20230912_NATA-Compliance_Services_Logo_Web_ALL White_RGB

Cybersecurity

Top News in Cybersecurity

Defending yourself against cyberattacks starts with understanding the risks associated with cyber activity, what some of the basic cybersecurity terms mean, and what you can do to protect yourself.

 

Google Simplifies 2-Factor Authentication Setup (It's More Important Than Ever)

Published The Hacker News 7 May 2024

"Google on Monday announced that it's simplifying the process of enabling two-factor authentication (2FA) for users with personal and Workspace accounts.

"Also called 2-Step Verification (2SV), it aims to add an extra layer of security to users' accounts to prevent takeover attacks in case the passwords are stolen."

To read this article, click here.

 

 

International Investigation Disrupts Phishing-as-a-Service Platform LabHost

Published by Europol 18 April 2024

"This week, law enforcement from 19 countries severely disrupted one of the world’s largest phishing-as-a-service platform, known as LabHost. This year-long operation, coordinated at the international level by Europol, resulted in the compromise of LabHost’s infrastructure.

"Between Sunday 14 April and Wednesday 17 April a total of 70 addresses were searched across the world, resulting in the arrest of 37 suspects. This includes the arrest of 4 individuals in the United Kingdom linked to the running of the site, including the original developer of the service."

To read this press release, click here

 

 

'Crude' Ransomware Tools Proliferating on the Dark Web for Cheap, Researchers Find

Published by The Record 17 April 2024

"Cheap ransomware is being sold for one-time use on dark web forums, allowing inexperienced freelancers to get into cybercrime without any interaction with affiliates. 

"Researchers at the intelligence unit at the cybersecurity firm Sophos found 19 ransomware varieties being offered for sale or advertised as under development on four forums from June 2023 to February 2024."

To read this article, click here.

 

 

CISA to Expand Automated Malware Analysis System Beyond Government Agencies

Published by The Record 10 April 2024

"Businesses and other organizations will be able to submit samples of malware to the U.S. government for analysis under a new program run by the nation’s top cybersecurity agency.

"The Cybersecurity and Infrastructure Security Agency (CISA) said its Malware Next-Gen service has been available to government and military workers since November, but it is now opening it up to the private sector."

To read this article, click here.

 

 

The Drop in Ransomware Attacks in 2024 and What it Means

Published by The Hacker News 8 April 2024

"The ransomware industry surged in 2023 as it saw an alarming 55.5% increase in victims worldwide, reaching a staggering 5,070. But 2024 is starting off showing a very different picture. While the numbers skyrocketed in Q4 2023 with 1309 cases, in Q1 2024, the ransomware industry was down to 1,048 cases. This is a 22% decrease in ransomware attacks compared to Q4 2023."

To read this article, click here.

 

 

AT&T Addresses Recent Data Set Released on the Dark Web

Published by AT&T 30 March 2024

"AT&T* has determined that AT&T data-specific fields were contained in a data set released on the dark web approximately two weeks ago. While AT&T has made this determination, it is not yet known whether the data in those fields originated from AT&T or one of its vendors. With respect to the balance of the data set, which includes personal information such as social security numbers, the source of the data is still being assessed.

"AT&T has launched a robust investigation supported by internal and external cybersecurity experts. Based on our preliminary analysis, the data set appears to be from 2019 or earlier, impacting approximately 7.6 million current AT&T account holders and approximately 65.4 million former account holders."

To read this press release, click here.

 

 

Threat Indicators Show 2024 Is Already Promising to be Worse Than 2023

Published by Security Week 28 March 2024

"While 2023 was a difficult year for cybersecurity teams, 2024 is likely to be worse. In just the first two months of 2024, threat intelligence firm Flashpoint has logged dramatic increases in all major threat indicators.

"By Flashpoint’s numbers, there were 6,077 recorded data breaches in 2023, with attackers accessing more than 17 billion personal records (up 34.5% on 2022’s figures). In the first two months of 2024, this increased by 429% over the first two months of 2023."

To read this article, click here

 

 

LockBit Administrator Sentenced to Almost Four Years in Prison After Guilty Plea

Published by The Record 13 March 2024

"An administrator for the LockBit ransomware gang has been sentenced to four years in prison after pleading guilty to eight charges in a Canadian court last month...."

"CTV News also reported that Vasiliev has also consented to being extradited to the U.S. — where he is facing several charges unsealed in a New Jersey court in 2022 for his role in LockBit."

To read this article, click here.

 

 

Americans Lost a Record $12.5 Billion to Online Fraud Last Year

Published by The Record 6 March 2024

"More than $12.5 billion was lost in 2023 to online fraud in cases reported by the American public, according to the FBI’s annual Internet Crime Report — a 22% increase on the year before.

"The report compiles information from the FBI’s Internet Crime Complaint Center (IC3) and shows a steady increase in fraud nearly across the board. The center registered more than 880,000 complaints. IC3 aggregates data only for reported cases, so the actual dollar figures could be much higher."

To read this article, click here

 

 

Domains Once Owned by Major Firms Help Millions of Spam Emails Bypass Security

Published by SecurityWeek 27 February 2024

"Thousands of domains, many once owned by major companies, have been abused to get millions of emails past spam filters, online security firm Guardio reported on Monday.

"The cybersecurity firm’s researchers have come across a significant campaign which they have dubbed SubdoMailing and attributed to a threat actor named ResurrecAds. 

"Guardio reported identifying roughly 8,800 hijacked domains — specifically over 13,000 associated subdomains — being used to send out approximately five million emails per day. The number of abused domains is growing by the hundreds every day."

To read this article, click here

 

 

LockBit Ransomware Group Resurfaces After Law Enforcement Takedown

Published by Hacker News 26 February 2024

"The threat actors behind the LockBit ransomware operation have resurfaced on the dark web using new infrastructure, days after an international law enforcement exercise seized control of its servers.

"To that end, the notorious group has moved its data leak portal to a new .onion address on the TOR network, listing 12 new victims as of writing."

To read this article, click here

 

 

Cyber Insights 2024: Ransomware

Published by SecurityWeek 21 February 2024

"Ransomware is a species of the genus Extortion. Extortion has always been a favored method of gaining funds, and always will be. Today it is probably more prevalent in the cyber world than in the physical world.

"We can learn from its history. It has always existed at the national level (Danegeld), at the gang level (protection rackets) and at the personal level (bullying). This practice is now part of the cyber world, and it still involves nation states, criminal gangs, and individual hackers. Extortion will never go away, only the methods will change. Criminals will fine-tune existing profitable methods for greater profit or adapt them to accommodate new conditions."

To read this article, click here.

 

 

Continental Aerospace Latest to be Hacked as Aviation Cyberattacks Rise

Published by GlobalAir.com 21 February 2024

"Continental Aerospace Technologies was recently hit by a cyberattack, affecting daily operations in Alabama. Continental released a statement on its website about the incident, letting customers know it was engaged with a team of experts working to resolve the issues quickly and operations are expected to resume soon. This is the latest cyber incident in the aviation industry and the number of attacks may be on the rise."

To read this article, click here

 

 

Law Enforcement Hacks LockBit Ransomware, Delivers Major Blow to Operation

Published by SecurityWeek 20 February 2024

"LockBit domains currently display a seizure notice informing visitors that the site is controlled by law enforcement, specifically the UK’s National Crime Agency (NCA). The notice indicates that the takedown is the result of an international operation involving the FBI and law enforcement agencies in Canada, Australia, France, Germany, Switzerland, Sweden, Finland, the Netherlands, and Japan, as well as Europol.

“We can confirm that LockBit’s services have been disrupted as a result of International Law Enforcement action — this is an ongoing and developing operation,” reads a message posted on the seized domains."

To read this article, click here

 

 

Ransomware Payments Doubled to More Than $1 Billion in 2023

Published by The Record 7 February 2024

"Companies, individuals and other victims of ransomware attacks paid hackers more than $1.1 billion in 2023 in exchange for unlocking their data, according to new research.

"Chainalysis — a blockchain research firm that analyzes transactions made by ransomware gangs, affiliates and other cybercriminals — released a report this morning finding that ransom payments broke records in 2023 thanks to a variety of factors."

To read this article, click here

 

 

NTERPOL-Led Operation Targets Growing Cyber Threats

Published by Interpol 1 February 2024

"SINGAPORE – Some 1,300 suspicious IP addresses or URLs have been identified as part of a global INTERPOL operation targeting phishing, malware and ransomware attacks.

"Operation Synergia, which ran from September to November 2023, was launched in response to the clear growth, escalation and professionalisation of transnational cybercrime and the need for coordinated action against new cyber threats."

To read this article, click here.

 

 

US Says It Disrupted a China Cyber Threat, but Warns Hackers Could Still Wreak Havoc for Americans

Published by SecurityWeek 31 January 2024

"U.S. officials said Wednesday they disrupted a state-backed Chinese effort to plant malware that could be used to damage civilian infrastructure, as the head of the FBI warned that Beijing is positioning itself to disrupt the daily lives of Americans if the United States and China ever go to war.

"The operation, announced just before FBI Director Chris Wray addressed House lawmakers, disrupted a botnet of hundreds of U.S.-based small office and home routers owned by private citizens and companies that had been hijacked by the Chinese hackers to cover their tracks as they sowed the malware. Their ultimate targets included water treatment plants, the electrical grid and transportation systems across the United States."

To read this article, click here

 

 

Cybersecurity Experts Warn of New Vulnerabilities Affecting Apple, Atlassian and Fortra Products

Published by The Record 23 January 2024

"Multiple new vulnerabilities are being exploited by hackers in recent days, prompting alarm from experts worried about how they will be used by cybercriminals and nation states.

"Over the last week, vulnerabilities affecting tech giants including Apple, VMware, Atlassian, Fortra, Apache and others have been highlighted both by cybersecurity experts and government agencies like the Cybersecurity and Infrastructure Security Agency (CISA)."

To read this article, click here.

 

 

Email Nightmare: 94% of Firms Hit by Phishing Attacks in 2023

Published by InfoSecurity Magazine 16 January 2024

"Email security remained top of mind for cybersecurity professionals in 2023 as over nine in ten (94%) cyber decision-makers had to deal with a phishing attack, according to email security provider Egress.

"This is up 2% from the previous year, Egress’ Email Security Risk Report 2024 found."

To read this article, click here

 

 

Ransomware tracker: The latest figures [January 2024]

Published by The Record 14 January 2024

"Ransomware attacks across several key sectors dipped slightly in December, capping a year that saw a steady increase in attacks overall.

"Ransomware gangs posted 356 victims to their extortion sites in December — down from the 369 victims in the previous month, but well above the 241 victims posted in December 2022."

To read this article, click here

 

 

Threat Actors Use Social Engineering and AI to Drive More Cyber Attacks in 2024, says GlobalData

Published by Daily Host News 4 January 2024

"A major trend in cybersecurity is the speed and adeptness with which hackers adapt their techniques to leverage technological advances. Attacks making use of social engineering have become more frequent and more expensive in 2023. The profitability and the simplicity of launching social engineering-related cyber attacks will drive an even higher volume of these incidents in 2024, according to GlobalData, a leading data and analytics company."

To read this article, click here.

 

 

The Emerging Landscape of AI-Driven Cybersecurity Threats: A Look Ahead

Published by SecurityWeek 28 December 2023

"In recent years, the rapid advancement and integration of artificial intelligence (AI) into various sectors have not only brought about a revolution in efficiency and capability, but have also introduced a new frontier in cybersecurity challenges. This evolving threat landscape shaped by AI highlights the need for robust countermeasures and awareness as we get used to this newly complex and rapidly changing domain."

To read this article, click here

 

 

British LAPSUS$ Teen Members Sentenced for High-Profile Attacks

Published by The Hacker News 24 December 2023

"Two British teens part of the LAPSUS$ cyber crime and extortion gang have been sentenced for their roles in orchestrating a string of high-profile attacks against a number of companies.

"Arion Kurtaj, an 18-year-old from Oxford, has been sentenced to an indefinite hospital order due to his intent to get back to cybercrime "as soon as possible," BBC reported. Kurtaj, who is autistic, was deemed unfit to stand trial."

To read this article, click here.

 

 

Cost of a Data Breach Report 2023: Insights, Mitigators and Best Practices

Published by The Hacker News 21 December 2023

"The IBM Cost of a Data Breach Report is an annual report that provides organizations with quantifiable information about the financial impacts of breaches. With this data, they can make data driven decisions about how they implement security in their organization.

"The report is conducted by the Ponemon Institute and sponsored, analyzed, and published by IBM Security. In 2023, the 18th year the report was published, the report analyzed 553 breaches across 16 countries and 17 industries."

To read this article, click here

 

 

FCC Reminds Mobile Phone Carriers They Must do More to Prevent SIM Swaps

Published by The Record 12 December 2023

"The Federal Communications Commission is warning mobile phone service providers to ensure they are shielding customers from cybercriminals who use fraudulent SIM swaps to take over unwitting victims’ mobile phone accounts.

"The warning comes on the heels of a Cyber Safety Review Board (CSRB) finding announced in August. The board detailed the operations of the hacking group Lapsus$, which was known for using SIM swaps to extort victims worldwide."

To read this article, click here.

 

 

FBI Explains how Companies can Delay SEC Cyber Incident Disclosures

Published by The Record 8 December 2023

"The FBI has published guidance on how companies can request a delay in disclosing cyber incidents to the Securities and Exchange Commission (SEC).

"The document is a followup to new rules that the SEC approved in June requiring companies to quickly disclose “material” cybersecurity incidents and share the details of their cybersecurity risk management, strategy and governance with the commission on an annual basis."

To read this article, click here

 

 

New Threat Actor 'AeroBlade' Emerges in Espionage Attack on U.S. Aerospace

Published by The Hacker News 5 December 2023

"A previously undocumented threat actor has been linked to a cyber attack targeting an aerospace organization in the U.S. as part of what's suspected to be a cyber espionage mission.

"The BlackBerry Threat Research and Intelligence team is tracking the activity cluster as AeroBlade. Its origin is currently unknown and it's not clear if the attack was successful."

To read this article, click here.

 

 

Black Basta Ransomware Group Received Over $100 Million From 90 Victims

Published by Security Week 30 November 2023

"Active since at least April 2022 and responsible for more than 300 infections to date – becoming the fourth-most active ransomware by number of victims – Black Basta is believed to be linked to the notorious Conti ransomware group, which closed shop last year.

"Black Basta had become a major threat within months of its emergence, partnering with other cybercrime gangs and employing double extortion tactics: in addition to encrypting files, the group has been stealing victims’ data and threatening to release it on the web unless a ransom was paid."

To read this article, click here.

 

 

Five Cybersecurity Predictions for 2024

Published by Security Week 29 November 2023

"The year 2023 saw heightened cybersecurity activity, with both security professionals and adversaries engaged in a constant cat-and-mouse game. The dynamic landscape of cyber threats and the ever-expanding digital attack surface have compelled organizations to refine and fortify their security architectures. Despite the collective hope for a reprieve from the onslaught of daily phishing, ransomware, and credential stuffing attacks, cybercriminals are poised to leverage successful tactics from this year to orchestrate more sophisticated campaigns in the coming year. To stay ahead, it is crucial to anticipate the key themes likely to dominate the cybersecurity space in 2024.

"The following predictions serve as strategic insights for IT and security professionals, guiding them in prioritizing efforts to navigate the ever-changing threat landscape:"

To read this article, click here

 

 

Long Beach Airport’s Website Taken Down By Cyber Attack

Published by Homeland Security Today 22 November 2023

"Long Beach Airport (LGB), a major public airport located near Los Angeles, California, was the target of a cyberattack on November 14. The cyberattack affected the airport’s main website and caused the airport authority to take the website offline temporarily. Currently, the website redirects to the Long Beach city website, which has also added additional flight information to help passengers navigate their flights."

To read this article, click here

 

 

Play Ransomware Goes Commercial - Now Offered as a Service to Cybercriminals

Published by The Hacker News 21 November 2023

"The ransomware strain known as Play is now being offered to other threat actors "as a service," new evidence unearthed by Adlumin has revealed.

"The unusual lack of even small variations between attacks suggests that they are being carried out by affiliates who have purchased the ransomware-as-a-service (RaaS) and are following step-by-step instructions from playbooks delivered with it," the cybersecurity company said in a report shared with The Hacker News."

To read this article, click here.

 

 

BlackCat Ransomware Group Reports Victim to SEC

Published by InfoSecurity Magazine 16 November 2023

"A prolific ransomware group appears to have reported one of its victims to the US Securities and Exchange Commission (SEC), in a bid to pressure payment.

"BlackCat/ALPHV said it compromised digital lending solutions provider MeridianLink on November 7, but the firm refused to engage with it despite the group claiming to have exfiltrated sensitive data."

To read this article, click here.

