Top News in Cybersecurity

Defending yourself against cyberattacks starts with understanding the risks associated with cyber activity, what some of the basic cybersecurity terms mean, and what you can do to protect yourself.


Kronos hack will likely affect how employers issue paychecks and track hours

Published by National Public Radio 14 December 2021

"A ransomware attack on one of the largest human resources companies may impact how many employees get paid and track their paid time off.

"Human resources management company Ultimate Kronos Group (known as Kronos) said it suffered a ransomware attack that may keep its systems offline for weeks.

"Companies that rely on the software are working to find backup plans to ensure their employees are paid — including issuing paper checks, some for the first time in years."

To read this article, click here.




Published by Cybersecurity & Infrastructure Security Agency 10 December 2021

"WASHINGTON - Today, the Cybersecurity and Infrastructure Security Agency (CISA) held its first meeting for newly appointed members of the Agency’s Cybersecurity Advisory Committee. Members discussed Committee objectives and initiatives, received a classified threat briefing, elected Committee leadership, and established subcommittees to focus on key objectives.

"CISA Director Jen Easterly chaired the meeting and was pleased to be joined by Deputy Secretary of Homeland Security John Tien and National Cyber Director Chris Inglis who helped kick off a discussion of the group’s core objectives and priorities."

To read this press release, click here.



Before The United States House Of Representatives Committee On Transportation And Infrastructure: The Evolving Cybersecurity Landscape: Federal Perspectives On Securing The Nation's Infrastructure

Published by Federal Aviation Administration 2 December 2021

Larry Grossman, Chief Information Security Officer

Written Testimony

"Good morning Chair DeFazio, Ranking Member Graves, and Members of the Committee:

"Thank you for the opportunity to be here with you today to discuss the Federal Aviation Administration’s (FAA) approach to cybersecurity, both in terms of how the FAA addresses cybersecurity matters internally and how the FAA interacts with the aviation community on cybersecurity matters."

To read this testimony, click here.



Ransomware attacks are on the rise. These are the industries most at risk

Published by World Economic Forum 26 November 2021

"Yaroslav Vasinskyi, a member of now-defunct hacker group REvil and alleged orchestrator behind the ransomware attack against U.S. tech company Kaseya, has been charged by the Department of Justice after his arrest in Poland last month. The hack, which targeted approximately 1,500 businesses and resulted in ransom demands totaling $70 million according to TechCrunch, is only one of several hundred publicized ransomware attacks in 2021 as our chart indicates."

To read this article, click here.




Vulnerability Summary for the Week of November 15, 2021

Published by Cybersecurity & Infrastructure Security Agency 22 November 2021

"The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available."

To read this bulletin, click here.



Hackers in Syria, Pakistan taken down by Meta after sustained cyber attacks

Published by Middle East Monitor 18 November 2021

"The social media company Meta – previously known as Facebook – has taken down four malicious cyber hacking networks operating in Syria and Pakistan, which targeted Syrian opposition elements and governmental entities in Afghanistan."

To read this article, click here.



Iran is ‘leapfrogging our defenses’ in a cyber war ‘my gut is we lose’: Hacking expert Kevin Mandia

Published by CNBC 18 November 2021

"On Thursday, a federal grand jury indicted two Iranian hackers for election interference that included obtaining confidential voter information from at least one state’s election website for a cyber-based disinformation campaign targeting 100,000 Americans. Earlier this week, the U.S. government warned that Iranian hackers also have been on the ransomware offensive.

"To Kevin Mandia, the CEO of cybersecurity firm Mandiant, Iran’s success in the hacking realm is no surprise, as the nation has been upping its cyber-offensive capabilities for years to take advantage of U.S. weaknesses."

To read this article, click here.



Why cyber crime groups are some of the world’s most effective startups

Published by Information Age 17 November 2021

"Keiron Holyome, vice-president EMEA at BlackBerry, explores how the top cyber crime groups are deploying talent and technology that some startups can only dream of.

"In today’s business landscape, competition is tough. There will always be competitors looking for you to falter so they can capitalise on your success. However, there is one industry that poses arguably the greatest threat of all. One that attracts young talent, is well-attuned to social issues like politics and health, and seizes trends like the subscription model, mobile banking and cryptocurrency."

To read this article, click here.



In Alabama, Training for Cyber Crime and Competing in War Games

Published by The Wall Street Journal 16 November 2021

Whether it is a drone used for malicious purposes, or a computer employed as a means to deliver a dangerous virus, cyber crime affects everyone. As such, the need to understand and respond to cyber crime has extended to local law enforcement agencies and officers. 

Recently, local law enforcement "students" participated in a cyber war game, practiced neutralizing a live harmful virus and engaged in other educational activities hosted by federal agents from the U.S. Secret Service. 

To read this article, click here.



In a quantum future, our economy needs to be protected. A cyber security expert explains why

Published by World Economic Forum 10 November 2021

"The privacy of online communication is currently protected by cryptography, which shields information as it travels around the internet. It secures everything from making online purchases to accessing work email remotely. With capabilities of quantum computing growing rapidly, industry experts reckon that it will take at least another 10 years before quantum computers with very large numbers of qubits are available."

To read this article, click here.



A ransomware reality check for CISOs

Published by Help Net Security 3 November 2021

"The rising tide of ransomware attacks targeting critical infrastructure sectors has reached unprecedented heights. Now at the top of many CISOs’ agendas, a confluence of technical, legal, ethical, and regulatory shifting winds is making this scourge on industrial environments increasingly difficult to navigate."

To read this article, click here.



Which Technologies Are Transforming Airport Security?

Published by Security 26 October 2021

"Air travel is returning to pre-pandemic levels. COVID and its aftermath have added new compliance and operational concerns for airport security, and social and political volatility around the world emphasises the need for constant vigilance. A range of new technologies are enhancing airport security, not to mention providing new tools to simplify processes throughout the airport. We asked our Expert Panel Roundtable: Which technologies are transforming airport security?" 

To read this article, click here.



Cybersecurity Awareness Month Resources

Published by Cybersecurity & Infrastructure Security Agency 25 October 2021

"During Cybersecurity Awareness Month, the following resources are invaluable tools for reducing cybersecurity risks and protecting yourself online. Use these resources in your communities and share them with your stakeholders throughout the year to encourage strong, nationwide cybersecurity. These materials are free and may be modified to meet your needs."

To access the resources list, click here.



US FCC Commissioner calls to ban Chinese drone maker DJI

Published by Insider Paper 20 October 2021

Steps have been taken by several branches of the U.S. government to eliminate the use of drones manufactured by a Chinese company. 

