read this alert, click here.

 

 
 
 

Understanding the Tactics of Ransomware Attacks

Published by Security Boulevard 10 September 2020

When surfing the internet, or checking your emails, are you aware of the dangers lurking online? Don’t become a victim of a ransomware attack, instead, be prepared to fight by understanding the strategy of your enemy.

To read this article, click here.

 

 

Technical Approaches to Uncovering and Remediating Malicious Activity

Published by Cybersecurity & Infrastructure Security Agency 1 September 2020

Are you interested in learning how to mitigate malicious activity online? Well, you are in luck! An advisory, “Technical Approaches to Uncovering and Remediating Malicious Activity” has been released by the Cybersecurity & Infrastructure Security Agency (CISA), along with several international partners, and states “This joint guidance provides best practices to mitigate and detect common attack vectors; however, organizations are reminded to tailor mitigations specific to their own unique network environment.”

To learn more, click here

 

 
 
 

Operational Best Practices for Encryption Key Management

Published by Cybersecurity & Infrastructure Security Agency 25 August 2020

Encryption is an extremely important tool, as it provides an extra layer of cybersecurity. The Cybersecurity & Infrastructure Security Agency (CISA) has released on its website, the Operational Best Practices for Encryption Key Management along with the Encryption Key Management Fact Sheet. The email announcement from CISA states, “The Federal Partnership for Interoperable Communications (FPIC) in collaboration with SAFECOM and the National Council of Statewide Interoperability Coordinators developed this document as a way to further address critical encryption issues, including encryption key change periods and the continued use of the data encryption standard (DES).”

To view these documents, click here

 
 
 
 

Cyber Essentials Toolkits

Published by Cybersecurity & Infrastructure Security Agency 17 August 2020

Technology is an essential part of our everyday lives and it's important for operations to understand the fundamentals of cybersecurity to mitigate their risk of becoming a cyberattack victim. The Cybersecurity & Infrastructure Security Agency (CISA) has published a set of Cyber Essential Toolkits that focus on the individual, staff members and an operation's systems.

To view these toolkits, click here.

 

 

The State of Civil Aviation Cybersecurity

Published by Trip Wire 9 August 2020

Are you aware of the risks that the aviation industry faces due to cyberattacks? There are many different areas of aviation that could be affected: air traffic control (ATC) centers, airlines, supply vendors, airports and passengers. It’s important to remember that as more systems connect with each other and new technology is implemented, new cybersecurity risks emerge.

To read this article, click here

 

 

 

 

Garmin Ltd. (GRMN) Q2 2020 Earnings Call Transcript

Published by The Motley Fool 29 July 2020

In the world of aviation, many rely on apps and services provided by the company, Garmin. The company recently experienced a network outage, generated by a cyberattack. CEO Clifton Pemble stated, “We immediately assessed the nature of the attack and started remediation efforts. We have no indication that any customer data was accessed, lost or stolen.”

To read this article, click here.

 
 
 

Trade Groups Warn of Online Charter Fraud

Published by AINonline 15 July 2020

If you were to conduct a Google search for private air charter, it is highly likely that you would come across an ad promoting a website that offers this service. However, chances are this website is fake, created by fraudsters looking to take advantage. Prior to booking any travel, it’s important to do your research.

To learn how to identify these fake websites, click here. 

 

 

 

 

Ransomware Attacks Spike by 140%, 57% of Organizations Agree to Pay

Published by Atlas VPN 9 June 2020

Just because something hasn’t happened to you yet, doesn’t mean it can’t happen in the future. Murphy’s Law states, “Anything that can go wrong, will go wrong.” This is why it’s crucial to know how to protect your organization/business from ransomware. Atlas VPN states, “Data extracted and analyzed by Atlas VPN reveals, the amounts of demanded ransom payments increased by 140%, comparing the numbers of 2018 to 2019. More and more organizations succumb to blackmail: 57% of organizations settled and paid the ransom during the last 12 months.”

To read this article, click here.

 

 

Cyber Security in Shipping During COVID-19 Pandemic

Published by Hellenic Shipping News 5 May 2020

The phrase ‘a new normal’ can be hard to digest, as change can be daunting. Despite this, we all need to adapt to this new way of living, especially companies and organizations. Orders concerning social distance have forced millions to start working remotely, and this includes employees of shipping companies. However, working from home raises concerns with regards to cybersecurity and puts operations at risk.

To read this article, click here. 