 

 

How to Spot a Fake Data Blocker that Could Hack Your Computer in Seconds

Published by ZDNet 15 November 2023

"Data blockers -- also known as USB condoms -- are one of those cheap security tools that I recommend everyone who might find themselves using a random charger have in their pocket or bag. Along with a good VPN, antivirus software, and an encrypted flash drive, it's one of those modern-day security tools that I think are essential.

"OK, first off, what are data blockers? It's a small dongle that adds a layer of protection between your device and the charging point you're attaching it to, and it allows charging to happen but blocks any data from being communicated by physically severing the USB data lines, putting an air gap between the USB port and your smartphone, laptop, or whatever you are charging."

To read this article, click here

 

 

FBI Private Industry Notification: Ransomware Actors Continue to Gain Access through Third Parties and Legitimate System Tools

Published by FBI 7 November 2023

"The Federal Bureau of Investigation (FBI) is releasing this Private Industry Notification to highlight ransomware initial access trends and encourage organizations to implement the recommendations in the “Mitigations” section to reduce the likelihood and impact of ransomware incidents.

"As of July 2023, the FBI noted several trends emerging or continuing across the ransomware environment and is releasing this notification for industry awareness. New trends included ransomware actors exploiting vulnerabilities in vendor-controlled remote access to casino servers, and companies victimized through legitimate system management tools to elevate network permissions."

To read this notification, click here.

 

 

An Info-Stealer Campaign is now Targeting Facebook Users with Revealing Photos

Published by The Record 1 November 2023

"Cybercriminals are using Facebook ads to distribute malware and hijack users' social media accounts, researchers have found.

"In the so-called malvertising campaign, hackers exploit legitimate tools for online ad distribution and insert infected links into typical advertisements. To entice users into clicking, the campaign offers “provocative enticements” — in this case, lewd images of young women, according to cybersecurity researchers at Bitdefender."

To read this article, click here.

 

 

Apple Ships Major iOS, macOS Security Updates

Published by SecurityWeek 25 October 2023

"Device maker Apple on Wednesday rolled out major security updates for its flagship macOS and iOS platforms, warning that multiple security defects expose users to remote hacker attacks.

"The company released multiple bulletins to document at least 21 iOS security vulnerabilities and 44 macOS flaws that could lead to code execution, privilege escalation and exposure of sensitive data."

To read this article, click here.

 

 

QR Codes Used in 22% of Phishing Attacks

Published by Infosecurity Magazine 19 October 2023

"The Hoxhunt Challenge has unveiled alarming trends in employee susceptibility to phishing attacks, emphasizing the critical role of engagement in reducing human risk. 

"The study, published today and conducted in 38 organizations across nine industries and 125 countries, revealed that 22% of phishing attacks in the first weeks of October 2023 used QR codes to deliver malicious payloads."

To read this article, click here.

 

 

CISA and International Partners--Starting a Global Movement to Secure Our World

Published by Cybersecurity & Infrastructure Security Agency 13 October 2023

"While it feels like we just launched CISA’s new enduring Cybersecurity Awareness Program, we are now wrapping up the second week of Cybersecurity Awareness Month with the shared theme of Secure Our World. Inviting our international partners to amplify these awareness efforts to start a world-wide public cybersecurity movement seems particularly salient as I prepare to join so many of our partners at Singapore International Cyber Week.

"CISA partners from around the globe will be traveling to the event and, like me, will use smart phones, tablets, and other connected devices for almost everything they do. From arranging rides to and from airports, paying for meals, checking in for flights and staying in touch with colleagues, friends, and loved ones, we stay connected and online constantly. At home and abroad, we rely on a safe and secure digital world, and we expect our connected devices to work when we need them."

To read this article, click here

 

 

CISA Plans to Share More Information on Ransomware Actors in its Exploited Vulnerability Alerts

Published by The Record 13 October 2023

"The U.S.’s top cybersecurity agency said it plans to add a section dedicated to ransomware gangs to its list of vulnerabilities being exploited by hackers.

"Cybersecurity and Infrastructure Security Agency (CISA) officials said on Thursday that all organizations will now have access to information about which vulnerabilities are commonly associated with ransomware attacks through its known exploited vulnerabilities (KEV) catalog."

To read this article, click here.

 

 

LinkedIn Smart Links Abused in Phishing Campaign Targeting Microsoft Accounts

Published by SecurityWeek 12 October 2023

"A legitimate feature connected to LinkedIn’s Sales Navigator services, smart links allow businesses to promote websites and advertisements, redirecting users to specific domains.

"Threat actors, however, are relying on the feature to redirect users to malicious websites that attempt to steal their credentials and personal information, abusing the inherent trust that email gateways have in LinkedIn."

To read this article, click here.

 

 

Phishers Spoof USPS, 12 Other Natl’ Postal Services

Published by KrebsonSecurity 9 October 2023

"Recent weeks have seen a sizable uptick in the number of phishing scams targeting U.S. Postal Service (USPS) customers. Here’s a look at an extensive SMS phishing operation that tries to steal personal and financial data by spoofing the USPS, as well as postal services in at least a dozen other countries.

"KrebsOnSecurity recently heard from a reader who received an SMS purporting to have been sent by the USPS, saying there was a problem with a package destined for the reader’s address. Clicking the link in the text message brings one to the domain usps.informedtrck[.]com."

To read this article, click here.

 

 

FBI Highlights Online Safety Tips During Cybersecurity Awareness Month

Published by FBI 5 October 2023

"October is Cybersecurity Awareness Month, and the FBI is reminding the public to be cyber smart all year long. National Cybersecurity Awareness Month, now in its 20th year, is hosted by the Department of Homeland Security and the National Cyber Security Alliance. Multiple agencies, including the FBI, collaborate to raise awareness about cybersecurity and stress the collective effort needed to stop cyber intrusions and online thefts and scams."

To read this release, click here.

 

 

North Korean Gov’t Hackers Targeted Aerospace Company in Spain

Published by The Record 29 September 2023

"Hackers connected to a notorious group within the North Korean government launched an attack against an aerospace company in Spain, according to researchers at security company ESET.

"In a report on Friday, researchers said they discovered a campaign by hackers connected to Lazarus — an infamous group that has stolen billions from cryptocurrency firms over the last two years."

To read this article, click here.

 

 

A Proclamation on Cybersecurity Awareness Month, 2023

Published by The White House 29 September 2023

"Digital technologies today touch nearly every aspect of American life — from our classrooms and communities, to our economy and national security.  That is why — this Cybersecurity Awareness Month — my Administration renews our commitment to securing cyberspace and seizing the unlimited potential of our digital future."

To read this proclamation, click here.

 

 

Navigating the Digital Frontier in Cybersecurity Awareness Month 2023

Published by Security Week 21 September 2023

"This October will mark the 20th anniversary of Cybersecurity Awareness Month, a pivotal initiative launched under the guidance of the U.S. Department of Homeland Security and the National Cyber Security Alliance (NCSA). It’s primary goal is to empower Americans with knowledge that enables them to stay safe and secure online.

"In the spirit of reflection, this year’s campaign theme, “20 Years of Cybersecurity Awareness Month”, takes a critical look at the evolution of security education and awareness, while also examining the path ahead in securing our interconnected world. This year’s NCSA campaign will put a spotlight on crucial cybersecurity practices, including the importance of regularly updating software, recognizing and reporting phishing attempts, enabling multi-factor authentication (MFA), using strong passwords, and employing password managers. While these fundamentals are undeniably vital, organizations must recognize the need to go beyond them to fortify their cyber resilience."

To read this article, click here.

 

 

Canada Blames Border Checkpoint Outages on Cyberattack

Published by The Record 20 September 2023

"A cyberattack suspected to be carried out by a pro-Russia hacking group reportedly resulted in widespread service disruptions at several Canadian airports.

"The Canada Border Services Agency (CBSA) confirmed to Recorded Future News that the connectivity issues that affected check-in kiosks and electronic gates at airports last week are the result of a distributed denial of service (DDoS) attack. Such attacks work by flooding systems with junk traffic, disrupting their operations."

To read this article, click here.

 

 

Cybersecurity In Business Aviation: What Operators Should Do To Protect Themselves

Published by Simple Flying 11 September 2023

"Phishing scams, data breaches, targeted route network disruptions, and the theft of frequent flyer miles have become nearly everyday cybersecurity challenges that the aviation industry is grappling with. In fact, cyberattacks in the aviation sector surged by 24% worldwide during the first half of 2023. Simple Flying recently had the opportunity to discuss this subject with Satcom Direct, a global company specializing in satellite communications and connectivity solutions.

"Similar to commercial aviation, business aviation also contends with cybersecurity threats. The business aviation sector is undergoing increasing digitization, and disruptions in private aviation systems can and do have serious impacts. A notable trend among cyber criminals targeting business travelers involves gaining unauthorized access to confidential business data."

To read this article, click here

 
 

 

Why Consumer Drones Represent a Special Cybersecurity Risk

Published by Security Intelligence 7 September 2023

"Cybersecurity staff at an East Coast financial services company last summer detected unusual activity on its internal Atlassian Confluence page originating inside the company’s network. The MAC address used locally belonged to an employee known to be currently using the same MAC address remotely, according to a security specialist named Greg Linares, who had secondhand information about the attack.

"So, the team used a Fluke AirCheck Wi-Fi Tester device to identify the device logged in, which led the team to the roof of the building. And what they found there surprised everybody: Two drones.

"One drone was a DJI Phantom with an attached Wi-Fi Pineapple device, commonly used for penetration testing but misused in this case to hijack an internet connection (The device spoofed the legitimate network, and when employees tried to log in to the fake network, they revealed their login credentials)."

To read this article, click here

 

 

New Phishing Tool Hijacked Thousands of Microsoft Business Email Accounts

Published by The Record 6 September 2023

"Researchers have uncovered a hidden “phishing empire” targeting businesses in Europe, Australia and the U.S. with a sophisticated new tool.

"A hacking group called W3LL, which has been active since at least 2017, has created an English-language underground marketplace to sell a phishing kit that can bypass multi-factor authentication, according to a report by cybersecurity firm Group-IB.

"Their targeted buyers are "criminals of all skill levels" who want to engage in business email compromise (BEC) attacks, which involve defrauding a company through messages that appear to be official."

To read this article, click here.

 

 

FBI’s Qakbot Operation Opens Door for More Botnet Takedowns

Published by The Record 5 September 2023

"The FBI’s recent takedown of the QakBot botnet sent shockwaves throughout the cybersecurity community when it was first announced last week. QakBot had become the malware of choice for dozens of hacking groups and ransomware outfits that used it to set the table for devastating attacks.

"Since emerging in 2007 as a tool used to attack banks, the malware evolved into one of the most commonly-seen strains in the world, luring an ever-increasing number of machines into its powerful web of compromised devices. Justice Department officials said their access to the botnet’s control panel revealed it was harnessing the power of more than 700,000 machines, including over 200,000 in the U.S. alone."

To read this article, click here

 

 

Phishing-as-a-Service Gets Smarter: Microsoft Sounds Alarm on AiTM Attacks

Published by The Hacker News 29 August 2023

"Microsoft is warning of an increase in adversary-in-the-middle (AiTM) phishing techniques, which are being propagated as part of the phishing-as-a-service (PhaaS) cybercrime model.

"In addition to an uptick in AiTM-capable PhaaS platforms, the tech giant noted that existing phishing services like PerSwaysion are incorporating AiTM capabilities."

To read this article, click here

 

 

LockBit 3.0 Ransomware Builder Leak Gives Rise to Hundreds of New Variants

Published by The Hacker News 26 August 2023 

"The leak of the LockBit 3.0 ransomware builder last year has led to threat actors abusing the tool to spawn new variants.

"Russian cybersecurity company Kaspersky said it detected a ransomware intrusion that deployed a version of LockBit but with a markedly different ransom demand procedure."

To read this article, click here

 

 

The Hidden Dangers of Public Wi-Fi

Published by The Hacker News 24 August 2023

"Public Wi-Fi, which has long since become the norm, poses threats to not only individual users but also businesses. With the rise of remote work, people can now work from virtually anywhere: a cafe close to home, a hotel in a different city, or even while waiting for a plane at the airport. Next, let's explore the risks of connecting to public Wi-Fi, both for you personally and for businesses.

"According to the Forbes Advisor the majority of people (56%) connect to public Wi-Fi networks that don't require a password. This convenience comes at a price, and many are unaware that attackers can steal card details, passwords, and other sensitive information."

To read this article, click here

 

 

Ransomware Attacks Broke Records in July, Mainly Driven by This One Group

Published by ZDNet 23 Aug 2023

"Ransomware attacks reached record levels in July 2023, driven by the Cl0p ransomware group's exploitation of MOVEit software. 

"In a new report released by NCC Group's Global Threat Intelligence team, analysts observed a record number of ransomware-related cyberattacks last month, with 502 major incidents tracked. According to the researchers, this represents a 154% increase year-on-year, compared to 198 attacks traced in July 2022."

To read this article, click here.

 

 

India Passes New Digital Personal Data Protection Bill (DPDPB), Putting Users' Privacy First

Published by The Hacker News 14 August 2023

"The Indian President Droupadi Murmu on Friday granted assent to the Digital Personal Data Protection Bill (DPDPB) after it was unanimously passed by both houses of the parliament last week, marking a significant step towards securing people's information.

"The Bill provides for the processing of digital personal data in a manner that recognizes both the rights of the individuals to protect their personal data and the need to process such personal data for lawful purposes and for matters connected therewith or incidental thereto," the Indian government said."

To read this article, click here

 

 

Department of Homeland Security’s Cyber Safety Review Board to Conduct Review on Cloud Security

Published by U.S. Department of Homeland Security 11 August 2023

"WASHINGTON – Today, Secretary of Homeland Security Alejandro N. Mayorkas announced that the Cyber Safety Review Board (CSRB) will conduct its next review on the malicious targeting of cloud computing environments. The review will focus on approaches government, industry, and Cloud Service Providers (CSPs) should employ to strengthen identity management and authentication in the cloud. The CSRB will assess the recent Microsoft Exchange Online intrusion, initially reported in July 2023, and conduct a broader review of issues relating to cloud-based identity and authentication infrastructure affecting applicable CSPs and their customers. The Department began considering whether this incident would be an appropriate subject of the Board’s next review immediately upon learning of the incident in July. The Board will develop actionable recommendations that will advance cybersecurity practices for both cloud computing customers and CSPs themselves. Once concluded, the report will be transmitted to President Joseph R. Biden, Jr. through Secretary Mayorkas and Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly."

To read this press release, click here

 

 

U.S. and International Cybersecurity Partners Warn Organizations of Routinely Exploited Vulnerabilities

Published by Cybersecurity & Infrastructure Security Agency 3 August 2023

"WASHINGTON –  The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), New Zealand National Cyber Security Centre (NZ NCSC), Computer Emergency Response Team New Zealand (CERT NZ), and the United Kingdom’s National Cyber Security Centre (NCSC-U) published an advisory today on the common vulnerabilities and exposures (CVEs), to include associated common weakness enumeration (CWE), that were routinely and frequently exploited by malicious actors last year."

To read this press release, click here.

 

 

CISA: Most Cyberattacks on Gov’ts, Critical Infrastructure Involve Valid Credentials

Published by The Record 26 July 2023

"More than half of all cyberattacks on government agencies, critical infrastructure organizations and state-level government bodies involved the use of valid accounts, according to a new report from the Cybersecurity and Infrastructure Security Agency (CISA).

"In 2022, CISA worked with the United States Coast Guard (USCG) to conduct 121 Risk and Vulnerability Assessments (RVAs) on federal civilian agencies, high priority private and public sector critical infrastructure operators; and select state, local, tribal, and territorial stakeholders."

To read this article, click here.

 

 

MOVEit Hack: Number of Impacted Organizations Exceeds 340

Published by SecurityWeek 17 July 2023

"Brett Callow, a threat analyst at cybersecurity firm Emsisoft who has been monitoring the campaign, said over the weekend that he is aware of 347 impacted organizations, including 58 educational institutions in the United States. This includes Colorado State University, which last week confirmed that student and employee data may have been stolen. 

"Callow believes more than 18.6 million individuals had their data compromised as a result of the MOVEit hack. He warned that the cybercrime group that conducted the attack, known for its use of the Cl0p ransomware, is in possession of a massive quantity of data that could be useful for business email compromise (BEC) and phishing attacks."

To read this article, click here.

 

 

Ransomware Gangs Have Extorted $449 Million this Year: Chainalysis

Published by The Record 12 July 2023

"Ransomware gangs have operated at a near-record profit in the first six months of the year, extorting more than $449 million from victims, according to blockchain research firm Chainalysis.

"The figure likely pales in comparison to the actual totals because the research only looks at cryptocurrency wallets being monitored by the firm

"If the trends continue, ransomware groups are on pace to bring in nearly $900 million in 2023, only $40 million behind the peak of $939.9 million seen in 2021."