Now, a request has been made by the US FCC Commissioner to ban the use of federal funds for the purchase of the company's drones, citing national security concerns. 

To read this article, click here.



U.S. Unveils New Cybersecurity Requirements for Rail, Air

Published by Homeland Security News Wire 7 October 2021

"DHS has unveiled new measures to make sure the U.S. air and surface transportation sectors will not be crippled by ransomware or cyberattacks. The new measures will apply to “higher risk” rail companies, “critical” airport operators, and air passenger and air cargo companies.

"The United States is taking new steps to make sure the country’s air and surface transportation sectors will not be crippled by ransomware or cyberattacks."

To read this article, click here.



Protecting Aircraft Networks from Cybersecurity Breaches

Published by AIN Online 1 October 2021

The data applications used on general aviation aircraft, including SATCOM, an acronym for satellite communications, can be as vulnerable as any other network connection. Many cybersecurity technology companies are working to alleviate threat potential. Phishing has become a particularly popular hacking method. Online conversations on private aircraft are of interest to threat actors, who can then gain access to corporate proprietary information.

To read this article, click here.



CISA, FBI, and NSA Release Joint Cybersecurity Advisory on Conti Ransomware

Published by Cybersecurity & Infrastructure Security Agency 22 September 2021

"Cybersecurity Colleagues and Partners,

"The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and the National Security Agency (NSA) announced the release of an advisory today on the Conti ransomware threat, including technical details about cyber actors’ behavior mapped to MITRE ATT&CK and recommended mitigations.

"CISA and FBI have observed an increased use of Conti ransomware in more 400 attacks to steal sensitive data from U.S. and international organizations. Malicious cyber actors typically use Conti ransomware against a victim to steal files, encrypt servers and workstations, and demand a ransom payment to return stolen, sensitive data.

"To secure systems against Conti ransomware, CISA, FBI, and NSA recommend implementing the mitigation measures described in this advisory, which include requiring multi-factor authentication (MFA), implementing network segmentation, and updating your operating system and software.

"If a ransomware incident occurs at your organization, CISA, FBI, and NSA recommend the following actions:

"Follow the Ransomware Response Checklist on p. 11 of the CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide.

"Scan your backups. If possible, scan your backup data with an antivirus program to check that it is free of malware.

Report incidents immediately to CISA at, a local FBI Field Office, or U.S. Secret Service Field Office.

"Apply incident response best practices found in the joint advisory from Australia, Canada, New Zealand, the United Kingdom, and the United States on Technical Approaches to Uncovering and Remediating Malicious Activity.

"Organizations should read the advisory, assess your unique cybersecurity environment, and implement recommended mitigations for any observed security gaps or weaknesses. Any support you and your organizations can do to amplify this joint advisory through your communications and social media channels is appreciated. And as always, thank you for your continued collaboration.

"The advisory can be found here and is also available on the new, whole-of-government ransomware website,"

To read this alert, click here.



AT&T Phone-Unlocking Malware Ring Costs Carrier $200M

Published by Threat Post 17 September 2021

"With the help of malicious insiders, a fraudster was able to install malware and remotely divorce iPhones and other handsets from the carrier’s U.S. network — all the way from Pakistan.

"The ringleader of a seven-year phone-unlocking and malware scheme will head to the clink for 12 years, according to the Department of Justice, after effectively compromising AT&T’s internal networks to install credential-thieving malware."

To read this article, click here.



#HowTo: Defend Against Increasingly Convincing Phishing Attacks

Published by Infosecurity Magazine 13 September 2021

"Phishing attacks have been written about since at least the late 1980s, yet their impact on business has never been so big. Crime statistics published by the FBI show that social engineering — which includes phishing — was the top digital crime by victim count in 2020, causing over $54m of losses. But the total harm caused by phishing is likely far larger because about a quarter of ransomware incidents begin with a phishing email. Conceived initially to trick users into disclosing login credentials and other sensitive information, phishing in recent years has been more commonly used to infect computers with malware by tricking people into opening malicious links and documents."

To read this article, click here.



National Insider Threat Awareness Month Focuses on Workplace Culture

Published by Homeland Security Today 3 September 2021

"The NITAM campaign seeks to encourage employees in government and the private sector to recognize behaviors of concern and report them so early intervention can occur.

"The National Counterintelligence and Security Center (NCSC), the National Insider Threat Task Force (NITTF), the Office of the Under Secretary of Defense Intelligence and Security, the Defense Counterintelligence and Security Agency, and the Department of Homeland Security launched the third-annual “National Insider Threat Awareness Month” (NITAM).

"NITAM is an annual, month-long campaign during September to educate government and industry about the risks posed by insider threats and the role of insider threat programs.  Federal insider threat programs are composed of multi-disciplinary teams that address insider threats while protecting privacy and civil liberties of the workforce; maximizing organizational trust and ensuring positive work cultures that foster diversity and inclusion."

To read this article, click here.



LockFile Ransomware Uses Never-Before Seen Encryption to Avoid Detection

Published by Threat Post 31 August 2021

Once a cyber attack has occurred, mitigating it becomes complicated. Corporate and other business operations may be at an even higher risk due to ever-evolving threat mechanisms.  

For read this article, click here.



Man Robbed of 16 Bitcoin Sues Young Thieves’ Parents

Published by Krebs on Security 25 August 2021

As buyers make investments online, sometimes the result is not what the user bargained for. Unlike conventional banking institutions’ policies, theft protection is not always available for online, unconventional purchases. In this example of cybercrime, the costly process of flushing out the culprits took years.

To read this article, click here.



BRICS NSAs Discuss Strengthening Cooperation On Counter-terrorism, Cyber Security

Published by 24 August 2021

Several countries met recently to discuss important security and political ideas. Cybersecurity is always a concern and information-sharing is key to successful threat intervention. 

To read this article, click here.



Senate Measure Seeks Report on GPS Vulnerabilities

Published by AINonline 23 August 2021

The need for a systems contingency plan is more important than ever. Some government entities have been asked to review what could happen during a GPS service disruption. A collaborative effort is underway between agencies to understand the service gaps.

To read this article, click here.



DOT and DHS Release Ransomware Warning Letter

Published by U.S. Department of Transportation & U.S. Department of Homeland Security August 2021

The U.S. Department of Transportation (DOT) and the U.S. Department of Homeland Security (DHS) has issued the following letter concerning ransomware:

Dear Owners and Operators of the Transportation Systems Sector,

We write to express our grave concerns about the growing threat posed by malicious cyber actors and to urge you to take steps today to protect yourself from a ransomware attack before you become a victim. As you no doubt are aware, malicious hackers have targeted critical infrastructure, including hospitals, pipelines, food processing facilities, and water utilities, as well as police departments, community banks, and schools.