 

 

Aviation & Defense Cyber Security Market - Current Impact to Make Big Changes | Lockheed Martin, IBM, Rockwell Collins

Published by Open PR 30 April 2020

Cybersecurity is extremely important as it puts a plan in place to help protect and defend against possible cyber attacks/threats. It is especially crucial because of the simple fact - technologies are always advancing. Open PR states, “During these suspicious times, governments and organizations are investing more in the cybersecurity of defense and aviation products and services than they have ever before. The key factor of investment in the cybersecurity segment due to significant tension between the necessity for technology developments and simultaneously preventing these technologies from cyber-attacks.”

To read this article, click here.

 

 

SIM Swapping: A Route for Criminals to Target Those Preoccupied by COVID-19 Pandemic

Published by Homeland Security Today 22 April 2020

Technology continues to improve and our mobile devices keep us connected to many aspects of our lives. Homeland Security Today states, “SIM Swapping is a form of unauthorized access to your data through your cell phones". Using this technique criminals gain open access too many of the same accounts you can reach through your computer.

To read this article, click here.

 

 
 
 

Online Extortion Scams Increasing During the COVID-19 Crisis

Published by Homeland Security Today 22 April 2020

Stuck at home, millions of people are trying to find ways to combat their boredom. Many turn to their computers, cell phones, iPads and other devices. While keeping busy via the internet may be a way to pass time, users should still be careful. Cyber crime continues to be a growing concern with online extortion scams on the rise during the current “stay- at-home” orders.

To learn more, click here.

 
 
 
 

Defending Aviation From Cyber Attack

Published by Tech Radar 16 April 2020

Cybersecurity has become a popular topic over the years as these types of threats are becoming more and more apparent. The aviation industry faces potential cyber threats that could be damaging to your operation. These threats can effect numerous aspects of the aviation industry: passenger safety, crew safety, financial loss and more.

To read this article, click here.

 

 

Deal with Ransomware the Way Police Deal with Hostage Situations

Published by Homeland Security News Wire 27 March 2020

How much would you pay a perpetrator to retrieve back your sensitive files and data that had been stolen? Can't think of a price? Thinking this would never happen to you? Think again. Over 600 government agencies endured ransomware attacks within the first 9 months of 2019. The best course of action to prevent falling victim to this type of attack is preparation. Educate yourself on best cyber security practices to remain protected. 

To read this article, click here

 
 
 
 

How to Avoid Falling Victim to a COVID-19 Phishing Attack

Published by 101 Domain 23 March 2020

Since the coronavirus has made its way across the globe, hackers have 'gone phishing' trying to hook their victims. Knowing most people are on high alert due to recent health issues arising, hackers are taking advantage of our fears. Be aware of the new scams that have appeared and know what to look for. 

To read this article, click here

 

 

PODCAST: Connected Aircraft Cybersecurity 101 With the Satcom Guru

Published by Aviation Today 16 March 2020

Cybersecurity is an extremely broad subject and is used across many industries, including aviation. Peter Lemme, a former Boeing engineer, speaks about cybersecurity and the potential security risks that operators see while in flight. 

To listen to this Global Connected Aircraft podcast, click here.

 

 

Hackers Are Using These Fake Coronavirus Maps to Give People Malware

Published by Business Insider 12 March 2020

Coronavirus is a global pandemic affecting numerous aspects of our daily lives. During this pandemic, hackers are taking advantage of opportunities to gain access to your systems, sensitive security information (SSI) and personal identifiable information (PII). Educate yourself on safe practices and know what to look for; double check to see if you are on a secured website and ensure what you are downloading doesn’t result in malware. Stay vigilant.

To read this article, click here.

 

 

What is Cybersecurity?

Published by Cybersecurity & Infrastructure Security Agency

Educate yourself on cybersecurity with this informative article from the Cybersecurity & Infrastructure Security Agency (CISA). Learn how to improve your cybersecurity, what falls under cybersecurity and what the risks associated with poor cybersecurity are.

To read this article, click here.

 

 

Feds Are Lining Up More Indictments Related to Chinese Cyber-Activity, Officials Say

Published by Cyberscoop 20 February 2020

Federal officials allege that China is conducting cyber attacks on U.S. companies through the use of contractors. To combat this economic espionage, the U.S. Department of Justice has stated that new indictments alleging insider threats and cyber hacking will soon be issued against Chinese nationals.

To read this article, click here.