To read this article, click here.

 

 

Apple Issues Urgent Patch for Zero-Day Flaw Targeting iOS, iPadOS, macOS, and Safari

Published by The Hacker News 11 July 2023

Apple has released Rapid Security Response updates for iOS, iPadOS, macOS, and Safari web browser to address a zero-day flaw that it said has been actively exploited in the wild.

The WebKit bug, cataloged as CVE-2023-37450, could allow threat actors to achieve arbitrary code execution when processing specially crafted web content. The iPhone maker said it addressed the issue with improved checks.

To read this article, click here.

 

 

Torrent of Image-Based Phishing Emails are Harder to Detect and More Convincing

Published by ars TECHNICA 30 June 2023

"Phishing mongers have released a torrent of image-based junk emails that embed QR codes into their bodies to successfully bypass security protections and provide a level of customization to more easily fool recipients, researchers said.

"In many cases, the emails come from a compromised email address inside the organization the recipient works in, a tactic that provides a false sense of authenticity, researchers from security firm Inky said. The emails Inky detected instruct the employee to resolve security issues such as a missing two-factor authentication enrollment or to change a password and warn of repercussions that may occur if the recipient fails to follow through. Those who take the bait and click on the QR code are led to a site masquerading as a legitimate one used by the company but it captures passwords and sends them to the attackers."

To read this article, click here.

 

 

Alert: Apple Releases Security Updates for Multiple Products

Published by Cybersecurity & Infrastructure Security Agency 22 June 2023

"Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device.

"CISA encourages users and administrators to review the following advisories and apply the necessary updates."

To read this alert, click here.

 

 

These are the Most Hacked Passwords. Is Yours on the List?

Published by ZDNet 19 June 2023

"Cybercriminals use a variety of tactics to try to determine your passwords. And too many people make the effort easier by using weak and simple ones. A new study from Dojo on the most hacked passwords may be able to help you stay safer online by knowing which mistakes to avoid.

"From the RockYou2021 collection of breached password lists, Dojo was able to examine more than 6 million such passwords. As a result, the firm uncovered the most commonly-used passwords, their average length, and the most popular subjects that surfaced in a huge number of breaches."

To read this article, click here.

 

 

Increasing Insider Cyber Threats Pose Risks to Aviation

Published by Avionics International 14 June 2023

"A recent survey conducted by Bridewell, a cybersecurity services company headquartered in the UK, reveals a concerning surge in insider cyber threats within critical national infrastructure (CNI) organizations. The transport and aviation sectors are particularly at risk. As economic uncertainties loom, organizations are facing budget cuts in cybersecurity, further exacerbating the threat landscape. This research is some of the first conducted by Bridewell that focuses on the U.S."

To read this article, click here.

 

 

Winning the Mind Game: The Role of the Ransomware Negotiator

Published by The Hacker News 7 June 2023

"Ransomware is an industry. As such, it has its own business logic: organizations pay money, in crypto-currency, in order to regain control over their systems and data.

"This industry's landscape is made up of approximately 10-20 core threat actors who originally developed the ransomware's malware. To distribute the malware, they work with affiliates and distributors who utilize widespread phishing attacks to breach organizations. Profits are distributed with approximately 70% allocated to the affiliates and 10%-30% to these developers. The use of phishing renders online-based industries, like gaming, finance and insurance, especially vulnerable."

To read this article, click here.

 

 

Don't Click That ZIP File! Phishers Weaponizing .ZIP Domains to Trick Victims

Published by The Hacker News 29 May 2023

"A new phishing technique called "file archiver in the browser" can be leveraged to "emulate" a file archiver software in a web browser when a victim visits a .ZIP domain.

"Threat actors, in a nutshell, could create a realistic-looking phishing landing page using HTML and CSS that mimics legitimate file archive software, and host it on a .zip domain, thus elevating social engineering campaigns."

To read this article, click here.

 

 

Alert CodeAA23-144a: People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection

Published by Cybersecurity & Infrastructure Security Agency 24 May 2023

"The United States and international cybersecurity authorities are issuing this joint Cybersecurity Advisory (CSA) to highlight a recently discovered cluster of activity of interest associated with a People’s Republic of China (PRC) state-sponsored cyber actor, also known as Volt Typhoo. Private sector partners have identified that this activity affects networks across U.S. critical infrastructure sectors, and the authoring agencies believe the actor could apply the same techniques against these and other sectors worldwide."

To read this alert, click here

 

 

New Phishing-as-a-Service Platform Lets Cybercriminals Generate Convincing Phishing Pages

Published by The Hacker News 13 May 2023

It's more important than ever for online users to ensure that the login pages they are accessing are legitimate. 

The reason? Cyber criminals are now creating and using service platforms that make it easier for them to create man-in-the-middle and phishing attacks. 

To read this article, click here.

 

 

Why Honeytokens Are the Future of Intrusion Detection

Published by The Hacker News 10 May 2023

"A few weeks ago, the 32nd edition of RSA, one of the world's largest cybersecurity conferences, wrapped up in San Francisco. Among the highlights, Kevin Mandia, CEO of Mandiant at Google Cloud, presented a retrospective on the state of cybersecurity. During his keynote, Mandia stated:

"There are clear steps organizations can take beyond common safeguards and security tools to strengthen their defenses and increase their chances of detecting, thwarting or minimizing attack [...] Honeypots, or fake accounts deliberately left untouched by authorized users, are effective at helping organizations detect intrusions or malicious activities that security products can't stop".

To read this article, click here.

 

 

Companies Increasingly Hit With Data Breach Lawsuits: Law Firm

Published by SecurityWeek 1 May 2023

A company or business faces many possible repercussions when it falls victim to a data breach. One of these is legal action in the form of a lawsuit by those affected by the breach.

A new report reveals that in 2022, 42 lawsuits were filed by data breach victims, compared to only four lawsuits in 2018.

To read this article, click here.

 

 

Wanted Dead or Alive: Real-Time Protection Against Lateral Movement

Published by The Hacker News 1 May 2023

What is lateral movement? 

"Just a few short years ago, lateral movement was a tactic confined to top APT cybercrime organizations and nation-state operators. Today, however, it has become a commoditized tool, well within the skillset of any ransomware threat actor. This makes real-time detection and prevention of lateral movement a necessity to organizations of all sizes and across all industries. But the disturbing truth is that there is actually no tool in the current security stack that can provide this real-time protection, creating what is arguably the most critical security weakness in an organization's security architecture."

To read this article, click here.

 

 

Cybersecurity Threats To Aviation Bolstered By Efficiency, Geopolitics

Published by Aviation Week 20 April 2023

"ATLANTA—Occurrences of ransomware inside the aviation supply chain are up 600% in just one year—an indicator of escalating cybersecurity risks the industry is facing.

"The statistic was cited by Boeing at Aviation Week’s MRO Americas Conference in Atlanta."

To read this article, click here

 

 

LockBit Ransomware Now Targeting Apple macOS Devices

Published by The Hacker News 18 April 2023

"Threat actors behind the LockBit ransomware operation have developed new artifacts that can encrypt files on devices running Apple's macOS operating system.

"The development, which was reported by the MalwareHunterTeam over the weekend, appears to be the first time a big-game ransomware crew has created a macOS-based payload."

To read this article, click here.

 

 

FBI Warns of Public 'Juice Jacking' Charging Stations that Steal Your Data. How to Stay Protected

Published by ZDNet 10 April 2023

Cyber criminals are always looking for ways to steal valuable data and one of the methods they use is "Juice Jacking." Juice jacking occurs when users plug their mobile devices into a public USB charging station that has been tampered with. The corrupted station then infiltrates the connected device with surveillance software and malware, giving bad actors access to the data on the device. 

While juice jacking has existed since 2019, the Denver FBI just issued a warning to the public to "avoid using free charging stations in airports, hotels or shopping centers" via its Twitter account. 

To read this article, click here.

 

 

Strengthen Your Cybersecurity

Published by U.S. Small Business Administration 

Small businesses often have limited resources to protect their data from the actions of online actors. The U.S. Small Business Administration has published a webpage filled with helpful guidance in cybersecurity risk assessment, common threats and best practices. 

To learn more, click here.

 

 

Ransomware 'Likely’ to Target Transportation OT Systems, Warns EU Cyber Agency

Published by The Record 21 March 2023

"Ransomware attacks have become the most significant cyberthreat facing the transport sector in the European Union, according to new analysis published Tuesday.

"The 50-page report from the European Union Agency for Cybersecurity (ENISA) is the first analysis the agency has conducted into the threats facing the aviation, maritime, railway and road sectors."

To read this article, click here.

 

 

Airports’ Cyber-Security Post‑COVID: Do We Feel any Symptoms?

Published by International Airport Review 17 March 2023

"The aviation industry is always under public scrutiny, yielding channels of business, leisure, and family connections, while fighting economic currents, harsh weather conditions, terror threats and operational difficulties. Cyber‑threats have joined the party with the introduction of more internet‑based digital information and operation systems. Cyber‑crimes in this domain have been increasing during the past decade, manifesting in attacks aimed at some major international airports (2015-20 – Warsaw PL, Boryspil UP, Heathrow UK, San Francisco U.S., Prague EZ, etc.), leading air carriers (2017-21 – Qantas, Air Canada, British Airways, Cathay Pacific, Easy-Jet, etc.) and aviation chain-of-supply companies (2021 – SITA, etc.)."

To read this article, click here.

 

 

Cybercrime Losses Exceeded $10 Billion in 2022: FBI

Published by SecurityWeek 13 March 2023

"The IC3’s 2022 Internet Crime Report shows that while the number of complaints was smaller compared to 2021, losses increased from $6.9 billion to $10.3 billion. In the past five years, the agency received a total of 3.26 million complaints for $27.6 billion in losses.

"The top five types of cyber-related crimes in 2022 were phishing (300k complaints), personal data breach (58k complaints), non-payment/non-delivery scams (51k), extortion (39k), and tech support scams (32k)."

To read this article, click here.

 

 

Does Your Help Desk Know Who's Calling?

Published by The Hacker News 9 March 2023

"Phishing, the theft of users' credentials or sensitive data using social engineering, has been a significant threat since the early days of the internet – and continues to plague organizations today, accounting for more than 30% of all known breaches. And with the mass migration to remote working during the pandemic, hackers have ramped up their efforts to steal login credentials as they take advantage of the chaos and lack of in-person user verification."

To read this article, click here.

 

 

Threat intelligence: Why Attributing Cyber-Attacks Matters

Published by Infosecurity Magazine 27 February 2023

"Cyber attribution is a sensitive subject, not least because of the potential political fallout. Even when cybersecurity experts observed an explosion of wiper malware attacks targeting Ukraine during the current conflict, many did not venture to point the finger directly at the Russian state.

"For many threat intelligence analysts, however, attributing cyber-attacks is fundamental to defending against them."

To read this article, click here.

 

 

Hackers Target Bahrain Airport, News Sites to Mark Uprising

Published by SecurityWeek 14 February 2023

Insurgency groups, revolutionaries and terrorists (both foreign and domestic) are moving more into the cyber world to make their presence known. These groups seek targets with the goal of disrupting normal operations or even causing a disastrous event. 

Claiming it was supporting "our oppressed people..." a revolutionary group launched a cyber attack against the country's news agency and international airport. 

To read this article, click here.

 

 

How to Think Like a Hacker and Stay Ahead of Threats

Published by The Hacker News 8 February 2023

"To succeed as a cybersecurity analyst, you need to understand the traits, values, and thought processes of hackers, along with the tools they use to launch their attacks.

"During a webinar called The Hacker Mindset, a Red Team Researcher shared how you can use some of these tools for your own detection and prevention of breaches. He also demonstrated how an attack takes place using the Follina exploit as an example."

To read this article, click here.

 

 

Phishing Attacks are Getting Scarily Sophisticated. Here's What to Watch Out For

Published by ZDNet 31 January 2023

"Hackers are going to great lengths, including mimicking real people and creating and updating fake social media profiles, to trick victims into clicking phishing links and handing over usernames and passwords. 

"The alert from the UK's National Cyber Security Centre (NCSC) -- the cybersecurity arm of intelligence service GCHQ -- warns that the phishing attacks are targeting individuals and organisations in a range of sectors."

To read this article, click here.

 

 

German Airport and Companies Attacked by Russian Hackers

Published by Information Security Newspaper 27 January 2023

"According to a statement released by the Federal Cybersecurity Agency (BSI) on Thursday, cyberattacks have been launched against the websites of several important German authorities, including enterprises and airports.

"According to a representative for the BSI, the organization has been made aware of “DDoS attacks” (which stands for “denial of service attacks”) that are now being launched against targets in Germany."

To read this article, click here.

 

 

This Odd Phishing Scam Targets Victims with a Blank Image

Published by TechRadar 20 January 2023

"An odd new phishing scam is using blank images to scam users - and you may not even realize it, experts have claimed. 

"The format, which researchers at email security company Avanan(opens in new tab) describe as ‘blank image’, consists of threat actors embedding empty .svg files encoded with Base64 inside HTML attachments, which allows them to avoid URL redirect detection."

To read this article, click here.

 

 

AWS Security Heads Offer Top Cybersecurity Predictions for 2023

Published by VentureBeat 12 January 2023

"Last year (2022) was an unprecedented one for cybersecurity, in both good and bad ways. On the positive side, we saw increased use of passwordless and multifactor authentication (MFA) and zero-trust methods; on the negative, the cost of data breaches reaching an all-time high, the rise of commoditized cybercrime (ransomware-as-a-service), and massive breaches of Twitter, WhatsApp, Rockstar and Uber.

"What might we see in 2023? VentureBeat posed this question to several AWS security leaders. Here are their top cybersecurity predictions for 2023."

To read this article, click here.

 

 

Ominous 2023 Cybersecurity Threats Ensure an Active Landscape

Published by Security Info Watch 30 December 2022

"Before we look forward to what cyber risks stand looming at the gates for 2023, it is appropriate that we take a moment to look back at the most critical cybersecurity events of the past year. To say 2022 was an eventful year for cybersecurity professionals would be quite an understatement."

To read this article, click here.

 

 

CISA Releases Phishing Infographic

Published by Cybersecurity & Infrastructure Security Agency 8 December 2022

"Today, CISA published a Phishing Infographic to help protect both organizations and individuals from successful phishing operations. This infographic provides a visual summary of how threat actors execute successful phishing operations. Details include metrics that compare the likelihood of certain types of “bait” and how commonly each bait type succeeds in tricking the targeted individual. The infographic also provides detailed actions organizations and individuals can take to prevent successful phishing operations—from blocking phishing attempts to teaching individuals how to report successful phishing operations."

To view this infographic, click here.

 

 

 

34 Russian Cybercrime Groups Stole Over 50 Million Passwords with Stealer Malware

Published by The Hacker News 23 November 2022

"As many as 34 Russian-speaking gangs distributing information-stealing malware under the stealer-as-a-service model stole no fewer than 50 million passwords in the first seven months of 2022.

"Aside from looting passwords, the stealers also harvested 2.11 billion cookie files, 113,204 crypto wallets, and 103,150 payment cards."

To read this article, click here.

 

 

Warning: This Scam Starts With a Fake Invoice. It Could End With Crooks Stealing Your Data

Published by ZDNet 22 November 2022

"A cyber extortion gang is using phishing emails, social engineering and network of phony call centers to scam victims out of hundreds of thousands of dollars by tricking them into allowing remote access to their PC, then stealing data threatening to leak it if a ransom isn't paid. 

"According to analysis of the 'callback phishing' attacks by cybersecurity researchers at Palo Alto Networks Unit 42, the social engineering campaign is worryingly successful – which is leading to a growth in the infrastructure behind attacks, as the cyber criminals try to make as much money as possible."

To read this article, click here.

 

 

Aviation Starting to Get Hit with Rise of Cyberattacks Post-Pandemic

Published by Security Boulevard 21 November 2022 

"The aviation industry may have gotten a break from cyberattacks during the COVID-19 pandemic, but threat actors are turning their attention to the industry now that travelers are returning to airports. The widespread adoption of digital technologies has increased the attack surface of aviation companies, and political upheavals have made airlines a prime target. In this article, we’ll share some of the recent cyberattacks that have occurred on airlines, how the aviation industry is responding, and the major threats still facing the industry."

To read this article, click here.

 

 

Cybersecurity: These are the New Things to Worry About in 2023

Published by ZDNet 9 November 2022

"A year is a long time in cybersecurity.  

"Certainly, there are some constants. Ransomware has been a major cybersecurity issue for years, but shows no signs of going away as cyber criminals continue to evolve their attacks. And significant numbers of enterprise networks remain vulnerable, often as a result of security flaws for which updates have long been available."

"But even if you think you're on top of every software vulnerability in your network, new security flaws are always appearing – and some of them can have a big impact."