These attacks directly impact Americans' daily lives, our economy, and the security of our Nation. Roughly $350 million in ransom was paid to malicious cyber actors in 2020, a more than 300% increase from the previous year. There have already been multiple notable ransomware attacks in 2021. Importantly, the majority of ransomware victims are small businesses for whom an attack is an existential threat.

It is critical that you have the information you need to protect yourself. Earlier this month, the United States Government launched, which provides a one-stop shop with best practices from across the federal government to protect against ransomware, clear guidance on how to report attacks, and the latest ransomware-related alerts from participating agencies. It is the first such central hub by the federal government and includes resources and content from the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Secret Service, the Department ofJustice's FBI, the Department of Commerce's NIST, and the Departments of the Treasury and Health and Human Services.

Tackling this challenge requires collaboration across every level of government, the private sector, and our communities. Many organizations have yet to adequately protect their networks. Like many cyber-attacks, ransomware exploits the weakest link. provides basic information that can help you take simple steps to protect your networks against ransomware and other malicious cyber activity. We encourage you to visit this website and take advantage of the tips and resources that can, collectively, better protect your organization and our Nation from cyber threats.

To download a copy of this letter, click here



Why Three Random Words Make the Best Passwords

Published by Homeland Security Today 9  August 2021

Creating passwords is like playing chess with cyber hackers. The wrong move could put your data under attack. One way to thwart online criminals is using a three- random-word sequence, cyber experts say.

To read this article, click here.



Top 5 Mobile Device Security Tips

Published by Infosecurity Magazine 7  August 2021

Mobile device technology has advanced significantly over the past decade, in many instances, replacing the traditional computer. Having so much data stored on these devices increases their vulnerability, but there are ways to keep these devices secure.

To read this article, click here.




Published by Cybersecurity & Infrastructure Security Agency 5  August 2021

"WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) announced the standup of the Joint Cyber Defense Collaborative (JCDC) today, a new agency effort to lead the development of cyber defense operations plans, and to execute those plans in coordination with partners from the federal interagency, private sector, and state, local, tribal, territorial (SLTT) government stakeholders to drive down risk before an incident and to unify defensive actions should an incident occur."

To read this announcement, click here.



NSA Issues Guidance on Securing Wireless Devices in Public Settings

Published by National Security Agency 29 July 2021

Many people rely on public Wi-Fi and Bluetooth connections to run their laptops and mobile devices, but don't realize this makes their devices more vulnerable to cyber threats. To "help National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) teleworkers identify potential threats," a new cybersecurity information sheet has been published by the National Security Agency (NSA).

To read this announcement, click here.



Shifting the Cyber Mindset from ‘Assume Breach’ to ‘Breach Prevention’ Is Critical in Next Three Years, Say 91 Percent of Government Cyber Leaders

Published by Homeland Security Today 28 July 2021

From local to federal organizations, over 300 cybersecurity leaders filled out a survey, providing an insight into how organizations overall are approaching risk management and cybersecurity.

To read this article, click here.



U.S. Government Releases Indictment and Several Advisories Detailing Chinese Cyber Threat Activity

Published by Cybersecurity & Infrastructure Security Agency 19 July 2021

As today’s announcement from the White House indicates, the cyber threat from the People’s Republic of China (PRC) continues to evolve and poses a real risk to the nation’s critical infrastructure, as well as businesses and organizations of all sizes at home and around the world. The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with National Security Agency (NSA) and Federal Bureau of Investigation (FBI), published new advisories to help organizations assess and harden their networks against malicious Chinese state-sponsored cyber actors.

First, CISA, NSA, and FBI published a Joint Cybersecurity Advisory (CSA) to detail various Chinese state- sponsored cyber techniques used to target U.S. and Allied networks. This advisory, “Chinese State-Sponsored Cyber Operations: Observed TTPs”, is a deep dive into the techniques used when targeting U.S. and Allied networks.

Second, CISA and FBI published a Joint Cybersecurity Advisory on a Chinese Advanced Persistent Threat (APT) group known in open-source reporting as APT40. This advisory provides APT40’s tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help cybersecurity practitioners identify and remediate APT40 intrusions and established footholds. This accompanies action by the U.S. Department of Justice (DOJ) today with unsealing indictments against four APT40 cyber actors for their illicit computer network exploitation (CNE) activities via front company Hainan Xiandun Technology Development Company (Hainan Xiandun).

Third, “CISA Insights: Chinese Cyber Threat Overview for Leaders” is a joint analysis from CISA, FBI, and NSA that provides recommendations to organizational public and private sector leadership to reduce the risk of cyber espionage and data theft from Chinese state-sponsored cyber actors. Chinese state-sponsored cyber actors aggressively target U.S. and Allied political, economic, military, educational, and critical infrastructure (CI) personnel and organizations to steal sensitive data, emerging and key technology, intellectual property, and personally identifiable information (PII).

CISA also encourages users and administrators to review the blog post, Safeguarding Critical Infrastructure against Threats from the People’s Republic of Chinaby CISA Executive Assistant Director Eric Goldstein and the China Cyber Threat Overview and Advisories webpage.

CISA continues to work with our partners – both at home and abroad – to assess and identify malicious cyber activity by state-sponsored or criminals and provide the actionable information to our partners so they can protect their organization.



Phishing continues to be one of the easiest paths for ransomware

Published by ZD Net 15 July 2021

Cyber criminals routinely use phishing emails to find a way into a company's network. While phishing emails can often be easily identified, criminals are changing the game by creating ones that look legitimate in every way.

To read this article, click here.



United States Government Launches First One-Stop Ransomware Resource at

Published by U.S. Department of Homeland Security 14 July 2021

" establishes a one-stop hub for ransomware resources for individuals, businesses, and other organizations. The new is a collaborative effort across the federal government and the first joint website created to help private and public organizations mitigate their ransomware risk."

To read this press release, click here.



The Aviation Industry Needs to Move Towards Cyber Resilience

Published by Tripwire 5 July 2021

All elements of aviation (e.g.; aircraft manufacturers, operators, airports) must work together to address current and emerging cyber risks, according to a new report put out by the World Economic Forum. "This report includes recommendations on three levels: international, national and organizational."

To read this article, click here.