 

 

Exclusive: Details of 10.6 Million MGM Hotel Guests Posted on a Hacking Forum

Published by ZDNet 19 February 2020

Personal information including dates of birth, home addresses, full names, emails and phone numbers were released in a large data dump on a hacking forum. The data was obtained through a hacking breach against MGM Resorts and affected more than 10 million guests, including government officials, celebrities, reporters and tech CEOs.

To read this article, click here.

 

 

Cyber-security Threat Guidance Published by ACI World

Published by International Airport Review 11 February 2020

A new handbook has been published by the Airports Council International (ACI) World, providing information on cybersecurity to airports. The handbook is intended to help airports examine their current cyber defenses as well as educate them on how to maintain and strengthen their security systems.

To read this article, click here.

 

 

Medical Devices' Vulnerability to Cyber Attacks

6 February 2020

The healthcare industry is a regular target for cyber attacks and medical devices are especially vulnerable, according to recent articles in Homeland Security Today and HeathcareITNews. The devices, which monitor everything from a patient’s insulin level to their heartbeat, are connected to healthcare IT systems and contain sensitive data. Despite this, they hold few, if any, cybersecurity technology and are extremely easy to hack into, experts say.

To read the article in Homeland Security Today, click here.

To read the article in HealthcareITNews, click here.

 

 

Nintendo Hacker Pleads Guilty

Published by ZDNet 4 February 2020

A 21-year-old man faces up to five years in prison after pleading guilty to hacking a second time into Nintendo’s system, downloading proprietary and confidential data, and then releasing that information online. The man used a vulnerability in Nintendo’s servers and a phishing email to gain access in the two hacking events.

To read this article, click here.

 

 

Cybersecurity Expert Explains How Scammers are Taking The Coronavirus Online

Published by WECT 6 News 31 January 2020

Online searches for the coronavirus have become opportunities for cyber criminals and experts are warning users to avoid anything that doesn’t look quite right. One cybersecurity firm says it has discovered docx, mp4s and pdfs that contain malicious files, which can quickly advance through networks, taking over multiple computers. The files, which claim to have links to videos on protection from the coronavirus, can target personal information, a company’s sensitive data or just corrupt a computer system.

To read this article, click here.

 

 

Hackers Put 30 Million Wawa Customers' Data for Sale

Published by CisoMag 30 January 2020

An ongoing investigation seeks to identify the hackers responsible for a malware payload that captured payment card details of 30 million Americans. The data was then offered for sale on the dark web. 

To read this article, click here.

 

 

Preparing for Increased Geopolitical Tensions and Threats

Published by Cybersecurity & Infrastructure Security Agency 6 January 2020

CISA has released a preparation guide for navigating the increase in threats, both cyber and physical, against the United States. Reviewing and implementing the CISA Cyber Essentials can increase your defenses against a cyberattack immediately. An actionable checklist has also been provided to assist in protecting against Cyber and Physical attacks.

To download the full CISA Insight Guide, click here.

 

 

CISA Releases Cyber Essentials for Small Businesses and Governments

Distributed by U.S. Department of Homeland Security Private Sector Office 6 November 2019

 

Cybersecurity is often discussed from a national perspective, but even smaller government and business organizations are vulnerable. This is why the Cybersecurity & Infrastructure Security Agency (CISA) has released a new guide specifically created for these entities.

 

To read this notice, click here.

 

 

 

 

U.S. Official Visits Minneapolis to Cite Cyber Threats

Posted by Neal St. Anthony with the StarTribune 4 November 2019

The director of the National Counterintelligence and Security Center (NCSC) voices concern over the ability of the U.S. to protect its critical infrastructure from cybersecurity threats.

To read this article, click here.

 

 

National Cybersecurity Protection System (NCPS)-Intrusion Detection

Released by DHS/CUSA/PIA-033 25 September 2019

How are federal network systems protected and defended against cyber threats? This report explains how information related to known or suspected cyber threats is collected by the National Cybersecurity Protection System (NCPS).

To download this report, click here.

 

 

DHS Gives Cybersecurity Warning to Small Aircraft Owners Podcast

Published by National Business Aviation Association 12 August 2019

Several steps have been voluntarily taken in the aviation industry to address the risk of unauthorized aircraft access. This podcast, hosted by NBAA, discusses these measures in response to a warning issued by the Department of Homeland Security (DHS) concerning small aircraft and restricted access.

To listen to this podcast, click here.

 

 

Civil Aviation Cybersecurity Information Repository

Published by International Civil Aviation Organization

Building a solid cybersecurity structure to keep air transportation safe is of great importance to the ICAO. This link discusses Civil Aviation and Cybersecurity.

For details, click here.