To read this article, click here.

 

 

Password-Hacking Attacks are on the Rise. Here's How to Stop Your Accounts From Being Stolen

Published by ZDNet 8 November 2022

"Cyber crooks are making almost 1,000 attempts to hack account passwords every single second – and they're more determined that ever, with the number of attacks on the rise.

"The figures come from Microsoft's Digital Defense Report 2022 and are based on analysis of trillions of alerts and signals collected from the company's worldwide ecosystem of products and services."

To read this article, click here.

 

 

Holiday Online Shopping

Published by Cybersecurity & Infrastructure Security Agency November 2022

"The holiday shopping season is here, and while millions of Americans will be looking for the best deals the internet has to offer, cyber criminals will be hard at work looking to target online shoppers. The holiday shopping season is a prime opportunity for bad actors to take advantage of unsuspecting shoppers through fake websites, malicious links, and even fake charities. Their goal is simple: get a hold of your personal and financial information to compromise your data, insert malicious software, steal your identity and take your money."

For more information and steps to follow, click here.

 

 

How to Combat Cyber Threats Against Aircraft

Published by Airways 24 October 2022

"Electronic and wireless systems reduce the amount of wiring in an aircraft, which in turn reduces weight, helps achieve lower fuel consumption, increases the efficiency of aircraft operations, eases the workload for aircraft crews, and enhances the comfort of passengers on board. 

"However, these wireless and electronic systems present vulnerabilities to cyber security threats that have the potential to impact the safety of both aircraft and passengers on board."

To read this article, click here.

 

 

The Growing Need for Continuous Monitoring of Your Digital Assets

Published by United States Cybersecurity Magazine October 2022

"In today’s fast-paced economic landscape, organizations have little choice but to implement a growing number of digital solutions to keep up with the competition. Unfortunately, this technological innovation comes at a price as it leaves them increasingly vulnerable to a larger variety of cyber threats. As an organization’s IT infrastructure expands, so does its attack surface."

To read this article, click here.

 

 

CISA Releases New RedEye Tool

Published by Cybersecurity & Infrastructure Security Agency

"RedEye is an open-source analytic tool developed by CISA and DOE’s Pacific Northwest National Laboratory to assist Red Teams with visualizing and reporting command and control activities. This tool, released in October 2022 on GitHub, allows an operator to assess and display complex data, evaluate mitigation strategies, and enable effective decision making in response to a Red Team assessment. The tool parses logs, such as those from Cobalt Strike, and presents the data in an easily digestible format. The users can then tag and add comments to activities displayed within the tool. The operators can use the RedEye’s presentation mode to present findings and workflow to stakeholders."

To learn more, click here.

 

 

Cyberattacks Reported at US Airports

Published by ABC News 10 October 2022

"Some of the nation's largest airports have been targeted for cyberattacks Monday by an attacker within the Russian Federation, a senior official briefed on the situation confirmed to ABC News.

"Importantly, the systems targeted do not handle air traffic control, internal airline communications and coordination, or transportation security."

To read this article, click here.

 

 

Charting a Secure Flight Path through Threatening Skies

Published by AINonline 3 October 2022

"On the ground, publicly available real-time flight tracking data provides aircraft ownership details and “actionable information that could be used by anyone with any kind of intent, be that good, bad, or otherwise,” creating identifiable security risks, said Doug Carr, NBAA's senior v-p of safety, security, sustainability, and international operations.

"As connectivity enters the cabin, “The cybersecurity threat increases, and the attacks are getting more and more sophisticated,” said Josh Wheeler, senior director of client services at Satcom Direct. He added that as bandwidth increases, “The risk profile just gets greater.”

To read this article, click here.

 

 

Hackers are Testing a Destructive New Way to Make Ransomware Attacks More Effective

Published by ZDNet 27 September 2022

"Ransomware hackers are experimenting with a new kind of attack that, instead of encrypting data, outright destroys it. The aim is to make it impossible for victims to retrieve their data if they don't pay the ransom."

To read this article, click here.

 

 

Study Shows Increased Maturity in Cybersecurity Awareness Programs and Higher Level of Security at Most Companies

Published by Homeland Security Today 6 September 2022

"Researchers at ThriveDX announced today a marked uptick in the utilization of cybersecurity awareness programs across all industries in the last year, resulting in a higher level of security at a majority of enterprises. The findings are part of the company’s newly released 2022 Global Cybersecurity Awareness Training Study including 1900+ CISOs, security leaders, and IT professionals."

To read this article, click here.

 

 

Why Data Protection Must Be a Part of Every Cybersecurity Strategy

Published by United States Cybersecurity Magazine August 2022

"Widespread transition to remote/hybrid work creates vast opportunities for cyber attackers. With much more data being stored in the cloud and employees toiling away in less-secure home-office environments, ransomware attacks have skyrocketed.

"All told, ransomware struck 66% of midsize organizations in 2021, up from 37% the previous year according to the State of Ransomware 2022 report. As cybercriminals continue to disrupt businesses, the question is not if your organization will suffer an attack. Instead, the question is when."

To read this article, click here.

 

 

Meet Borat RAT, a New Unique Triple Threat

Published by The Hacker News 22 August 2022

"Atlanta-based cyber risk intelligence company, Cyble discovered a new Remote Access Trojan (RAT) malware. What makes this particular RAT malware distinct enough to be named after the comic creation of Sacha Baron Cohen?

RAT malware typically helps cybercriminals gain complete control of a victim's system, permitting them to access network resources, files, and power to toggle the mouse and keyboard. Borat RAT malware goes beyond the standard features and enables threat actors to deploy ransomware and DDoS attacks. It also increases the number of threat actors who can launch attacks, sometimes appealing to the lowest common denominator. The added functionality of carrying out DDoS attacks makes it insidious and a risk to today's digital organizations."

To read this article, click here.

 

 

U.S. Government Offers $10 Million Reward for Information on Conti Ransomware Gang

Published by The Hacker News 12 August 2022

"The U.S. State Department on Thursday announced a $10 million reward for information related to five individuals associated with the Conti ransomware group.

"The reward offer is also notable for the fact that it marks the first time the face of a Conti associate, known as "Target," has been unmasked. The four other alleged members have been referred to as "Tramp," "Dandis," "Professor," and "Reshaev."

To read this article, click here.


 

The Business of Hackers-for-Hire Threat Actors

Published by The Hacker News 10 August 2022

"Cybercrime has entered a new era where people don't steal just for the thrill of doing it anymore. They make it their business to carry out illegal cyber activities in small groups or individually to earn business from online criminals, selling offensive services like spyware as a service or commercial cybersecurity."

To read this article, click here

 

 

Three Common Mistakes That May Sabotage Your Security Training

Published by The Hacker News 4 August 2022

"Although technical solutions protect against phishing threats, no solution is 100% effective. Consequently, companies have no choice but to involve their employees in the fight against hackers. This is where security awareness training comes into play.

"Security awareness training gives companies the confidence that their employees will execute the right response when they discover a phishing message in their inbox."

To read this article, click here.

 

 

US Offers $10 Million for Information on North Korean Hackers

Published by Security Week 27 July 2022

"The US Department of State has announced that it is offering up to $10 million as a reward for information on individuals associated with notorious North Korean state-sponsored hacking groups.

"The US government says it is interested in information on hackers that are part of the advanced persistent threat (APT) actors known as Lazarus Group, Bluenoroff, Andariel, APT38, Guardians of Peace, and Kimsuky."

To read this article, click here.

 

 

Your Biggest Cyber-Crime Threat has Almost Nothing to do with Technology

Published by ZDNet 24 July 2022

"You're asked about the biggest cybersecurity threats faced by business – which ones spring to mind first?

"Maybe it's relentless ransomware attacks, with cyber criminals encrypting networks and demanding vast sums for a decryption key – even from hospitals. Or maybe it's a sneaky malware attack, which lets hackers hide inside the network for months on end, stealing everything from usernames and passwords to bank details. 

"Both of these are on the list, for sure. These are awful attacks to experience and can cause terrible damage. But there's another much simpler form of cyber crime that makes scammers the most money by far – and doesn't get much attention."

To read this article, click here.

 

 

Here are the Top Phone Security Threats in 2022 and How to Avoid Them

Published by ZDNet 23 July 2022

"Whether or not you use a Google Android or Apple iOS smartphone, threat actors are constantly evolving their tactics to break into them. 

"This includes everything from basic spam and malicious links sent over social media to malware capable of spying on you, compromising your banking apps, or deploying ransomware on your device. "

To read this article, click here.

 

 

What Are Shadow IDs, and How Are They Crucial in 2022?

Published by The Hacker News 27 June 2022

"Shadow IDs," or in other words, unmanaged employee identities and accounts in third-party services are often created using a simple email-and-password-based registration. CASBs and corporate SSO solutions are limited to a few sanctioned applications and are not widely adopted on most websites and services either. This means, that a large part of an organization's external surface –as well as its user identities– may be completely invisible."

To read this article, click here.

 

 

Hacking Gets Dangerously Real: 8 Cybersecurity Predictions to Watch Out For

Published by ZDNet 27 June 2022

"Many businesses will fail to see the benefits of their zero-trust efforts over the next few years, while legislation around paying off ransomware gangs will be extended and attacks on operational technology might have real-life consequences, according to set of cybersecurity predictions.

"The list comes from tech analyst Gartner, which said business leaders should build these strategic planning assumptions into their security strategies for the next two years."

To read this article, click here.

 

 

This New Android Malware Bypasses Multi-Factor Authentication to Steal Your Passwords

Published by ZDNet 16 June 2022

"A newly discovered form of Android malware steals passwords, bank details and cryptocurrency wallets from users – and it does so by bypassing multi-factor authentication protections. 

"The malware has been detailed by cybersecurity researchers at F5 Labs, who've dubbed it MaliBot. It's the latest in a string of powerful malware targeting Android users."

To read this article, click here.

 

 

Cybersecurity Threats in Aviation

Published by Airport Technology 8 June 2022

"Airports face many cybersecurity threats, even though they can sometimes be preventable. A recent example of this is a distributed denial-of-service (DDOS) attack on the website of Bradley International Airport in Connecticut, US."

To read this article, click here.

 

 

Hacking Scenarios: How Hackers Choose Their Victims

Published by The Hacker News 7 June 2022

"Cyber hackers can now do just as much analyzing and evaluating as security teams for their products. They have the same or even more tools to scan any given system, so it's practical to be able to foresee their motivation and profiles."

To read this article, click here.

 

 

Cloud Computing Security: Five Things You are Probably Doing Wrong

Published by ZDNet 1 June 2022

"The ability to log in from anywhere using cloud applications is convenient for employees, but it's also a potential new opportunity for cyber criminals, who, with a set of stolen passwords, could gain access to sensitive information. There's even the prospect of hackers abusing cloud services to launch ransomware attacks and other malware campaigns."

To read this article, click here.

 

 

Secure Tomorrow Series Toolkit

Published by Cybersecurity & Infrastructure Security Agency May 2022

"The Secure Tomorrow Series Toolkit is a diverse array of interactive and thought-provoking products uniquely designed to assist stakeholders across the critical infrastructure community to self-facilitate and conduct strategic foresight activities that will enable them to derive actionable insights about the future, identify emerging risks, and develop risk management strategies that, if taken today, could enhance long-term critical infrastructure security and resilience to implement now."

To access this toolkit, click here.

 

 

FBI Alert I-050422-PSA: Business Email Compromise: The $43 Billion Scam

Published by FBI 4 May 2022

"This Public Service Announcement is an update and companion piece to Business Email Compromise PSA I-091019-PSA posted on www.ic3.gov. This PSA includes new Internet Crime Complaint Center complaint information and updated statistics from October 2013 to December 2021."

To read this announcement, click here.

 

 

National Security Memorandum on Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems

Published by The White House 4 May 2022

The White House has issued a memorandum to multiple government agencies and organizations. 

"It identifies key steps needed to maintain the Nation’s competitive advantage in quantum information science (QIS), while mitigating the risks of quantum computers to the Nation’s cyber, economic, and national security.  It directs specific actions for agencies to take as the United States begins the multi-year process of migrating vulnerable computer systems to quantum-resistant cryptography."

To read this memorandum, click here.

 

 

Connecticut Becomes Fifth State With Data Privacy Law

Published by The Record 4 May 2022

"Connecticut’s recently passed data privacy bill became law on Wednesday, making it the fifth state in the U.S. with some form of data privacy protections for its residents.

"S.B. No. 6 – The ‘Act Concerning Personal Data Privacy and Online Monitoring’ – became law without the governor’s signature because the state has a rule that passed bills become law automatically five days after they are passed during a legislative session."

To read this article, click here.

 

 

Aviation Cyber Security – High Level Analysis, Major Challenges and Where the Industry is Heading

Published by 1st Global Cyber Security Observatory April 2022

"During recent years we have witnessed important attacks on large corporations, critical infrastructures of all kinds, governments and SMEs with different levels of sophistication and diverse severity in their impact.

"As we might expect, the aviation industry is not an exception to this status quo. Nevertheless, there is a major difference with other industries like financial services, insurance or e-commerce to name just a few. In transportation and particularly in aviation there is a key life safety issue. A cyberattack, if successful, might end up in loss of numerous lives  – resulting in a complete catastrophe. If that were not enough, it might also destroy trust and eventually the brand."

To read this article, click here.

 

 

Here’s What Hackers Can Do with Just Your Cell Phone Number

Published by Reader's Digest 28 April 2022

Knowing what to do in the event a threat-actor has honed in on your personal, identifiable information can protect your accounts from considerable harm.

In this article, several examples of what can happen if your mobile phone is compromised are presented. Useful tips about the next actions to take, to rectify the situation, are laid out in detail.

To read this article, click here.

 

 

Hack DHS: Homeland Security's First Bug Bounty Turns Up 122 Vulnerabilities

Published by ZDNet 25 April 2022

"The US Department of Homeland Security (DHS)'s first bug bounty with external researchers called 'Hack DHS' helped discover 122 vulnerabilities. 

"DHS announced the Hack DHS bounty in December and in phase one of the program invited more than 450 'vetted security researchers' to get involved. DHS suggests the program produced solid results: 27 or about 22% of the 122 vulnerabilities participants found were deemed 'critical'."

To read this article, click here.

 

 

 

Most Email Security Approaches Fail to Block Common Threats

Published by Threat Post 20 April 2022

"An overwhelming number of security teams believe their email security systems to be ineffective against the most serious inbound threats, including ransomware.

"That’s according to a survey of business customers using Microsoft 365 for email commissioned by Cyren and conducted by Osterman Research, which examined concerns with phishing, business email compromise (BEC), and ransomware threats, attacks that became costly incidents, and preparedness to deal with attacks and incidents."

To read this article, click here.

 

 

Israeli Charged in Global Hacker-For-Hire Scheme Pleads Guilty

Published by U.S. News & World Report 20 April 2022

"An Israeli private detective detained in New York since 2019 on charges of involvement in a hacker-for-hire scheme pleaded guilty to wire fraud, conspiracy to commit hacking and aggravated identity theft on Wednesday.

"Federal prosecutors say the detective, Aviram Azari, organized a series of hacking missions on behalf of unnamed third parties against American companies based in New York, using fake websites and phishing messages to steal email account passwords."

To read this article, click here.

 

 

Behind the Push to Finally Eliminate Passwords

Published by Cybersecurity Dive 20 April 2022

"The FIDO Alliance wants to use smartphones as a true mobile authenticator, but the proposal faces some obstacles.

"For more than 10 years, the FIDO Alliance has been working to end password dependency. Now, the group has a new proposal in mind that enlists smartphones as roaming authenticators to sign into any account on any device, thereby leaving passwords in the dust."

To read this article, click here.

 

 

Threat Detection Accelerates in Asia, Europe, as Notification Trends Shift

Published by Cybersecurity Dive 19 April 2022

"Global cyberattacks were discovered faster over the past year, driven largely by a rise in ransomware and greater use of third-party cybersecurity firms in Europe and the Asia-Pacific region, according to Mandiant’s 2022 M-Trends report.

"The global median dwell time, which measures the number of days a cyberattack goes undetected, fell to 21 days last year, down from 24 days in 2020, Mandiant found. The decrease was driven mainly by reductions in the Asia-Pacific region, where median dwell time dropped sharply to 21 days from 76 days. Dwell times fell in Europe, the Middle East and Africa (EMEA) declined to 48 days versus 66. In those regions, third-party sources detected the majority of cyberattacks, reversing a previous trend."

To read this article, click here.



 

Oracle Releases April 2022 Critical Patch Update

Published by Cybersecurity & Infrastructure Security Agency 19 April 2022

"Oracle has released its Critical Patch Update for April 2022 to address 520 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system."

To read this notice, click here.