Cyber insurance isn't helping with cybersecurity, and it might be making the ransomware crisis worse, say researchers

Published by ZD Net 28 June 2021

A group of cybersecurity researchers are recommending that cyber insurance companies require their clients to put certain controls in place to prevent a ransomware attack, in a new paper. The paper also states: "Cyber insurers may be unintentionally facilitating the behaviour of cyber criminals by contributing to the growth of targeted ransomware operations." 

To read this article, click here.




Published by Cybersecurity & Infrastructure Security Agency

Not sure if your company implements strong cybersecurity safety practices? This new list of bad practices from the Cybersecurity & Infrastructure Security Agency (CISA) may help.

For details, click here.



Most firms face second ransomware attack after paying off first

Published by ZDNet 8 June 2021 

Kidnapping someone and holding them for ransom is a practice that can be traced back hundreds of years, and it is popular with several criminal organizations today as a source of easy money. Likewise, cyber criminals have found that holding data for ransom can be lucrative and often target victim companies again after they pay the money. 

To read this article, click here

This is how fast a password leaked on the web will be tested out by hackers

Published by ZDNet 8 June 2021 

A famous crime-fighting superhero has been quoted as saying that crime never sleeps. This appears to be especially true for cyber criminals as one group of researchers discovered recently. 

To read this article, click here

#RSAC: Solving the Ransomware Scourge Requires a Coordinated Effort

Published by InfoSecurity magazine 18 May 2021 

RSA Security LLC recently held its annual conference and one of the topics discussed was ransomware. During the discussion, experts within this field agreed that to really discourage those who are engaging in this criminal activity, it is important for government agencies and governments to join forces. 

To read this article, click here

10 Essential Steps to Cyber Resilience as Hackers Target Critical Infrastructure

Published by Homeland Security Today 18 May 2021 

Cyberattacks are commonplace nowadays and while there are many things a company can do to lower their risk, they should have a plan on what to do if they are targeted. 

To read this article, click here

NIST Releases Tips and Tactics for Dealing With Ransomware

Published by National Institute of Standards and Technology 13 May 2021 

Ransomware has become a common tactic in cybersecurity attacks, leaving companies with limited options. To help organizations mitigate their risk of becoming a victim, the National Institute of Standards and Technology (NIST), has put together a collection of recommendations and tips. 

To read this article, click here

#WorldPasswordDay: Five Tips to Make Passwords Secure AND Convenient

Published by Infosecurity magazine 6 May 2021 

How strong are the passwords you use? It is estimated by cybersecurity experts that many people are still relying on words or number combinations anyone could guess. Here are 5 tips that could help you utilize passwords effectively. 

To read this story, click here

HSI Investigation Leads to Seizure of 9th Fraudulent Website Seeking to Capitalize on COVID-19

Published by Homeland Security Today 5 May 2021 

Cyber criminals are always looking for new opportunities to capture personal information from victims. The COVID-19 pandemic is one such opportunity and law enforcement agencies have been kept busy trying to shut these groups down.

To read this story, click here

Can the Aviation Community Stop a Cyber Attack from Taking Off?

Published by Homeland Security Today 16 April 2021 

2021 has been designated as a Year of Security Culture (YOSC) by the International Civil Aviation Organization (ICAO), a continuation from last year. In November of 2020, ICAO released its first Cybersecurity Action Plan and this plan was one of the discussion points at a recent virtual cybersecurity event.

To read this story, click here

Over 90% of Organizations Hit by a Mobile Malware Attack in 2020

Published by InfoSecurity 12 April 2021 

Before downloading an application onto a mobile device, it is always advisable to research that application and verify it is not a malicious one. A new study shows just how prevalent malware attacks targeting mobile devices are.  

To read this story, click here

Responding to a Cybersecurity Incident

Published by Cybersecurity Guide 

Have you encountered issues while logging into your account, seen your device suddenly turn off and back on, or experienced mysterious changes to your files? You could be experiencing a cyber attack. Learn how to mitigate your risk and identify the signs. 

To read this story, click here

Ransomware Attacks Grew by 485% in 2020

Published by Infosecurity magazine 6 April 2021

2020 was a year of transition; companies moved workers to remote status and began relying more heavily on video conferencing tools to communicate with them. Millions of people installed medical applications on their devices to stay informed on the COVID-19 pandemic.

Hackers were paying attention to these new trends and using them as a way to increase malware attacks, according to a new report.

To read this story, click here

Joint Cybersecurity Advisory: APT Actors Exploit Vulnerabilities to Gain Initial Accessfor Future Attacks

Published by Cybersecurity & Infrastructure Security Agency 2 April 2021


In March 2021 the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) observed Advanced Persistent Threat (APT) actors scanning devices on ports 4443, 8443, and 10443 for CVE-2018-13379, and enumerated devices for CVE-2020-12812 and CVE-2019-5591. It is likely that the APT actors are scanning for these vulnerabilities to gain access to multiple government, commercial, and technology services networks. APT actors have historically exploited critical vulnerabilities to conduct distributed denial-of-service (DDoS) attacks, ransomware attacks, structured query language (SQL) injection attacks, spearphishing campaigns, website defacements, and disinformation campaigns.

To download this advisory, click here

What is a VPN and why do you need one? Everything you have to know

Published by ZDNet 26 March 2021 

Virtual Private Networks, commonly referred to as VPNs, is a term that is often heard these days. Companies rely on VPNs for employees working remotely or traveling, but there are some good reasons why everyone should consider using one. 

To read this article, click here

This company was hit by ransomware. Here's what they did next, and why they didn't pay up

Published by ZDNet 25 March 2021

Ransomware has become a profitable business for cyber criminals; hacking a large company’s network can result in millions of dollars. One company decided it wouldn’t give in to the hackers' demands. 

To read this article, click here

What is cyber insurance? Everything you need to know about what it covers and how it works

Published by ZDNet 25 March 2021
Did you know the concept of insuring against risks to property or persons dates back to 1347? Insurance has come a long way since then. Now, companies can purchase some form of protection in the event of a hacking or cyberattack.
To learn more about cyber insurance, click here

Foreign Nationals Sentenced for Roles in Transnational Cybercrime Enterprise

Published by United States Department of Justice 19 March 2021

The internet is a global tool we have come to rely heavily on, especially for storing personal and sensitive information. It is also a way for criminal organizations to make money. One organization, run for over seven years, was called Infraud. Now two of its members are serving time in prison after pleading guilty. 