 

 

 

Ransomcloud: Ransomware's Latest Manifestation Targets the Cloud

Published by Infosecurity Magazine 15 April 2022

"Within the mob of malware, ransomware is leading the pack. While other malicious software ransacks computer systems, ransomware goes further by making demands. It’s the age-old tactic of extortion but re-enacted in the digital world. As we’ve become more dependent on the internet, the playing field for this particular strain of malware has expanded immeasurably. At the same time, cybersecurity threats are growing – in 2020, malware and ransomware attacks increased by 358% and 435%, respectively – and are outpacing societies’."

To read this article, click here.

 



More Than 60% of Organizations Suffered a Breach in the Past 12 Months

Published by Dark Reading 13 April 2022

"The majority of companies — 63% — have suffered at least one breach in the past 12 months. The global average breach cost $2.4 million — a price tag that increases to $3.0 million for companies unprepared to respond to compromises.

"The new data from Forrester Research, released on April 8 in a report titled "The 2021 State Of Enterprise Breaches," found that the number of breaches and the cost of breaches varied widely depending on the geographic location of the business and to what degree the organization is prepared to respond to breaches. Companies in North America had the largest disparity between the haves and have-nots: While the average organization required 38 days to find, eradicate, and recover from a breach, companies that failed to adequately prepare for security challenges took 62 days."

To read this article, click here.

 

 

Ransomware Tracker: The Latest Figures [April 2022]

Published by The Record 10 April 2022

How many ransomware attacks are currently taking place?

Find out with this tracker, which is updated each month.  

To view the tracker, click here.

 

Your Digital Footprints are More Than a Privacy Risk – They Could Help Hackers Infiltrate Computer Networks

Published by The Conversation 8 April 2022

"When you use the internet, you leave behind a trail of data, a set of digital footprints. These include your social media activities, web browsing behavior, health information, travel patterns, location maps, information about your mobile device use, photos, audio and video. This data is collected, collated, stored and analyzed by various organizations, from the big social media companies to app makers to data brokers. As you might imagine, your digital footprints put your privacy at risk, but they also affect cybersecurity."

To read this article, click here.

 

 

VMware Releases Security Updates

Published by Cybersecurity & Infrastructure Security Agency 7 April 2022

"VMware has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system."

To read this notice, click here.

 

 

How QR Codes Work and What Makes Them Dangerous – A Computer Scientist Explains

Published by The Conversation 7 April 2022

Everyone should use caution when reviewing and capturing a QR code. Aircraft pilots who use a company-issued device should ensure that the code is safe to transfer. While the QR code is certainly a convenience when researching weather conditions or other aviation-related sites, they can also be harmful. Malevolent codes can route the user to an altogether different site, potentially infiltrating personal or company account information.

To read this article, click here.

 

 

Nearly Two-Thirds of Ransomware Victims Paid Ransoms Last Year

Published by TechRepublic 5 April 2022

"A concerning number of ransomware victims have paid their attackers to retrieve their data or devices, according to CyberEdge Group’s annual Cyberthreat Defense Report. The 2022 edition features a survey of 1,200 IT security professionals and found that a whopping 63% of those suffering from ransomware attacks last year ended up compensating the malicious parties responsible for the attacks."

To read this article, click here.

 

 

CISA Adds 66 Known Exploited Vulnerabilities to Catalog

Published by Cybersecurity & Infrastructure Security Agency 25 March 2022

"CISA has added 66 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise."

To read this notice, click here.

 

 

Senate Report Examines REvil Ransomware Attacks on US Firms

Published by The Record 24 March 2022

"The top Republican on the Senate Homeland Security Committee released a report early Thursday examining the approaches of three unnamed U.S. companies that were the targeted by the Russia-based ransomware group REvil.

"The report from Sen. Rob Portman (R-Ohio) follows warnings from several senior government officials — including President Biden himself — that Russian hackers might unleash a wave of digital attacks against American companies and critical infrastructure. '“Today, my Administration is reiterating those warnings based on evolving intelligence that the Russian Government is exploring options for potential cyberattacks,”' Biden said in a statement on Monday."

To read this article, click here.

 

 

FBI and FinCEN Release Advisory on AvosLocker Ransomware

Published by Cybersecurity & Infrastructure Security Agency 22 March 2022

"The Federal Bureau of Investigation (FBI) and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) have released a joint Cybersecurity Advisory identifying indicators of compromise associated with AvosLocker ransomware. AvosLocker is a ransomware-as-a-service affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors."

To read this advisory, click here.

 

 

Microsoft confirms Lapsus$ hackers stole source code via ‘limited’ access

Published by The Verge 22 March 2022

"The hacking group Lapsus$, known for claiming to have hacked NvidiaSamsung, and more, this week claimed it has even hacked Microsoft. The group posted a file that it claimed contains partial source code for Bing and Cortana in an archive holding nearly 37GB of data."

To read this article, click here.

 

 

OpenSSL Releases Security Updates

Published by Cybersecurity & Infrastructure Security Agency 17 March 2022

"OpenSSL has released security updates addressing a vulnerability affecting multiple versions of OpenSSL. An attacker could exploit this vulnerability to cause a denial-of-service condition."

To read the updates, click here.

 

 

CISA’s Zero Trust Guidance for Enterprise Mobility Available for Public Comment

Published by Cybersecurity & Infrastructure Security Agency 8 March 2022

"CISA has released a draft version of Applying Zero Trust Principles to Enterprise Mobility for public comment. The paper guides federal agencies as they evolve and operationalize cybersecurity programs and capabilities, including cybersecurity for mobility. The public comment period will close April 18, 2022."

To read this press release, click here.

 

 

Adobe Releases Security Updates for Multiple Products

Published by Cybersecurity & Infrastructure Security Agency 8 March 2022

"Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

"CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates."

To read the updates, click here.

 

 

Cloudflare, CrowdStrike and Ping Identity to Provide Free Cybersecurity to Vulnerable Industries

Published by Silicon Angle 7 March 2022

"Cloudflare Inc., CrowdStrike Holdings Inc. and Ping Identity Corp. today are teaming up to form the Critical Infrastructure Defense Project, a project that will provide free cybersecurity services to vulnerable industries."

To read this article, click here.

 

 

CISA Adds 95 Known Exploited Vulnerabilities to Catalog

Published by Cybersecurity & Infrastructure Security Agency 3 March 2022

"CISA has added 95 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the arrow on the of the "Date Added to Catalog" column, which will sort by descending dates."

To read this update, click here.

 

 

How to Prepare Employees for Elevated Cyber Risk from the Ukraine Crisis

Published by CIO Dive 3 March 2022

"As calls for peace sound from every corner of the globe, the Ukraine war continues. The conflict embodies several fronts, not the least of which is cyber warfare.

"Even in the days preceding Russia's Feb. 24 invasion, U.S. authorities said they had linked a spate of distributed denial-of-service attacks to Russia's government, according to Cybersecurity Dive. Later, observers began detecting a series of destructive malware on Ukrainian machines."

To read this article, click here.

 

 

How COVID-19 Accelerated the Demand for a Trust Framework

Published by IDC March 2022

"The aftermath of a global pandemic is forcing businesses and society in general to take stock of operational dynamics pre-pandemic, and see which of those continue to hold weight in a changed world."

To read this report, click here.

 

 

How HR Can Prepare for a Cyberattack

Published by Cybersecurity Dive 4 March 2022

"With the risk of cyberattacks on the rise due to the war in Ukraine, experts say HR teams should be increasingly vigilant for threats that will disrupt operations.

"Beyond phishing trainings and ransomware education, HR may feel divorced from cybersecurity concerns. In the event of an outage or attack, however, people operations managers will be the ones to put their companies back on track, serving as a key liaison between the IT department and company staff at large, so preparation is key."

To read this article, click here.

 

 

Ukraine Conflict Spotlights Business Need for Cyber Resilience

Published by CIO Dive 24 February 2022

"What the world saw Thursday: a land, air and sea attack by Russian forces into Ukraine. What enterprise IT executives heard: cyber risk is level red.

"Modern IT and supply chains are interlinked, and recent attacks have shown the potential financial and physical consequences. Military operations and cyberattacks Wednesday on Ukrainian government agencies and high-profile companies telegraphed a clear and present danger, especially for infrastructure and global businesses."

To read this article, click here.

 

 

Free Cybersecurity Services and Tools

Published by Cybersecurity & Infrastructure Security Agency 21 February 2022

"As part of our continuing mission to reduce cybersecurity risk across U.S. critical infrastructure partners and state, local, tribal, and territorial governments, CISA has compiled a list of free cybersecurity tools and services to help organizations further advance their security capabilities. This living repository includes cybersecurity services provided by CISA, widely used open source tools, and free tools and services offered by private and public sector organizations across the cybersecurity community. CISA will implement a process for organizations to submit additional free tools and services for inclusion on this list in the future."

To access the services, click here.

 

 

CISA Releases New Insight to Help Critical Infrastructure Owners Prepare for and Mitigate Foreign Influence Operations

Published by Cybersecurity & Infrastructure Security Agency 18 February 2022

"WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) released a new CISA Insight today, Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure, which provides critical infrastructure owners and operators with guidance on how to identify and mitigate the risks of influence operations that use mis-, dis-, and malinformation (MDM) narratives." 

To read this press release, click here.

 

 

Cybercrime Group Relentlessly Targets Aviation and Transportation Sectors for Years

Published by The Record 15 February 2022

"A little-known cybercrime group has been relentlessly targeting companies across several industry sectors, including aviation, defense, and transportation, since at least 2017, security firm Proofpoint said in a report published today.

"Tracked using the codename of TA2541, the group has been one of the most persistent threats in recent years, even if their attacks have been largely unsophisticated and have relied on infecting and deploying commodity malware on targets’ networks."

To read this article, click here.

 

 

National Science Foundation Adds 8 Universities to Cybersecurity Scholarship Program

Published by SC Media 15 February 2022

"The National Science Foundation has invested more than $29 million in scholarships over the next five years to eight universities as part of its CyberCorps Scholarship for Service (SFS) program to address the demand for cybersecurity professionals, especially for government agencies.

"Founded in 1998, as of December 2021, some 3,842 CyberCorps students have graduated from the program, and a total of 4,773 students have been enrolled in the program since its inception."

To learn more, click here.

 

 

CISOs Reveal Biggest Challenges for Security Teams

Published by InfoSecurity Magazine 10 February 2022

"The evolution of cyber-threats and the confluence of new systems and legacy systems are the most significant current challenges for security teams, according to a panel of CISOs speaking during a virtual event organized by HP Wolf Security."

To read this article, click here.

 

 

Microsoft 365 Phishing Attack Makes Comeback

Published by InfoSecurity Magazine 8 February 2022

"Microsoft 365 users are being tricked into exposing their credentials by a vintage phishing technique involving mislabeled files.

"According to cybersecurity researchers at Vade, malicious actors are dusting off Right-to-Left Override (RLO) attacks to trick victims into executing files with disguised extensions. When victims open the files, they are prompted to enter their Microsoft 365 login information."

To read this article, click here.

 

 

Cobalt Strike Targets VMware Horizon After UK Warnings of Log4Shell Threats

Published by Cybersecurity Dive 18 January 2022

"Days after NHS Digital researchers cautioned of Log4Shell-related threat activity against VMware Horizon, threat actors are exploiting the vulnerability to install Cobalt Strike implants in VMware Horizon servers, multiple U.S. firms warned."

To read this article, click here.

 

 

Feds Want Businesses to Report Cyberattacks — the Agency Doesn't Matter

Published by Cybersecurity Dive 14 January 2022

"As the Cybersecurity and Infrastructure Security Agency (CISA) becomes a more dominant player in private sector cyber response, organizations are still confused as to what federal agency cyber victims should contact first following an incident.

"CISA is responsible for asset response, or net defense and cyber resiliency, while the FBI and Secret Service are responsible for threat response investigations, said Bryan Vorndran, assistant director within the FBI's cyber division, speaking during the Incident Response Forum Ransomware on Thursday."

To read this article, click here.

 

 

Big Tech Pushes White House for Open Source Funding, Standards After Log4j

Published by Cybersecurity Dive 14 January 2022

"The White House convened an Open Source Software Security Summit Thursday, bringing together top national security and cyber officials to discuss ways to boost the open source software security following the Log4j vulnerability, which threatened millions of devices and applications."

To read this article, click here.

 

 

White House Hosts Open-Source Software Security Summit In Light Of Expansive Log4j Flaw

Published by Cyberscoop 13 January 2022

"Tech giants and federal agencies will meet at the White House on Thursday to discuss open-source software security, a response to the widespread Log4j vulnerability that’s worrying industry and cyber leaders.

"Among the attendees are companies like Apple, Facebook and Google, as well as the Apache Software Foundation, which builds Log4ja ubiquitous open-source logging framework for websites."

To read this article, click here.

 

 

FCC Seeks Stronger Breach Reporting Rules for Telecoms

Published by Cybersecurity Dive 13 January 2022

"The Federal Communications Commission is proposing changes to bolster data breach regulations for the U.S. telecommunications industry, including faster notification to customers and stronger law enforcement.

"The proposed regulations would cut the seven business day waiting period for customer notification, force firms to report inadvertent breaches and require companies immediately notify the FCC, the FBI and the U.S. Secret Service of a breach."

To read this article, click here.

 

 

Chairwoman Rosenworcel Circulates New Data Breach Reporting Requirements

Published by Federal Communications Commission 12 January 2022

"Today Federal Communications Commission Chairwoman Jessica Rosenworcel shared with her colleagues a Notice of Proposed Rule-making (NPRM) that would begin the process of strengthening the Commission’s rules for notifying customers and federal law enforcement of breaches of customer proprietary network information (CPNI). The updates would better align the Commission’s rules with recent developments in federal and state data breach laws covering other sectors."

To read this press release, click here.

 

 

Google Drive, OneDrive Top Cloud Apps for Malware Delivery: Report

Published by Cybersecurity Dive 12 January 2022

"Cloud apps are the leading malware distributor, overtaking web downloads, according to research from Netskope. The research is based on anonymized data collected from the Netskope Security Cloud between Jan. 1, 2020 to Nov. 30, 2021.

"Widespread adoption led cloud storage apps to account for 69% of malware downloads in 2021."

To read this article, click here.

 

 

Log4j Threat Activity Limited, But CISA Says Actors Lay In Wait

Published by Cybersecurity Dive 11 January 2022

"Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, said the agency has not yet seen the Log4j vulnerability used for significant intrusions but cautioned that sophisticated threat actors may be lying in wait for cybersecurity defenders to be caught off guard during a lower level of awareness."

To read this article, click here.

 

 

Phishing Lures Await In Google Docs Comments

Published by Cybersecurity Dive 10 January 2022

"Despite the increased use of productivity tools in the enterprise, email remains a favored attack vector for bad actors because credentials for platforms like Slack are less sought-after by cybercriminals. Attackers often initiate attacks from compromised email accounts."

To read this article, click here.

 

 

Log4Shell Threat Activity Targeting VMware Horizon, UK Researchers Warn

Published by Cybersecurity Dive 10 January 2022

"NHS Digital, an information technology partner for the U.K. health system, said threat actors are targeting Log4Shell vulnerabilities in VMware Horizon to to create web shells, which can be used to steal data, introduce additional malicious software or launch a ransomware attack." 

To read this article, click here.

 

 

Deposits to Illicit Crypto Addresses Nearly Doubled in 2021, Chainalysis Finds

Published by Cyberscoop 6 January 2022

"Cryptocurrency-based crime hit a new all-time high in 2021, researchers at Chainalysis said in a report published Thursday.

"According to the report, illicit addresses tracked by Chainalysis received $14 billion in deposits over the course of 2021, almost double the amount they collected in 2020."

"To read this article, click here.

 

 

NY Attorney General Probes Widespread Credential Stuffing, 17 Companies Affected

Published by Cybersecurity Dive 6 January 2022

"Credential stuffing works because it preys on reused passwords, a common practice for personal and professional online accounts."

To read this article, click here.

 

 

Malsmoke Hackers Abuse Microsoft Signature Verification in ZLoader Cyberattacks

Published by ZDNet 5 January 2022

"The Malsmoke hacking group is now abusing a vulnerability in Microsoft's e-signature verification tool to deploy malware and steal user data.

"On Wednesday, Check Point Research (CPR) said that as of now, over 2,100 victims have been detected worldwide in a new campaign, with the majority resident in the United States, Canada, and India – although evidence of the malware has been found in 111 countries."

To read this article, click here.

 

 

FTC Threatens Enforcement on Firms Lax About Log4j Vulnerability

Published by Cybersecurity Dive 5 January 2022

"The FTC action underscores a commitment by federal regulators to ensure a more secure environment for enterprise and consumer software, according to legal experts and industry analysts."

To read this article, click here.

 

 

Log4j Threats Expected to Play Out Well Into 2022

Published by CIO Dive 4 January 2022

"Security researchers say the longer term effects of Log4j are just beginning to play out across the industry.