To read this press release, click here

FBI Releases the Internet Crime Complaint Center 2020 Internet Crime Report, Including COVID-19 Scam Statistics

Published by FBI 17 March 2021

Have you been the victim of an internet crime? Online extortion, non-payment/non-delivery scams and phishing scams were the top three categories of internet crime reported to the FBI in 2020. More than ever, it’s important to educate yourself and take steps to mitigate your risk.

To read this report, click here

FBI-CISA Joint Advisory Plus Two Additional Important Cyber Notices

Published by Cybersecurity & Infrastructure Security Agency 10 March 2021
Three new notices have been released by the Cybersecurity & Infrastructure Security Agency (CISA):
  1. FBI-CISA Joint Advisory on Compromise of Microsoft Exchange Server

Today (3/10), CISA and the Federal Bureau of Investigation (FBI) released a Joint Cybersecurity Advisory to address recently disclosed vulnerabilities in Microsoft Exchange Server. CISA and FBI assess that adversaries could exploit these vulnerabilities to compromise networks and steal information, encrypt data for ransom, or even execute a destructive attack. The Joint Cybersecurity Alert places the malicious cyber actor activity observed in the current Microsoft Exchange Server product compromise into the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework.

CISA recommends organizations to review Joint CSA: AA-21-069 Compromise of Microsoft Exchange Server as well as the CISA Remediating Microsoft Exchange Vulnerabilities web page for guidance on detecting, protecting against, and remediating this malicious activity.

  1. F5 Releases Security Advisory for Multiple Vulnerabilities in BIG-IP, BIG-IQ

Earlier today (3/10), F5 announced multiple CVEs impacting BIG-IP and BIG-IQ devices. Of these, four are criticalremote code execution vulnerabilities, whereby an attacker could exploit these to take control of an affected system. Two related CVEs are buffer-overflow vulnerabilities. If triggered, a buffer overflow would result in a DoS attack, and—in certain situations — may allow remote code execution.  To fully remediate the critical vulnerabilities, BIG-IP customers must update to a patched version as soon as possible.

CISA has published a current activity alert on the specific vulnerabilities affecting BIG-IP and BIG-IQ. For additional detail, organizations are encouraged to review the information provided by F5 — including related security advisories and supplemental information—to help determine the impact on their devices.

  1. Supply Chain Compromise Short Term Remediation

Last evening (3/9), CISA began releasing new resources to support federal departments and agencies affected by related threat activity associated with the compromise of certain versions of the SolarWinds Orion platform.

These resources provide technical remediation guidance based on the three categories previously outlined in Activity Alert AA20-352A, to include related public and private sector resources recommended by CISA. The guidance will assist organizations with understanding the steps for detecting, mitigating, and evicting this threat actor from their networks, and prevent the actor’s re-use of similar tactics, techniques, and procedures. These steps will prepare federal departments and agencies for long-term actions to build more secure, resilient networks.

Although the information released will be tailored to federal departments and agencies, CISA encourages critical infrastructure, private sector organizations, and other affected entities to refer to Mitigating and Remediating APT-Compromised Networks for eviction guidance and technical resources and for general information on this compromise and related activity.


Microsoft Warns of Windows Win32k Privilege Escalation

Published by Cybersecurity & Infrastructure Security Agency 9 February 2021
The Cybersecurity & Infrastructure Security Agency (CISA) is sharing a new Microsoft Security Advisory. Microsoft announced there is, “ escalation of privileges vulnerability (CVE-2021-1732) in Microsoft Win32k. A local attacker can exploit this vulnerability to take control of an affected system. Microsoft has stated that Windows 10 and Windows Server 2019 are affected by this vulnerability.”
To read this article, click here

FTC Reports Scammers Impersonating FTC

Published by Cybersecurity & Infrastructure Security Agency 26 January 2021
The Cybersecurity & Infrastructure Security Agency (CISA) newest alert comes from the Federal Trade Commission (FTC). The FTC, “...has released information on scammers attempting to impersonate the FTC. The scammers operate an FTC-spoofed website that claims to provide instant cash payments and tries to trick consumers into disclosing their financial information.”
To read this alert, click here

Personal Security Considerations

Published by Cybersecurity & Infrastructure Security Agency 14 January 2021
The Cybersecurity & Infrastructure Security Agency (CISA) has released a new fact sheet titled, “Personal Security Considerations.” CISA states that the new information, “encourages critical infrastructure owners and their personnel to remain vigilant and report suspicious behavior that individuals may exhibit in order to thwart an attack. It also contains several easily implementable security measures that can mitigate threats to personal safety.”
To learn how to protect yourself, click here.

Cybersecurity and Physical Security Convergence

Published by Cybersecurity & Infrastructure Security Agency 5 January 2021
The Cybersecurity & Infrastructure Security Agency (CISA) has released a new guide titled, “The Cybersecurity and Infrastructure Security Convergence Action Guide.” CISA states that the new guidance “describes the complex threat environment created by increasingly interconnected cyber-physical systems, and the impacts that this interconnectivity has on an organization’s cybersecurity and physical security functions.”
To read this guide, click here



CBP and Simplified Arrival Stop Imposter at Washington Dulles

Published by Homeland Security Today 4 January 2021
A man who had multiple warrants for his arrest attempted to use a family member’s identification when he was flagged by CBP’s Simplified Arrival facial comparison technology. Keith Fleming, Acting Director of Field Operations for CBP’s Baltimore Field Office states, “Posing as someone else when attempting to enter the United States is a serious violation of U.S. immigration law and has very serious consequences...”
To read this article, click here.

Mitigate SolarWinds Orion Code Compromise

Published by Cybersecurity & Infrastructure Security Agency 13 December 2020
The Cybersecurity & Infrastructure Security Agency (CISA) has issued an Emergency Directive 21-01; this directive states, “SolarWinds Orion products (affected versions are 2019.4 through 2020.2.1 HF1) are currently being exploited by malicious actors. This tactic permits an attacker to gain access to network traffic management systems.”
To read this emergency directive, click here
To download the most recent update as of 18 December 2020, click here.
To read additional information and resources, click here.
To read continued updates, click here.
To read the most recent update as of 30 December 2020, click here.
To read the most recent update as of 6 January 2021, click here.

That Email About Your Delivery Could Be Fake: Phishing Scammers Increase Their Attack on Online Shoppers

Published by ZDNET 1 December 2020
Before you click on any links, it’s always a good idea to think twice – especially with those emails you’re receiving regarding tracking and delivery of purchased online orders. There is a good possibility that the email in your inbox could be a phishing attempt from an online scammer.
To read this article, click here

CISA Urges All Americans to be on Alert for Holiday Scams and Cyber Threats

Published by Cybersecurity & Infrastructure Security Agency 24 November 2020
There are several great advantages in doing your holiday shopping online, but if you aren't careful, you could find yourself the victim of a cyber crime. The Cybersecurity & Infrastructure Security Agency (CISA) provides great information on how to stay cyber-safe this holiday season.
To learn how to mitigate your risk of becoming a victim, click here.