"As we move into 2022 we are seeing the ripples on the effects of the Log4j critical vulnerability being the new preferred threat vector for cybercriminals," said Chuck Everette, director of cybersecurity advocacy at Deep Instinct."

To read this article, click here.

 

 

What You Missed from the Log4j Holiday Cleanup

Published by Politico 3 January 2022

Hackers leveled several cyber attacks in time for festive events across the globe. 

Gaps in the Log4j program created a doorway for these threat actors. Advisories were sent out via numerous agencies.

To read this article, click here.

 

 

Data Security and Privacy with the Privacy Professor

Published by VoiceAmerica Internet Talk Radio January 2022

"There are more information security and privacy threats than ever before. As more technologies emerge, more surveillance tactics are used, and more artificial intelligence systems are deployed, cybersecurity and privacy risks grow exponentially. Rebecca has spent her entire career working to improve information security and privacy protections, by not only raising awareness of the issues within businesses and other types of organizations, but also by raising the awareness of these risks in the public and helping them to understand how to better protect their own personal data, allowing them to take their privacy protections into their own hands."

To select and listen to an episode, click here.

 

 

An Inside Look At How CISA Is Building An Agency For Elite Cybersecurity Talent

Published by The Record 26 December 2021

"Dave Bittner: The Cybersecurity and Infrastructure Security Agency, better known as CISA, was spun up in 2018 operating under the Department of Homeland Security. In July of 2021, Jen Easterly was confirmed by the US Senate as Director of CISA, and under her leadership the organization has continued its efforts toward public-private partnerships in cybersecurity. CISA recently established the Joint Cyber Defense Collaborative, an effort by the agency to lead the development of proactive cyber defense operation plans. Kiersten Todt is Chief of Staff at the Cybersecurity and Infrastructure Security Agency, and she joins us with insights on CISA’s efforts…"

To read this interview, click here.

 

 

Harris Calls for 'Cyber Doctrine' to Address Increasing Attacks

Published by The Hill 22 December 2021

During a recent television broadcast, the Vice President of the United States, Kamala Harris, emphasized her collaboration with one leader of another country in mitigating cyber attacks. 

She "is calling for a "cyber doctrine" and greater international coordination to address cybersecurity concerns after a year of mounting attacks." 

To read this article, click here.

 

 

Taking Legal Action Against Phishing Attacks

Published by Meta 20 December 2021

"Today, we filed a federal lawsuit in California court to disrupt phishing attacks designed to deceive people into sharing their login credentials on fake login pages for Facebook, Messenger, Instagram and WhatsApp. Phishing is a significant threat to millions of Internet users."

To read this article, click here.

 

 

2021 Was the Year Cybersecurity Became Everyone's Problem

Published by Axios 17 December 2021

Some individuals or companies can fall victim to a cyberattack when an abrasion of assurance in some institutions occurs.

In order to combat these attacks, and others like them, a global agreement may be the answer, per subject matter experts.

To read this article, click here.

 

 

Experts: All Breach Victims Should Freeze Credit

Published by Infosecurity Magazine 16 December 2021

Have you recently learned that your bank or credit account has been compromised? If so, there is an important step that you should take immediately. 

Even your children's accounts could be affected. In any case, threat actors can be stopped by a simple step that costs nothing. 

To read this article, click here.

 

 

Facebook Bans 7 'Surveillance-For-Hire' Companies That Spied On 50,000 Users

Published by National Public Radio 16 December 2021

Pseudo social media accounts were constructed by "surveillance for hire" firms as a means to conduct online monitoring without peoples' knowledge. The actions caused Facebook and other large platforms to prohibit the companies' access.

To read this article, click here.

 

 

One Year Later: Has SolarWinds Changed How Industry Builds Software?

Published by Cybersecurity Dive 14 December 2021

"The SolarWinds hack caused government and industry leaders to rethink how software is made and secured, giving rise to close scrutiny of the software supply chain."

To read this article, click here.

 

 

Kronos Hack Will Likely Affect How Employers Issue Paychecks and Track Hours

Published by National Public Radio 14 December 2021

"A ransomware attack on one of the largest human resources companies may impact how many employees get paid and track their paid time off.

"Human resources management company Ultimate Kronos Group (known as Kronos) said it suffered a ransomware attack that may keep its systems offline for weeks.

"Companies that rely on the software are working to find backup plans to ensure their employees are paid — including issuing paper checks, some for the first time in years."

To read this article, click here.

 

 

“Worst-Case Scenario” Log4j Exploits Travel the Globe

Published by Infosecurity Magazine 13 December 2021

Subject matter experts in the cyber industry are recommending that businesses and individuals should take stock of their operating systems. The number of attack attempts by Log4j and the susceptibility of some companies' networks has been brought to light over recent weeks. 

To read this article, click here.

 

 

CISA Holds Inaugural Meeting of New Cybersecurity Advisory Committee

Published by Cybersecurity & Infrastructure Security Agency 10 December 2021

"WASHINGTON - Today, the Cybersecurity and Infrastructure Security Agency (CISA) held its first meeting for newly appointed members of the Agency’s Cybersecurity Advisory Committee. Members discussed Committee objectives and initiatives, received a classified threat briefing, elected Committee leadership, and established subcommittees to focus on key objectives.

"CISA Director Jen Easterly chaired the meeting and was pleased to be joined by Deputy Secretary of Homeland Security John Tien and National Cyber Director Chris Inglis who helped kick off a discussion of the group’s core objectives and priorities."

To read this press release, click here.

 

 

Homeland Secretary and Top Cybersecurity Officials Meet with Silicon Valley Leaders to Stress Cybersecurity Priorities

Published by U.S. Department of Homeland Security 7 December 2021

"SAN FRANCISCO – Secretary of Homeland Security Secretary Alejandro N. Mayorkas, National Cyber Director Chris Inglis, Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly, and DHS Under Secretary for Policy Rob Silvers met yesterday with industry leaders in technology, business, and cybersecurity to discuss how the federal government and the private sector can better and more proactively partner to tackle the most pressing cybersecurity challenges."

To read this press release, click here.

 

 

 

Before the United States House of Representatives Committee on Transportation and Infrastructure: the Evolving Cybersecurity Landscape: Federal Perspectives on Securing the Nation's Infrastructure

Published by Federal Aviation Administration 2 December 2021

Larry Grossman, Chief Information Security Officer

Written Testimony

"Good morning Chair DeFazio, Ranking Member Graves, and Members of the Committee:

"Thank you for the opportunity to be here with you today to discuss the Federal Aviation Administration’s (FAA) approach to cybersecurity, both in terms of how the FAA addresses cybersecurity matters internally and how the FAA interacts with the aviation community on cybersecurity matters."

To read this testimony, click here.

 

 

Ransomware Attacks Are on the Rise. These Are the Industries Most at Risk

Published by World Economic Forum 26 November 2021

"Yaroslav Vasinskyi, a member of now-defunct hacker group REvil and alleged orchestrator behind the ransomware attack against U.S. tech company Kaseya, has been charged by the Department of Justice after his arrest in Poland last month. The hack, which targeted approximately 1,500 businesses and resulted in ransom demands totaling $70 million according to TechCrunch, is only one of several hundred publicized ransomware attacks in 2021 as our chart indicates."

To read this article, click here.

 

 

 

Vulnerability Summary for the Week of November 15, 2021

Published by Cybersecurity & Infrastructure Security Agency 22 November 2021

"The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available."

To read this bulletin, click here.

 

 

Fake Emails Sent From FBI Server Linked to “Ethical Hacker”; Security Researcher Accuses Him of Secret Double Life as a “Black Hat” Criminal

Published by CPO Magazine 19 November 2021

"If one were to gain illicit access to the Federal Bureau of Investigation’s email servers, there are countless more valuable possibilities than using it to make fun of a particular cybersecurity researcher. But that is exactly what appeared to happen last week, as a blast of thousands of fake emails from ic.fbi.gov named security professional and author Vinny Troia as a member of TheDarkOverlord hacking group and the perpetrator of a botnet attack."

To read this article, click here.

 

 

Hackers in Syria, Pakistan Taken Down by Meta After Sustained Cyber Attacks

Published by Middle East Monitor 18 November 2021

"The social media company Meta – previously known as Facebook – has taken down four malicious cyber hacking networks operating in Syria and Pakistan, which targeted Syrian opposition elements and governmental entities in Afghanistan."

To read this article, click here.

 

 

Iran is ‘Leapfrogging Our Defenses’ in a Cyber War ‘My Gut Is We Lose’: Hacking Expert Kevin Mandia

Published by CNBC 18 November 2021

"On Thursday, a federal grand jury indicted two Iranian hackers for election interference that included obtaining confidential voter information from at least one state’s election website for a cyber-based disinformation campaign targeting 100,000 Americans. Earlier this week, the U.S. government warned that Iranian hackers also have been on the ransomware offensive.

"To Kevin Mandia, the CEO of cybersecurity firm Mandiant, Iran’s success in the hacking realm is no surprise, as the nation has been upping its cyber-offensive capabilities for years to take advantage of U.S. weaknesses."

To read this article, click here.

 

 

Why Cyber Crime Groups Are Some of the World’s Most Effective Startups

Published by Information Age 17 November 2021

"Keiron Holyome, vice-president EMEA at BlackBerry, explores how the top cyber crime groups are deploying talent and technology that some startups can only dream of.

"In today’s business landscape, competition is tough. There will always be competitors looking for you to falter so they can capitalise on your success. However, there is one industry that poses arguably the greatest threat of all. One that attracts young talent, is well-attuned to social issues like politics and health, and seizes trends like the subscription model, mobile banking and cryptocurrency."

To read this article, click here.

 

 

In Alabama, Training for Cyber Crime and Competing in War Games

Published by The Wall Street Journal 16 November 2021

Whether it is a drone used for malicious purposes, or a computer employed as a means to deliver a dangerous virus, cyber crime affects everyone. As such, the need to understand and respond to cyber crime has extended to local law enforcement agencies and officers. 

Recently, local law enforcement "students" participated in a cyber war game, practiced neutralizing a live harmful virus and engaged in other educational activities hosted by federal agents from the U.S. Secret Service. 

To read this article, click here.

 

 

In a Quantum Future, Our Economy Needs to Be Protected. A Cyber Security Expert Explains Why

Published by World Economic Forum 10 November 2021

"The privacy of online communication is currently protected by cryptography, which shields information as it travels around the internet. It secures everything from making online purchases to accessing work email remotely. With capabilities of quantum computing growing rapidly, industry experts reckon that it will take at least another 10 years before quantum computers with very large numbers of qubits are available."

To read this article, click here.

 

 

A Ransomware Reality Check for CISOs

Published by Help Net Security 3 November 2021

"The rising tide of ransomware attacks targeting critical infrastructure sectors has reached unprecedented heights. Now at the top of many CISOs’ agendas, a confluence of technical, legal, ethical, and regulatory shifting winds is making this scourge on industrial environments increasingly difficult to navigate."

To read this article, click here.

 

 

Which Technologies Are Transforming Airport Security?

Published by Security Informed.com 26 October 2021

"Air travel is returning to pre-pandemic levels. COVID and its aftermath have added new compliance and operational concerns for airport security, and social and political volatility around the world emphasises the need for constant vigilance. A range of new technologies are enhancing airport security, not to mention providing new tools to simplify processes throughout the airport. We asked our Expert Panel Roundtable: Which technologies are transforming airport security?" 

To read this article, click here.

 

 

US FCC Commissioner Calls to Ban Chinese Drone Maker DJI

Published by Insider Paper 20 October 2021

Steps have been taken by several branches of the U.S. government to eliminate the use of drones manufactured by a Chinese company. 

Now, a request has been made by the US FCC Commissioner to ban the use of federal funds for the purchase of the company's drones, citing national security concerns. 

To read this article, click here.

 

 

Joint Statement of the Ministers and Representatives From the Counter Ransomware Initiative Meeting October 2021

Published by The White House 14 October 2021

"Having gathered virtually on October 13 and 14 to discuss the escalating global security threat from ransomware, we the Ministers and Representatives of Australia, Brazil, Bulgaria, Canada, Czech Republic, the Dominican Republic, Estonia, European Union, France, Germany, India, Ireland, Israel, Italy, Japan, Kenya, Lithuania, Mexico, the Netherlands, New Zealand, Nigeria, Poland, Republic of Korea, Romania, Singapore, South Africa, Sweden, Switzerland, Ukraine, United Arab Emirates, the United Kingdom, and the United States recognize that ransomware is an escalating global security threat with serious economic and security consequences."

To read this article, click here.

 

 

U.S. Unveils New Cybersecurity Requirements for Rail, Air

Published by Homeland Security News Wire 7 October 2021

"DHS has unveiled new measures to make sure the U.S. air and surface transportation sectors will not be crippled by ransomware or cyberattacks. The new measures will apply to “higher risk” rail companies, “critical” airport operators, and air passenger and air cargo companies.

"The United States is taking new steps to make sure the country’s air and surface transportation sectors will not be crippled by ransomware or cyberattacks."

To read this article, click here.

 

 

White House to Convene 30-Country Cybersecurity Meeting

Published by ZDNet 1 October 2021

"President Biden said in a statement Friday that the White House plans to convene a 30-country meeting this month to address cybersecurity."

"The topics of the meeting, Biden said, will include combating cybercrime, improving law enforcement collaboration, stemming the illicit use of cryptocurrency, building trusted 5G technology and better securing supply chains."

To read this article, click here.

 

 

Protecting Aircraft Networks From Cybersecurity Breaches

Published by AIN Online 1 October 2021

The data applications used on general aviation aircraft, including SATCOM, an acronym for satellite communications, can be as vulnerable as any other network connection. Many cybersecurity technology companies are working to alleviate threat potential. Phishing has become a particularly popular hacking method. Online conversations on private aircraft are of interest to threat actors, who can then gain access to corporate proprietary information.

To read this article, click here.

 

 

Bad Practices

Published by Cybersecurity & Infrastructure Security Agency

Not sure if your company implements strong cybersecurity safety practices? This new list of bad practices from the Cybersecurity & Infrastructure Security Agency (CISA) may help.

For details, click here.

 

 

AT&T Phone-Unlocking Malware Ring Costs Carrier $200M

Published by Threat Post 17 September 2021

"With the help of malicious insiders, a fraudster was able to install malware and remotely divorce iPhones and other handsets from the carrier’s U.S. network — all the way from Pakistan.

"The ringleader of a seven-year phone-unlocking and malware scheme will head to the clink for 12 years, according to the Department of Justice, after effectively compromising AT&T’s internal networks to install credential-thieving malware."

To read this article, click here.

 

 

Cyber Arms Dealer Exploits New Apple iPhone Software Vulnerability That Affects Most Versions, Watchdog Group Says

Published by CNBC 13 September 2021

A company in Israel is under scrutiny at a high government level. A nearly undetectable method of cybercrime has recently plagued software giant, Apple. To thwart problems for their clientele, Apple's experts had to work quickly.

To read this article, click here.

 

 

#HowTo: Defend Against Increasingly Convincing Phishing Attacks

Published by Infosecurity Magazine 13 September 2021

"Phishing attacks have been written about since at least the late 1980s, yet their impact on business has never been so big. Crime statistics published by the FBI show that social engineering — which includes phishing — was the top digital crime by victim count in 2020, causing over $54m of losses. But the total harm caused by phishing is likely far larger because about a quarter of ransomware incidents begin with a phishing email. Conceived initially to trick users into disclosing login credentials and other sensitive information, phishing in recent years has been more commonly used to infect computers with malware by tricking people into opening malicious links and documents."

To read this article, click here.

 

 

LockFile Ransomware Uses Never-Before Seen Encryption To Avoid Detection

Published by Threat Post 31 August 2021

Once a cyber attack has occurred, mitigating it becomes complicated. Corporate and other business operations may be at an even higher risk due to ever-evolving threat mechanisms.  

For read this article, click here.

 

 

BRICS NSAs Discuss Strengthening Cooperation On Counter-Terrorism, Cyber Security

Published by Rebublicworld.com 24 August 2021

Several countries met recently to discuss important security and political ideas. Cybersecurity is always a concern and information-sharing is key to successful threat intervention. 

To read this article, click here.

 

 

Senate Measure Seeks Report on GPS Vulnerabilities

Published by AINonline 23 August 2021

The need for a systems contingency plan is more important than ever. Some government entities have been asked to review what could happen during a GPS service disruption. A collaborative effort is underway between agencies to understand the service gaps.

To read this article, click here.

 

 

DOT and DHS Release Ransomware Warning Letter

Published by U.S. Department of Transportation & U.S. Department of Homeland Security August 2021

The U.S. Department of Transportation (DOT) and the U.S. Department of Homeland Security (DHS) has issued the following letter concerning ransomware:

"Dear Owners and Operators of the Transportation Systems Sector,"

"We write to express our grave concerns about the growing threat posed by malicious cyber actors and to urge you to take steps today to protect yourself from a ransomware attack before you become a victim. As you no doubt are aware, malicious hackers have targeted critical infrastructure, including hospitals, pipelines, food processing facilities, and water utilities, as well as police departments, community banks, and schools."

"These attacks directly impact Americans' daily lives, our economy, and the security of our Nation. Roughly $350 million in ransom was paid to malicious cyber actors in 2020, a more than 300% increase from the previous year. There have already been multiple notable ransomware attacks in 2021. Importantly, the majority of ransomware victims are small businesses for whom an attack is an existential threat."

"It is critical that you have the information you need to protect yourself. Earlier this month, the United States Government launched StopRansomware.gov, which provides a one-stop shop with best practices from across the federal government to protect against ransomware, clear guidance on how to report attacks, and the latest ransomware-related alerts from participating agencies. It is the first such central hub by the federal government and includes resources and content from the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Secret Service, the Department ofJustice's FBI, the Department of Commerce's NIST, and the Departments of the Treasury and Health and Human Services."

"Tackling this challenge requires collaboration across every level of government, the private sector, and our communities. Many organizations have yet to adequately protect their networks. Like many cyber-attacks, ransomware exploits the weakest link. StopRansomware.gov provides basic information that can help you take simple steps to protect your networks against ransomware and other malicious cyber activity. We encourage you to visit this website and take advantage of the tips and resources that can, collectively, better protect your organization and our Nation from cyber threats."

To download a copy of this letter, click here

 

 

DemonWare Solicits Staff to Deploy Ransomware

Published by Infosecurity Magazine 20 August 2021

Know your employees and understand their susceptibility. Proactive security awareness training can protect users from ransomware attacks.  

To read this article, click here.

 
 
 

Top 5 Mobile Device Security Tips

Published by Infosecurity Magazine 7 August 2021

Mobile device technology has advanced significantly over the past decade, in many instances, replacing the traditional computer. Having so much data stored on these devices increases their vulnerability, but there are ways to keep these devices secure.

To read this article, click here.

 

 

CISA Launches New Joint Cyber Defense Collaborative

Published by Cybersecurity & Infrastructure Security Agency 5 August 2021

"WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) announced the standup of the Joint Cyber Defense Collaborative (JCDC) today, a new agency effort to lead the development of cyber defense operations plans, and to execute those plans in coordination with partners from the federal interagency, private sector, and state, local, tribal, territorial (SLTT) government stakeholders to drive down risk before an incident and to unify defensive actions should an incident occur."

To read this announcement, click here.

 

 

U.S. Government Releases Indictment And Several Advisories Detailing Chinese Cyber Threat Activity

Published by Cybersecurity & Infrastructure Security Agency 19 July 2021

As today’s announcement from the White House indicates, the cyber threat from the People’s Republic of China (PRC) continues to evolve and poses a real risk to the nation’s critical infrastructure, as well as businesses and organizations of all sizes at home and around the world. The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with National Security Agency (NSA) and Federal Bureau of Investigation (FBI), published new advisories to help organizations assess and harden their networks against malicious Chinese state-sponsored cyber actors.

First, CISA, NSA, and FBI published a Joint Cybersecurity Advisory (CSA) to detail various Chinese state- sponsored cyber techniques used to target U.S. and Allied networks. This advisory, “Chinese State-Sponsored Cyber Operations: Observed TTPs”, is a deep dive into the techniques used when targeting U.S. and Allied networks.

Second, CISA and FBI published a Joint Cybersecurity Advisory on a Chinese Advanced Persistent Threat (APT) group known in open-source reporting as APT40. This advisory provides APT40’s tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help cybersecurity practitioners identify and remediate APT40 intrusions and established footholds. This accompanies action by the U.S. Department of Justice (DOJ) today with unsealing indictments against four APT40 cyber actors for their illicit computer network exploitation (CNE) activities via front company Hainan Xiandun Technology Development Company (Hainan Xiandun).

Third, “CISA Insights: Chinese Cyber Threat Overview for Leaders” is a joint analysis from CISA, FBI, and NSA that provides recommendations to organizational public and private sector leadership to reduce the risk of cyber espionage and data theft from Chinese state-sponsored cyber actors. Chinese state-sponsored cyber actors aggressively target U.S. and Allied political, economic, military, educational, and critical infrastructure (CI) personnel and organizations to steal sensitive data, emerging and key technology, intellectual property, and personally identifiable information (PII).

CISA also encourages users and administrators to review the blog post, Safeguarding Critical Infrastructure against Threats from the People’s Republic of Chinaby CISA Executive Assistant Director Eric Goldstein and the China Cyber Threat Overview and Advisories webpage.

CISA continues to work with our partners – both at home and abroad – to assess and identify malicious cyber activity by state-sponsored or criminals and provide the actionable information to our partners so they can protect their organization.

 

 

Phishing Continues to be One of the Easiest Paths for Ransomware

Published by ZD Net 15 July 2021

Cyber criminals routinely use phishing emails to find a way into a company's network. While phishing emails can often be easily identified, criminals are changing the game by creating ones that look legitimate in every way.

To read this article, click here.

 

 

United States Government Launches First One-Stop Ransomware Resource at StopRansomware.gov

Published by U.S. Department of Homeland Security 14 July 2021

"StopRansomware.gov establishes a one-stop hub for ransomware resources for individuals, businesses, and other organizations. The new StopRansomware.gov is a collaborative effort across the federal government and the first joint website created to help private and public organizations mitigate their ransomware risk."

To read this press release, click here.

 

 

The Aviation Industry Needs to Move Towards Cyber Resilience

Published by Tripwire 5 July 2021

All elements of aviation (e.g.; aircraft manufacturers, operators, airports) must work together to address current and emerging cyber risks, according to a new report put out by the World Economic Forum. "This report includes recommendations on three levels: international, national and organizational."

To read this article, click here.

 

 

Cyber Insurance Isn't Helping with Cybersecurity, and It Might Be Making the Ransomware Crisis Worse, Say Researchers

Published by ZD Net 28 June 2021

A group of cybersecurity researchers are recommending that cyber insurance companies require their clients to put certain controls in place to prevent a ransomware attack, in a new paper. The paper also states: "Cyber insurers may be unintentionally facilitating the behaviour of cyber criminals by contributing to the growth of targeted ransomware operations." 

To read this article, click here.

 

 

Most Firms Face Second Ransomware Attack After Paying Off First

Published by ZDNet 8 June 2021 

Kidnapping someone and holding them for ransom is a practice that can be traced back hundreds of years, and it is popular with several criminal organizations today as a source of easy money. Likewise, cyber criminals have found that holding data for ransom can be lucrative and often target victim companies again after they pay the money. 

To read this article, click here

 
 
 
 

This is How Fast a Password Leaked on the Web Will Be Tested Out by Hackers

Published by ZDNet 8 June 2021 

A famous crime-fighting superhero has been quoted as saying that crime never sleeps. This appears to be especially true for cyber criminals as one group of researchers discovered recently. 

To read this article, click here

 
 
 
 

#RSAC: Solving the Ransomware Scourge Requires a Coordinated Effort

Published by InfoSecurity magazine 18 May 2021 

RSA Security LLC recently held its annual conference and one of the topics discussed was ransomware. During the discussion, experts within this field agreed that to really discourage those who are engaging in this criminal activity, it is important for government agencies and governments to join forces. 

To read this article, click here

 
 
 
 

10 Essential Steps to Cyber Resilience as Hackers Target Critical Infrastructure

Published by Homeland Security Today 18 May 2021 

Cyberattacks are commonplace nowadays and while there are many things a company can do to lower their risk, they should have a plan on what to do if they are targeted. 

To read this article, click here

 
 
 
 

NIST Releases Tips and Tactics for Dealing With Ransomware

Published by National Institute of Standards and Technology 13 May 2021 

Ransomware has become a common tactic in cybersecurity attacks, leaving companies with limited options. To help organizations mitigate their risk of becoming a victim, the National Institute of Standards and Technology (NIST), has put together a collection of recommendations and tips. 

To read this article, click here

 

 
 
 

#WorldPasswordDay: Five Tips to Make Passwords Secure AND Convenient

Published by Infosecurity magazine 6 May 2021 

How strong are the passwords you use? It is estimated by cybersecurity experts that many people are still relying on words or number combinations anyone could guess. Here are 5 tips that could help you utilize passwords effectively. 

To read this story, click here

 

 
 
 

HSI Investigation Leads to Seizure of 9th Fraudulent Website Seeking to Capitalize on COVID-19

Published by Homeland Security Today 5 May 2021 

Cyber criminals are always looking for new opportunities to capture personal information from victims. The COVID-19 pandemic is one such opportunity and law enforcement agencies have been kept busy trying to shut these groups down.

To read this story, click here

 
 
 
 

Can the Aviation Community Stop a Cyber Attack from Taking Off?

Published by Homeland Security Today 16 April 2021 

2021 has been designated as a Year of Security Culture (YOSC) by the International Civil Aviation Organization (ICAO), a continuation from last year. In November of 2020, ICAO released its first Cybersecurity Action Plan and this plan was one of the discussion points at a recent virtual cybersecurity event.

To read this story, click here

 
 
 
 

Over 90% of Organizations Hit by a Mobile Malware Attack in 2020

Published by InfoSecurity 12 April 2021 

Before downloading an application onto a mobile device, it is always advisable to research that application and verify it is not a malicious one. A new study shows just how prevalent malware attacks targeting mobile devices are.  

To read this story, click here

 
 
 
 

Ransomware Attacks Grew by 485% in 2020

Published by Infosecurity Magazine 6 April 2021

2020 was a year of transition; companies moved workers to remote status and began relying more heavily on video conferencing tools to communicate with them. Millions of people installed medical applications on their devices to stay informed on the COVID-19 pandemic.

Hackers were paying attention to these new trends and using them as a way to increase malware attacks, according to a new report.

To read this story, click here

 

 
 
 

Joint Cybersecurity Advisory: APT Actors Exploit Vulnerabilities to Gain Initial Accessfor Future Attacks

Published by Cybersecurity & Infrastructure Security Agency 2 April 2021

SUMMARY

In March 2021 the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) observed Advanced Persistent Threat (APT) actors scanning devices on ports 4443, 8443, and 10443 for CVE-2018-13379, and enumerated devices for CVE-2020-12812 and CVE-2019-5591. It is likely that the APT actors are scanning for these vulnerabilities to gain access to multiple government, commercial, and technology services networks. APT actors have historically exploited critical vulnerabilities to conduct distributed denial-of-service (DDoS) attacks, ransomware attacks, structured query language (SQL) injection attacks, spearphishing campaigns, website defacements, and disinformation campaigns.

To download this advisory, click here

 

 
 
 

What is a VPN and Why do You Need One? Everything You Have to Know

Published by ZDNet 26 March 2021 

Virtual Private Networks, commonly referred to as VPNs, is a term that is often heard these days. Companies rely on VPNs for employees working remotely or traveling, but there are some good reasons why everyone should consider using one. 

To read this article, click here. 

 
 
 

This Company was Hit by Ransomware. Here's What they Did Next, and Why They Didn't Pay Up

Published by ZDNet 25 March 2021

Ransomware has become a profitable business for cyber criminals; hacking a large company’s network can result in millions of dollars. One company decided it wouldn’t give in to the hackers' demands. 

To read this article, click here

 
 
 
 

What is Cyber Insurance? Everything You Need to Know About What it Covers and How it Works

Published by ZDNet 25 March 2021

Did you know the concept of insuring against risks to property or persons dates back to 1347? Insurance has come a long way since then. Now, companies can purchase some form of protection in the event of a hacking or cyberattack.

To learn more about cyber insurance, click here

 

 
 
 

Foreign Nationals Sentenced for Roles in Transnational Cybercrime Enterprise

Published by United States Department of Justice 19 March 2021

The internet is a global tool we have come to rely heavily on, especially for storing personal and sensitive information. It is also a way for criminal organizations to make money. One organization, run for over seven years, was called Infraud. Now two of its members are serving time in prison after pleading guilty. 

To read this press release, click here

 
 
 
 

FBI Releases the Internet Crime Complaint Center 2020 Internet Crime Report, Including COVID-19 Scam Statistics

Published by FBI 17 March 2021

Have you been the victim of an internet crime? Online extortion, non-payment/non-delivery scams and phishing scams were the top three categories of internet crime reported to the FBI in 2020. More than ever, it’s important to educate yourself and take steps to mitigate your risk.

To read this report, click here

 
 
 
 

FBI-CISA Joint Advisory Plus Two Additional Important Cyber Notices

Published by Cybersecurity & Infrastructure Security Agency 10 March 2021

Three new notices have been released by the Cybersecurity & Infrastructure Security Agency (CISA):

  1. FBI-CISA Joint Advisory on Compromise of Microsoft Exchange Server

Today (3/10), CISA and the Federal Bureau of Investigation (FBI) released a Joint Cybersecurity Advisory to address recently disclosed vulnerabilities in Microsoft Exchange Server. CISA and FBI assess that adversaries could exploit these vulnerabilities to compromise networks and steal information, encrypt data for ransom, or even execute a destructive attack. The Joint Cybersecurity Alert places the malicious cyber actor activity observed in the current Microsoft Exchange Server product compromise into the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework.

CISA recommends organizations to review Joint CSA: AA-21-069 Compromise of Microsoft Exchange Server as well as the CISA Remediating Microsoft Exchange Vulnerabilities web page for guidance on detecting, protecting against, and remediating this malicious activity.

  1. F5 Releases Security Advisory for Multiple Vulnerabilities in BIG-IP, BIG-IQ

Earlier today (3/10), F5 announced multiple CVEs impacting BIG-IP and BIG-IQ devices. Of these, four are criticalremote code execution vulnerabilities, whereby an attacker could exploit these to take control of an affected system. Two related CVEs are buffer-overflow vulnerabilities. If triggered, a buffer overflow would result in a DoS attack, and—in certain situations — may allow remote code execution.  To fully remediate the critical vulnerabilities, BIG-IP customers must update to a patched version as soon as possible.

CISA has published a current activity alert on the specific vulnerabilities affecting BIG-IP and BIG-IQ. For additional detail, organizations are encouraged to review the information provided by F5 — including related security advisories and supplemental information—to help determine the impact on their devices.

  1. Supply Chain Compromise Short Term Remediation

Last evening (3/9), CISA began releasing new resources to support federal departments and agencies affected by related threat activity associated with the compromise of certain versions of the SolarWinds Orion platform.

These resources provide technical remediation guidance based on the three categories previously outlined in Activity Alert AA20-352A, to include related public and private sector resources recommended by CISA. The guidance will assist organizations with understanding the steps for detecting, mitigating, and evicting this threat actor from their networks, and prevent the actor’s re-use of similar tactics, techniques, and procedures. These steps will prepare federal departments and agencies for long-term actions to build more secure, resilient networks.

Although the information released will be tailored to federal departments and agencies, CISA encourages critical infrastructure, private sector organizations, and other affected entities to refer to Mitigating and Remediating APT-Compromised Networks for eviction guidance and technical resources and cisa.gov/supply-chain-compromise for general information on this compromise and related activity.

 

 

 

Microsoft Warns of Windows Win32k Privilege Escalation

Published by Cybersecurity & Infrastructure Security Agency 9 February 2021

The Cybersecurity & Infrastructure Security Agency (CISA) is sharing a new Microsoft Security Advisory. Microsoft announced there is, “...an escalation of privileges vulnerability (CVE-2021-1732) in Microsoft Win32k. A local attacker can exploit this vulnerability to take control of an affected system. Microsoft has stated that Windows 10 and Windows Server 2019 are affected by this vulnerability.”

To read this article, click here

 

 
 
 

FTC Reports Scammers Impersonating FTC

Published by Cybersecurity & Infrastructure Security Agency 26 January 2021

The Cybersecurity & Infrastructure Security Agency (CISA) newest alert comes from the Federal Trade Commission (FTC). The FTC, “...has released information on scammers attempting to impersonate the FTC. The scammers operate an FTC-spoofed website that claims to provide instant cash payments and tries to trick consumers into disclosing their financial information.”

To read this alert, click here

 

 
 
 

Personal Security Considerations

Published by Cybersecurity & Infrastructure Security Agency 14 January 2021

The Cybersecurity & Infrastructure Security Agency (CISA) has released a new fact sheet titled, “Personal Security Considerations.” CISA states that the new information, “encourages critical infrastructure owners and their personnel to remain vigilant and report suspicious behavior that individuals may exhibit in order to thwart an attack. It also contains several easily implementable security measures that can mitigate threats to personal safety.”

To learn how to protect yourself, click here.