Embry-Riddle Research Aims to Blunt Aviation Cyber Attacks

Published by Embry-Riddle Aeronautical University 13 November 2020
The Cyber Scholarship Program Award was given to Embry-Riddle Aeronautical University to help mitigate cyber threats within the aviation industry. This award will provide the funds needed for research and equipment to help combat attacks and threats, such as drone hacking.
To read this article, click here

Enhancing Cybersecurity For Aircraft Systems

Published by 4 November 2020
Aircraft systems are relying more on the internet and this is raising the potential for cyber attacks on aircraft. New amendments concerning cybersecurity are being introduced by the European Aviation Safety Agency (EASA).
To read this article, click here

IoT Security for Smart Airports and Aviation Systems

Published by IoT For All 22 October 2020
We’ve all heard of smart phones, but have you heard of smart airports? Take a look at the security challenges airports face when they implement internet-based systems in their ongoing efforts to improve passenger experience.
To read this article, click here

Cyber Essentials Toolkits

Published by Cybersecurity & Infrastructure Security Agency 15 October 2020
It’s National Cyber Security Awareness Month (NCSAM)! Are you ready for the next chapter in CISA’s Cyber Essentials Toolkit? Chapter 5 has been released and CISA states, “This chapter focuses on strategies for cultivating a proactive data protection culture aimed at making organizations more resilient against attacks that may harm data integrity or render data inaccessible. It includes links to resources for leaders to understand how to properly manage backups, and safeguard against ransomware, malware, and other attacks.”
To learn more, click here

Alert (AA20-283A): APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations

Published by Cybersecurity & Infrastructure Security Agency 9 October 2020
The Cybersecurity & Infrastructure Security Agency (CISA)  and the Federal Bureau of Investigation (FBI) has issued a new alert; this alert (AA20-283A) states, “CISA has recently observed advanced persistent threat (APT) actors exploiting multiple legacy vulnerabilities in combination with a newer privilege escalation vulnerability—CVE-2020-1472—in Windows Netlogon. The commonly used tactic, known as vulnerability chaining, exploits multiple vulnerabilities in the course of a single intrusion to compromise a network or application."
To read this alert, click here

Do Your Part. #BeCyberSmart

Published by Cybersecurity & Infrastructure Security Agency 1 October 2020
Did you know that October is National Cybersecurity Awareness Month (NCSAM)? Outreach and promotions regarding cybersecurity will be provided each week by the Cybersecurity & Infrastructure Security Agency (CISA), and the National Cyber Security Alliance (NCSA). You won’t want to miss out!
To learn more, click here.



CISA and MC-ISAC Release Ransomware Guide

Published by Cybersecurity & Infrastructure Security Agency 30 September 2020
The Cybersecurity & Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have released a new guide regarding ransomware: “...that details practices that organizations should continuously engage in to help manage the risk posed by ransomware and other cyber threats.”
For more information about ransomware, click here

Telework Essentials Toolkit

Published by Cybersecurity & Infrastructure Security Agency 30 September 2020
A Telework Essentials Toolkit has recently been published by the Cybersecurity & Infrastructure Security Agency (CISA). According to CISA, this document is “...a comprehensive resource of telework best practices. The Toolkit provides three personalized modules for executive leaders, IT professionals, and teleworkers.”
To view this toolkit, click here.

Emergency Directive 20-04

Published by Cybersecurity & Infrastructure Security Agency 18 September 2020
An Emergency Directive has been released by the Cybersecurity & Infrastructure Security Agency (CISA). This Emergency Directive (20-04) from CISA concerns "a critical vulnerability affecting Microsoft Windows servers with the domain controller role. An unauthenticated attacker with only network access to the domain controller could exploit the vulnerability to completely compromise all Active Directory identity services.”
To read this Emergency Directive, click here

Iran-Based Threat Actor Exploits VPN Vulnerabilities

Published by Cybersecurity & Infrastructure Security Agency 15 September 2020
The Cybersecurity & Infrastructure Security Agency (CISA) has issued a new alert; this alert (AA20-259A) states, “CISA and FBI are aware of an Iran-based malicious cyber actor targeting several U.S. federal agencies and other U.S.-based networks.”
To read this alert, click here

Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity

Published by Cybersecurity & Infrastructure Security Agency 14 September 2020
The Cybersecurity & Infrastructure Security Agency (CISA) has issued an alert; this alert (AA20-258A) states, “The Cybersecurity and Infrastructure Security Agency (CISA) has consistently observed Chinese Ministry of State Security (MSS)-affiliated cyber threat actors using publicly available information sources and common, well-known tactics, techniques, and procedures (TTPs) to target U.S. Government agencies.”
To read this alert, click here.

Understanding the Tactics of Ransomware Attacks

Published by Security Boulevard 10 September 2020
When surfing the internet, or checking your emails, are you aware of the dangers lurking online? Don’t become a victim of a ransomware attack, instead, be prepared to fight by understanding the strategy of your enemy.
To read this article, click here.

Technical Approaches to Uncovering and Remediating Malicious Activity

Published by Cybersecurity & Infrastructure Security Agency 1 September 2020
Are you interested in learning how to mitigate malicious activity online? Well, you are in luck! An advisory, “Technical Approaches to Uncovering and Remediating Malicious Activity” has been released by the Cybersecurity & Infrastructure Security Agency (CISA), along with several international partners, and states “This joint guidance provides best practices to mitigate and detect common attack vectors; however, organizations are reminded to tailor mitigations specific to their own unique network environment.”
To learn more, click here

Operational Best Practices for Encryption Key Management

Published by Cybersecurity & Infrastructure Security Agency 25 August 2020
Encryption is an extremely important tool, as it provides an extra layer of cybersecurity. The Cybersecurity & Infrastructure Security Agency (CISA) has released on its website, the Operational Best Practices for Encryption Key Management along with the Encryption Key Management Fact Sheet. The email announcement from CISA states, “The Federal Partnership for Interoperable Communications (FPIC) in collaboration with SAFECOM and the National Council of Statewide Interoperability Coordinators developed this document as a way to further address critical encryption issues, including encryption key change periods and the continued use of the data encryption standard (DES).”
To view these documents, click here

Cyber Essentials Toolkits

Published by Cybersecurity & Infrastructure Security Agency 17 August 2020


Technology is an essential part of our everyday lives and it's important for operations to understand the fundamentals of cybersecurity to mitigate their risk of becoming a cyberattack victim. The Cybersecurity & Infrastructure Security Agency (CISA) has published a set of Cyber Essential Toolkits that focus on the individual, staff members and an operation's systems.