 

 
 
 

Cybersecurity and Physical Security Convergence

Published by Cybersecurity & Infrastructure Security Agency 5 January 2021

The Cybersecurity & Infrastructure Security Agency (CISA) has released a new guide titled, “The Cybersecurity and Infrastructure Security Convergence Action Guide.” CISA states that the new guidance “describes the complex threat environment created by increasingly interconnected cyber-physical systems, and the impacts that this interconnectivity has on an organization’s cybersecurity and physical security functions.”

To read this guide, click here

 

 

 

Mitigate SolarWinds Orion Code Compromise

Published by Cybersecurity & Infrastructure Security Agency 13 December 2020

The Cybersecurity & Infrastructure Security Agency (CISA) has issued an Emergency Directive 21-01; this directive states, “SolarWinds Orion products (affected versions are 2019.4 through 2020.2.1 HF1) are currently being exploited by malicious actors. This tactic permits an attacker to gain access to network traffic management systems.”

To read this emergency directive, click here

To download the most recent update as of 18 December 2020, click here.

To read continued updates, click here.

To read the most recent update as of 30 December 2020, click here.

To read the most recent update as of 6 January 2021, click here.

 

 
 
 

That Email About Your Delivery Could Be Fake: Phishing Scammers Increase Their Attack on Online Shoppers

Published by ZDNET 1 December 2020

Before you click on any links, it’s always a good idea to think twice – especially with those emails you’re receiving regarding tracking and delivery of purchased online orders. There is a good possibility that the email in your inbox could be a phishing attempt from an online scammer.

To read this article, click here

 
 
 
 

CISA Urges All Americans to be on Alert for Holiday Scams and Cyber Threats

Published by Cybersecurity & Infrastructure Security Agency 24 November 2020

There are several great advantages in doing your holiday shopping online, but if you aren't careful, you could find yourself the victim of a cyber crime. The Cybersecurity & Infrastructure Security Agency (CISA) provides great information on how to stay cyber-safe this holiday season.

To learn how to mitigate your risk of becoming a victim, click here.

 
 
 
 

Embry-Riddle Research Aims to Blunt Aviation Cyber Attacks

Published by Embry-Riddle Aeronautical University 13 November 2020

The Cyber Scholarship Program Award was given to Embry-Riddle Aeronautical University to help mitigate cyber threats within the aviation industry. This award will provide the funds needed for research and equipment to help combat attacks and threats, such as drone hacking.

To read this article, click here

 
 
 
 

Enhancing Cybersecurity For Aircraft Systems

Published by Aero-mag.com 4 November 2020

Aircraft systems are relying more on the internet and this is raising the potential for cyber attacks on aircraft. New amendments concerning cybersecurity are being introduced by the European Aviation Safety Agency (EASA).

To read this article, click here

 
 
 
 

IoT Security for Smart Airports and Aviation Systems

Published by IoT For All 22 October 2020

We’ve all heard of smart phones, but have you heard of smart airports? Take a look at the security challenges airports face when they implement internet-based systems in their ongoing efforts to improve passenger experience.

To read this article, click here

 
 
 
 

Cyber Essentials Toolkits

Published by Cybersecurity & Infrastructure Security Agency 15 October 2020

It’s National Cyber Security Awareness Month (NCSAM)! Are you ready for the next chapter in CISA’s Cyber Essentials Toolkit? Chapter 5 has been released and CISA states, “This chapter focuses on strategies for cultivating a proactive data protection culture aimed at making organizations more resilient against attacks that may harm data integrity or render data inaccessible. It includes links to resources for leaders to understand how to properly manage backups, and safeguard against ransomware, malware, and other attacks.”

To learn more, click here

 

 
 
 

Alert (AA20-283A): APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations

Published by Cybersecurity & Infrastructure Security Agency 9 October 2020

The Cybersecurity & Infrastructure Security Agency (CISA)  and the Federal Bureau of Investigation (FBI) has issued a new alert; this alert (AA20-283A) states, “CISA has recently observed advanced persistent threat (APT) actors exploiting multiple legacy vulnerabilities in combination with a newer privilege escalation vulnerability—CVE-2020-1472—in Windows Netlogon. The commonly used tactic, known as vulnerability chaining, exploits multiple vulnerabilities in the course of a single intrusion to compromise a network or application."

To read this alert, click here

 

 
 
 

CISA and MC-ISAC Release Ransomware Guide

Published by Cybersecurity & Infrastructure Security Agency 30 September 2020

The Cybersecurity & Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have released a new guide regarding ransomware: “...that details practices that organizations should continuously engage in to help manage the risk posed by ransomware and other cyber threats.”

For more information about ransomware, click here

 

 
 
 

Telework Essentials Toolkit

Published by Cybersecurity & Infrastructure Security Agency 30 September 2020

A Telework Essentials Toolkit has recently been published by the Cybersecurity & Infrastructure Security Agency (CISA). According to CISA, this document is “...a comprehensive resource of telework best practices. The Toolkit provides three personalized modules for executive leaders, IT professionals, and teleworkers.”

To view this toolkit, click here.

 

 
 
 

Emergency Directive 20-04

Published by Cybersecurity & Infrastructure Security Agency 18 September 2020

An Emergency Directive has been released by the Cybersecurity & Infrastructure Security Agency (CISA). This Emergency Directive (20-04) from CISA concerns "a critical vulnerability affecting Microsoft Windows servers with the domain controller role. An unauthenticated attacker with only network access to the domain controller could exploit the vulnerability to completely compromise all Active Directory identity services.”

To read this Emergency Directive, click here

 

 
 
 

Iran-Based Threat Actor Exploits VPN Vulnerabilities

Published by Cybersecurity & Infrastructure Security Agency 15 September 2020

The Cybersecurity & Infrastructure Security Agency (CISA) has issued a new alert; this alert (AA20-259A) states, “CISA and FBI are aware of an Iran-based malicious cyber actor targeting several U.S. federal agencies and other U.S.-based networks.”

To read this alert, click here

 

 
 
 

Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity

Published by Cybersecurity & Infrastructure Security Agency 14 September 2020

The Cybersecurity & Infrastructure Security Agency (CISA) has issued an alert; this alert (AA20-258A) states, “The Cybersecurity and Infrastructure Security Agency (CISA) has consistently observed Chinese Ministry of State Security (MSS)-affiliated cyber threat actors using publicly available information sources and common, well-known tactics, techniques, and procedures (TTPs) to target U.S. Government agencies.”

To read this alert, click here.

 

 
 
 

Understanding the Tactics of Ransomware Attacks

Published by Security Boulevard 10 September 2020

When surfing the internet, or checking your emails, are you aware of the dangers lurking online? Don’t become a victim of a ransomware attack, instead, be prepared to fight by understanding the strategy of your enemy.

To read this article, click here.

 

 

Technical Approaches to Uncovering and Remediating Malicious Activity

Published by Cybersecurity & Infrastructure Security Agency 1 September 2020

Are you interested in learning how to mitigate malicious activity online? Well, you are in luck! An advisory, “Technical Approaches to Uncovering and Remediating Malicious Activity” has been released by the Cybersecurity & Infrastructure Security Agency (CISA), along with several international partners, and states “This joint guidance provides best practices to mitigate and detect common attack vectors; however, organizations are reminded to tailor mitigations specific to their own unique network environment.”

To learn more, click here

 

 
 
 

Cyber Essentials Toolkits

Published by Cybersecurity & Infrastructure Security Agency 17 August 2020

Technology is an essential part of our everyday lives and it's important for operations to understand the fundamentals of cybersecurity to mitigate their risk of becoming a cyberattack victim. The Cybersecurity & Infrastructure Security Agency (CISA) has published a set of Cyber Essential Toolkits that focus on the individual, staff members and an operation's systems.

To view these toolkits, click here.

 

 

The State of Civil Aviation Cybersecurity

Published by Trip Wire 9 August 2020

Are you aware of the risks that the aviation industry faces due to cyberattacks? There are many different areas of aviation that could be affected: air traffic control (ATC) centers, airlines, supply vendors, airports and passengers. It’s important to remember that as more systems connect with each other and new technology is implemented, new cybersecurity risks emerge.

To read this article, click here

 

 

 

 

Garmin Ltd. (GRMN) Q2 2020 Earnings Call Transcript

Published by The Motley Fool 29 July 2020

In the world of aviation, many rely on apps and services provided by the company, Garmin. The company recently experienced a network outage, generated by a cyberattack. CEO Clifton Pemble stated, “We immediately assessed the nature of the attack and started remediation efforts. We have no indication that any customer data was accessed, lost or stolen.”

To read this article, click here.

 
 
 

Trade Groups Warn of Online Charter Fraud

Published by AINonline 15 July 2020

If you were to conduct a Google search for private air charter, it is highly likely that you would come across an ad promoting a website that offers this service. However, chances are this website is fake, created by fraudsters looking to take advantage. Prior to booking any travel, it’s important to do your research.

To learn how to identify these fake websites, click here. 

 

 

 

 

Ransomware Attacks Spike by 140%, 57% of Organizations Agree to Pay

Published by Atlas VPN 9 June 2020

Just because something hasn’t happened to you yet, doesn’t mean it can’t happen in the future. Murphy’s Law states, “Anything that can go wrong, will go wrong.” This is why it’s crucial to know how to protect your organization/business from ransomware. Atlas VPN states, “Data extracted and analyzed by Atlas VPN reveals, the amounts of demanded ransom payments increased by 140%, comparing the numbers of 2018 to 2019. More and more organizations succumb to blackmail: 57% of organizations settled and paid the ransom during the last 12 months.”

To read this article, click here.

 

 

Cyber Security in Shipping During COVID-19 Pandemic

Published by Hellenic Shipping News 5 May 2020

The phrase ‘a new normal’ can be hard to digest, as change can be daunting. Despite this, we all need to adapt to this new way of living, especially companies and organizations. Orders concerning social distance have forced millions to start working remotely, and this includes employees of shipping companies. However, working from home raises concerns with regards to cybersecurity and puts operations at risk.

To read this article, click here. 

 

 

Aviation & Defense Cyber Security Market - Current Impact to Make Big Changes | Lockheed Martin, IBM, Rockwell Collins

Published by Open PR 30 April 2020

Cybersecurity is extremely important as it puts a plan in place to help protect and defend against possible cyber attacks/threats. It is especially crucial because of the simple fact - technologies are always advancing. Open PR states, “During these suspicious times, governments and organizations are investing more in the cybersecurity of defense and aviation products and services than they have ever before. The key factor of investment in the cybersecurity segment due to significant tension between the necessity for technology developments and simultaneously preventing these technologies from cyber-attacks.”

To read this article, click here.

 

 

SIM Swapping: A Route for Criminals to Target Those Preoccupied by COVID-19 Pandemic

Published by Homeland Security Today 22 April 2020

Technology continues to improve and our mobile devices keep us connected to many aspects of our lives. Homeland Security Today states, “SIM Swapping is a form of unauthorized access to your data through your cell phones". Using this technique criminals gain open access too many of the same accounts you can reach through your computer.

To read this article, click here.

 

 
 
 

Online Extortion Scams Increasing During the COVID-19 Crisis

Published by Homeland Security Today 22 April 2020

Stuck at home, millions of people are trying to find ways to combat their boredom. Many turn to their computers, cell phones, iPads and other devices. While keeping busy via the internet may be a way to pass time, users should still be careful. Cyber crime continues to be a growing concern with online extortion scams on the rise during the current “stay- at-home” orders.

To learn more, click here.

 
 
 
 

Defending Aviation From Cyber Attack

Published by Tech Radar 16 April 2020

Cybersecurity has become a popular topic over the years as these types of threats are becoming more and more apparent. The aviation industry faces potential cyber threats that could be damaging to your operation. These threats can effect numerous aspects of the aviation industry: passenger safety, crew safety, financial loss and more.

To read this article, click here.

 

 

Deal with Ransomware the Way Police Deal with Hostage Situations

Published by Homeland Security News Wire 27 March 2020

How much would you pay a perpetrator to retrieve back your sensitive files and data that had been stolen? Can't think of a price? Thinking this would never happen to you? Think again. Over 600 government agencies endured ransomware attacks within the first 9 months of 2019. The best course of action to prevent falling victim to this type of attack is preparation. Educate yourself on best cyber security practices to remain protected. 

To read this article, click here

 
 
 
 

How to Avoid Falling Victim to a COVID-19 Phishing Attack

Published by 101 Domain 23 March 2020

Since the coronavirus has made its way across the globe, hackers have 'gone phishing' trying to hook their victims. Knowing most people are on high alert due to recent health issues arising, hackers are taking advantage of our fears. Be aware of the new scams that have appeared and know what to look for. 

To read this article, click here

 

 

PODCAST: Connected Aircraft Cybersecurity 101 With the Satcom Guru

Published by Aviation Today 16 March 2020

Cybersecurity is an extremely broad subject and is used across many industries, including aviation. Peter Lemme, a former Boeing engineer, speaks about cybersecurity and the potential security risks that operators see while in flight. 

To listen to this Global Connected Aircraft podcast, click here.

 

 

Hackers Are Using These Fake Coronavirus Maps to Give People Malware

Published by Business Insider 12 March 2020

Coronavirus is a global pandemic affecting numerous aspects of our daily lives. During this pandemic, hackers are taking advantage of opportunities to gain access to your systems, sensitive security information (SSI) and personal identifiable information (PII). Educate yourself on safe practices and know what to look for; double check to see if you are on a secured website and ensure what you are downloading doesn’t result in malware. Stay vigilant.

To read this article, click here.

 

 

Feds Are Lining Up More Indictments Related to Chinese Cyber-Activity, Officials Say

Published by Cyberscoop 20 February 2020

Federal officials allege that China is conducting cyber attacks on U.S. companies through the use of contractors. To combat this economic espionage, the U.S. Department of Justice has stated that new indictments alleging insider threats and cyber hacking will soon be issued against Chinese nationals.

To read this article, click here.

 

 

Exclusive: Details of 10.6 Million MGM Hotel Guests Posted on a Hacking Forum

Published by ZDNet 19 February 2020

Personal information including dates of birth, home addresses, full names, emails and phone numbers were released in a large data dump on a hacking forum. The data was obtained through a hacking breach against MGM Resorts and affected more than 10 million guests, including government officials, celebrities, reporters and tech CEOs.

To read this article, click here.

 

 

Cyber-security Threat Guidance Published by ACI World

Published by International Airport Review 11 February 2020

A new handbook has been published by the Airports Council International (ACI) World, providing information on cybersecurity to airports. The handbook is intended to help airports examine their current cyber defenses as well as educate them on how to maintain and strengthen their security systems.

To read this article, click here.

 

 

Cybersecurity Expert Explains How Scammers are Taking The Coronavirus Online

Published by WECT 6 News 31 January 2020

Online searches for the coronavirus have become opportunities for cyber criminals and experts are warning users to avoid anything that doesn’t look quite right. One cybersecurity firm says it has discovered docx, mp4s and pdfs that contain malicious files, which can quickly advance through networks, taking over multiple computers. The files, which claim to have links to videos on protection from the coronavirus, can target personal information, a company’s sensitive data or just corrupt a computer system.

To read this article, click here.

 

 

Hackers Put 30 Million Wawa Customers' Data for Sale

Published by CisoMag 30 January 2020

An ongoing investigation seeks to identify the hackers responsible for a malware payload that captured payment card details of 30 million Americans. The data was then offered for sale on the dark web. 

To read this article, click here.

 

 

Preparing for Increased Geopolitical Tensions and Threats

Published by Cybersecurity & Infrastructure Security Agency 6 January 2020

CISA has released a preparation guide for navigating the increase in threats, both cyber and physical, against the United States. Reviewing and implementing the CISA Cyber Essentials can increase your defenses against a cyberattack immediately. An actionable checklist has also been provided to assist in protecting against Cyber and Physical attacks.

To download the full CISA Insight Guide, click here.

 

 

U.S. Official Visits Minneapolis to Cite Cyber Threats

Posted by Neal St. Anthony with the StarTribune 4 November 2019

The director of the National Counterintelligence and Security Center (NCSC) voices concern over the ability of the U.S. to protect its critical infrastructure from cybersecurity threats.

To read this article, click here.

 

 

National Cybersecurity Protection System (NCPS)-Intrusion Detection

Released by DHS/CUSA/PIA-033 25 September 2019

How are federal network systems protected and defended against cyber threats? This report explains how information related to known or suspected cyber threats is collected by the National Cybersecurity Protection System (NCPS).

To download this report, click here.

 

 

DHS Gives Cybersecurity Warning to Small Aircraft Owners Podcast

Published by National Business Aviation Association 12 August 2019

Several steps have been voluntarily taken in the aviation industry to address the risk of unauthorized aircraft access. This podcast, hosted by NBAA, discusses these measures in response to a warning issued by the Department of Homeland Security (DHS) concerning small aircraft and restricted access.

To listen to this podcast, click here.