To view these toolkits, click here.






The State of Civil Aviation Cybersecurity

Published by Trip Wire 9 August 2020

Are you aware of the risks that the aviation industry faces due to cyberattacks? There are many different areas of aviation that could be affected: air traffic control (ATC) centers, airlines, supply vendors, airports and passengers. It’s important to remember that as more systems connect with each other and new technology is implemented, new cybersecurity risks emerge.


To read this article, click here





Garmin Ltd. (GRMN) Q2 2020 Earnings Call Transcript

Published by The Motley Fool 29 July 2020


In the world of aviation, many rely on apps and services provided by the company, Garmin. The company recently experienced a network outage, generated by a cyberattack. CEO Clifton Pemble stated, “We immediately assessed the nature of the attack and started remediation efforts. We have no indication that any customer data was accessed, lost or stolen.”


To read this article, click here.

Trade Groups Warn of Online Charter Fraud

Published by AINonline 15 July 2020


If you were to conduct a Google search for private air charter, it is highly likely that you would come across an ad promoting a website that offers this service. However, chances are this website is fake, created by fraudsters looking to take advantage. Prior to booking any travel, it’s important to do your research.


To learn how to identify these fake websites, click here





Report COVID-19 Fraud

Published by United States Department of Justice
The United States Department of Justice is reminding people to be on the lookout for any COVID-19 fraud schemes involving the IRS, testing and treatment of the virus, and antibody testing; and to report any suspicious activity.
For read this notice, click here

Radio Frequency: An Airborne Threat to Corporate and Government Networks

Published by Security Magazine 6 July 2020


Radio frequency (RF) plays a huge part within the aviation industry and is required to use while operating an aircraft. Malicious users take advantage of the different devices and networks to intercept RF communications. “According to the annual Ericsson report, there are more than 22 billion connected devices – 15 billion of these devices contain radios – making them targets for an RF breach. Nations and enterprises are more at risk of a radio-based attack than ever before.”


To read this article, click here





Cyber Researchers Devise Method to Pinpoint Location of Drone Operators

Published by Homeland Security Today 6 July 2020


Drones can be extremely helpful and useful in some respects; but can also be a threat to protected airspace. HS Today states, “While some disruptive drone use is mere carelessness, the threats from malicious use include surveillance and active attacks.” Due to these threats, researchers at Ben-Gurion University of the Negev (BGU) have made it possible to: “...pinpoint the location of a drone operator who may be operating maliciously or harmfully near airports or protected airspace by analyzing the flight path of the drone.”


To read this article, click here





Ransomware Attacks Spike by 140%, 57% of Organizations Agree to Pay

Published by Atlas VPN 9 June 2020

Just because something hasn’t happened to you yet, doesn’t mean it can’t happen in the future. Murphy’s Law states, “Anything that can go wrong, will go wrong.” This is why it’s crucial to know how to protect your organization/business from ransomware. Atlas VPN states, “Data extracted and analyzed by Atlas VPN reveals, the amounts of demanded ransom payments increased by 140%, comparing the numbers of 2018 to 2019. More and more organizations succumb to blackmail: 57% of organizations settled and paid the ransom during the last 12 months.”

To read this article, click here.



'Flight Risk' Employees Involved in 60% of Insider Cybersecurity Incidents

Published by ZDNet 20 May 2020

ZDNet states, “Employees planning to leave their jobs are involved in 60% of insider cybersecurity incidents and data leaks, new research suggests.” Many aspects of the aviation industry are sensitive and require protection. Take a moment and think... what if one of your employees resigned and took with them critical security information regarding your operation? Do you have a plan in place to mitigate insider threat? If you don’t, you may want to look into it.

To read this article, click here.



Cyber Security in Shipping During COVID-19 Pandemic

Published by Hellenic Shipping News 5 May 2020

The phrase ‘a new normal’ can be hard to digest, as change can be daunting. Despite this, we all need to adapt to this new way of living, especially companies and organizations. Orders concerning social distance have forced millions to start working remotely, and this includes employees of shipping companies. However, working from home raises concerns with regards to cybersecurity and puts operations at risk.

To read this article, click here. 



Aviation & Defense Cyber Security Market - Current Impact to Make Big Changes | Lockheed Martin, IBM, Rockwell Collins

Published by Open PR 30 April 2020

Cybersecurity is extremely important as it puts a plan in place to help protect and defend against possible cyber attacks/threats. It is especially crucial because of the simple fact - technologies are always advancing. Open PR states, “During these suspicious times, governments and organizations are investing more in the cybersecurity of defense and aviation products and services than they have ever before. The key factor of investment in the cybersecurity segment due to significant tension between the necessity for technology developments and simultaneously preventing these technologies from cyber-attacks.”

To read this article, click here.

SIM Swapping: A Route for Criminals to Target Those Preoccupied by COVID-19 Pandemic

Published by Homeland Security Today 22 April 2020
Technology continues to improve and our mobile devices keep us connected to many aspects of our lives. Homeland Security Today states, “SIM Swapping is a form of unauthorized access to your data through your cell phones". Using this technique criminals gain open access too many of the same accounts you can reach through your computer.
To read this article, click here.

Online Extortion Scams Increasing During the COVID-19 Crisis

Published by Homeland Security Today 22 April 2020
Stuck at home, millions of people are trying to find ways to combat their boredom. Many turn to their computers, cell phones, iPads and other devices. While keeping busy via the internet may be a way to pass time, users should still be careful. Cyber crime continues to be a growing concern with online extortion scams on the rise during the current “stay- at-home” orders.
To learn more, click here.

Defending Aviation From Cyber Attack

Published by Tech Radar 16 April 2020

Cybersecurity has become a popular topic over the years as these types of threats are becoming more and more apparent. The aviation industry faces potential cyber threats that could be damaging to your operation. These threats can effect numerous aspects of the aviation industry: passenger safety, crew safety, financial loss and more.

To read this article, click here.



Deal with Ransomware the Way Police Deal with Hostage Situations

Published by Homeland Security News Wire 27 March 2020
How much would you pay a perpetrator to retrieve back your sensitive files and data that had been stolen? Can't think of a price? Thinking this would never happen to you? Think again. Over 600 government agencies endured ransomware attacks within the first 9 months of 2019. The best course of action to prevent falling victim to this type of attack is preparation. Educate yourself on best cyber security practices to remain protected. 
To read this article, click here

How to Avoid Falling Victim to a COVID-19 Phishing Attack

Published by 101 Domain 23 March 2020
Since the coronavirus has made its way across the globe, hackers have 'gone phishing' trying to hook their victims. Knowing most people are on high alert due to recent health issues arising, hackers are taking advantage of our fears. Be aware of the new scams that have appeared and know what to look for. 
To read this article, click here



PODCAST: Connected Aircraft Cybersecurity 101 With the Satcom Guru

Published by Aviation Today 16 March 2020

Cybersecurity is an extremely broad subject and is used across many industries, including aviation. Peter Lemme, a former Boeing engineer, speaks about cybersecurity and the potential security risks that operators see while in flight. 

To listen to this Global Connected Aircraft podcast, click here.



Hackers Are Using These Fake Coronavirus Maps to Give People Malware

Published by Business Insider 12 March 2020

Coronavirus is a global pandemic affecting numerous aspects of our daily lives. During this pandemic, hackers are taking advantage of opportunities to gain access to your systems, sensitive security information (SSI) and personal identifiable information (PII). Educate yourself on safe practices and know what to look for; double check to see if you are on a secured website and ensure what you are downloading doesn’t result in malware. Stay vigilant.

To read this article, click here.



Protecting Against Cybersecurity Threats When Working From Home

Published by The National Law Review 11 March 2020

How can we stop the spread of coronavirus? The answer - isolation. While the answer seems simple, it's not that easy to isolate yourself when you have to get up every morning and go to work. 

Organizations are taking extreme efforts to help stop the spread of COVID-19; some entities are advising staff to start working from home. Even though that helps mitigate exposure, there are concerns about how to keep sensitive information and data secured. The National Law Review provides some great tips on how to remain secure with remote employees.

To read this article, click here.



What is Cybersecurity?

Published by Cybersecurity & Infrastructure Security Agency

Educate yourself on cybersecurity with this informative article from the Cybersecurity & Infrastructure Security Agency (CISA). Learn how to improve your cybersecurity, what falls under cybersecurity and what the risks associated with poor cybersecurity are.

To read this article, click here.



Exclusive: Details of 10.6 Million MGM Hotel Guests Posted on a Hacking Forum

Published by ZDNet 19 February 2020

Personal information including dates of birth, home addresses, full names, emails and phone numbers were released in a large data dump on a hacking forum. The data was obtained through a hacking breach against MGM Resorts and affected more than 10 million guests, including government officials, celebrities, reporters and tech CEOs.

To read this article, click here.



Cyber-security Threat Guidance Published by ACI World

Published by International Airport Review 11 February 2020

A new handbook has been published by the Airports Council International (ACI) World, providing information on cybersecurity to airports. The handbook is intended to help airports examine their current cyber defenses as well as educate them on how to maintain and strengthen their security systems.

To read this article, click here.



Medical Devices' Vulnerability to Cyber Attacks

6 February 2020

The healthcare industry is a regular target for cyber attacks and medical devices are especially vulnerable, according to recent articles in Homeland Security Today and HeathcareITNews. The devices, which monitor everything from a patient’s insulin level to their heartbeat, are connected to healthcare IT systems and contain sensitive data. Despite this, they hold few, if any, cybersecurity technology and are extremely easy to hack into, experts say.

To read the article in Homeland Security Today, click here.

To read the article in HealthcareITNews, click here.



Nintendo Hacker Pleads Guilty

Published by ZDNet 4 February 2020

A 21-year-old man faces up to five years in prison after pleading guilty to hacking a second time into Nintendo’s system, downloading proprietary and confidential data, and then releasing that information online. The man used a vulnerability in Nintendo’s servers and a phishing email to gain access in the two hacking events.

To read this article, click here.



Cybersecurity Expert Explains How Scammers are Taking The Coronavirus Online

Published by WECT 6 News 31 January 2020

Online searches for the coronavirus have become opportunities for cyber criminals and experts are warning users to avoid anything that doesn’t look quite right. One cybersecurity firm says it has discovered docx, mp4s and pdfs that contain malicious files, which can quickly advance through networks, taking over multiple computers. The files, which claim to have links to videos on protection from the coronavirus, can target personal information, a company’s sensitive data or just corrupt a computer system.

To read this article, click here.



Preparing for Increased Geopolitical Tensions and Threats

Published by Cybersecurity & Infrastructure Security Agency 6 January 2020

CISA has released a preparation guide for navigating the increase in threats, both cyber and physical, against the United States. Reviewing and implementing the CISA Cyber Essentials can increase your defenses against a cyberattack immediately. An actionable checklist has also been provided to assist in protecting against Cyber and Physical attacks.

To download the full CISA Insight Guide, click here.



CISA Releases Cyber Essentials for Small Businesses and Governments

Distributed by U.S. Department of Homeland Security Private Sector Office 6 November 2019


Cybersecurity is often discussed from a national perspective, but even smaller government and business organizations are vulnerable. This is why the Cybersecurity & Infrastructure Security Agency (CISA) has released a new guide specifically created for these entities.


To read this notice, click here.





U.S. Official Visits Minneapolis to Cite Cyber Threats

Posted by Neal St. Anthony with the StarTribune 4 November 2019

The director of the National Counterintelligence and Security Center (NCSC) voices concern over the ability of the U.S. to protect its critical infrastructure from cybersecurity threats.

To read this article, click here.



National Cybersecurity Protection System (NCPS)-Intrusion Detection

Released by DHS/CUSA/PIA-033 25 September 2019

How are federal network systems protected and defended against cyber threats? This report explains how information related to known or suspected cyber threats is collected by the National Cybersecurity Protection System (NCPS).

To download this report, click here.



DHS Gives Cybersecurity Warning to Small Aircraft Owners Podcast

Published by National Business Aviation Association 12 August 2019

Several steps have been voluntarily taken in the aviation industry to address the risk of unauthorized aircraft access. This podcast, hosted by NBAA, discusses these measures in response to a warning issued by the Department of Homeland Security (DHS) concerning small aircraft and restricted access.

To listen to this podcast, click here.



Civil Aviation Cybersecurity Information Repository

Published by International Civil Aviation Organization

Building a solid cybersecurity structure to keep air transportation safe is of great importance to the ICAO. This link discusses Civil Aviation and Cybersecurity.

For details, click here.