-
DHS orders agencies to urgently patch or disconnect Exchange servers
The Department of Homeland Security's cybersecurity unit has ordered federal agencies to urgently update or disconnect Microsoft Exchange on-premises products on their networks.
- March 04, 2021
- 08:04 AM
1
-
Five Eyes members warn of Accellion FTA extortion attacks
Four members of Five Eyes, in collaboration with Singapore as an active contributor, have issued a joint security advisory about ongoing attacks and extortion attempts targeting organizations using the Accellion File Transfer Appliance (FTA).
- February 24, 2021
- 10:09 AM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
CISA: Hackers bypassed MFA to access cloud service accounts
The US Cybersecurity and Infrastructure Security Agency (CISA) said today that threat actors bypassed multi-factor authentication (MFA) authentication protocols to compromise cloud service accounts.
- January 13, 2021
- 04:24 PM
- 0
-
DHS orders federal agencies to update SolarWinds Orion platform
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered all US federal agencies to update the SolarWinds Orion platform to the latest version by the end of business hours on December 31, 2020.
- December 30, 2020
- 12:18 PM
- 0
-
CISA releases Azure, Microsoft 365 malicious activity detection tool
The Cybersecurity and Infrastructure Security Agency (CISA) has released a PowerShell-based tool that helps detect potentially compromised applications and accounts in Azure/Microsoft 365 environments.
- December 28, 2020
- 12:48 PM
- 0
-
CISA: Hackers breached US govt using more than SolarWinds backdoor
The US Cybersecurity and Infrastructure Security Agency (CISA) said that the APT group behind the recent compromise campaign targeting US government agencies used more than one initial access vector.
- December 17, 2020
- 12:48 PM
- 1
-
FBI, CISA officially confirm US govt hacks after SolarWinds breach
The compromise of multiple US federal networks following the SolarWinds breach was officially confirmed for the first time in a joint statement released earlier today by the FBI, DHS-CISA, and the Office of the Director of National Intelligence (ODNI).
- December 17, 2020
- 09:39 AM
- 0
-
DHS-CISA urges admins to patch OpenSSL DoS vulnerability
This week OpenSSL has released fixes for a high severity Denial of Service (DoS) vulnerability, CVE-2020-1971. U.S. DHS Cybersecurity and Infrastructure Security Agency (CISA) has warned admins to upgrade their vulnerable OpenSSL instances immediately.
- December 09, 2020
- 12:25 PM
- 0
-
FBI and Homeland Security warn of APT attacks on US think tanks
The FBI and DHS-CISA warned of state-sponsored hacking groups targeting U.S. think tank organizations in a joint alert published on Tuesday evening.
- December 02, 2020
- 08:30 AM
- 0
-
Trump fires DHS cybersecurity director Chris Krebs
President Trump has fired Chris Krebs, Director of the Cybersecurity and Infrastructure Security Agency (CISA), after Krebs disputed claims that the U.S. 2020 Presidential Election was insecure and fraudulent.
- November 17, 2020
- 10:51 PM
- 4
-
US shares info on Russian malware used to target parliaments, embassies
US Cyber Command today shared information on malware implants used by Russian hacking groups in attacks targeting multiple ministries of foreign affairs, national parliaments, and embassies.
- October 29, 2020
- 04:09 PM
- 0
-
Russian state hackers stole data from US government networks
DHS Cybersecurity and Infrastructure Security Agency (CISA) and the FBI today warned that a Russian state-sponsored APT threat group known as Energetic Bear has hacked and stolen data from US government networks during the last two months.
- October 22, 2020
- 03:55 PM
- 0
-
Hackers used VPN flaws to access US govt elections support systems
Government-backed hackers have compromised and gained access to US elections support systems by chaining together VPN vulnerabilities and the recent Windows CVE-2020-1472 security flaw.
- October 12, 2020
- 01:47 PM
- 0
-
CISA: Emotet increasing attacks on US state, local governments
Emotet attacks have targeted multiple state and local governments in the U.S. as part of potentially targeted campaigns that have been ramping up since August, the Cybersecurity and Infrastructure Security Agency (CISA) said in an alert published today.
- October 06, 2020
- 02:27 PM
- 0
-
FBI warns of disinformation campaigns about hacked voter systems
The Federal Bureau of Investigation (FBI) and the US Cybersecurity and Infrastructure Security Agency (CISA) today issued a joint public service announcement about the threat of disinformation campaigns targeting the 2020 US election season.
- September 28, 2020
- 02:19 PM
- 0
-
US govt warns of North Korean hackers targeting banks worldwide
North Korean hackers tracked as BeagleBoyz have been using malicious remote access tools as part of ongoing attacks to steal millions from international banks according to a joint advisory issued today by several U.S. Government agencies.
- August 26, 2020
- 02:54 PM
- 0
-
US government warns remote workers of ongoing vishing campaign
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued a joint advisory warning teleworkers of an ongoing vishing campaign targeting entities from multiple US industry sectors.
- August 21, 2020
- 03:53 PM
- 0
-
US govt exposes new North Korean BLINDINGCAN backdoor malware
U.S. government agencies today published a malware analysis report exposing information on a remote access trojan (RAT) malware used by North Korean hackers in attacks targeting government contractors.
- August 19, 2020
- 02:42 PM
- 0
-
US govt exposes Chinese espionage malware secretly used since 2008
The U.S. government today released information on a malware variant used by Chinese government-sponsored hackers in cyber espionage campaigns targeting governments, corporations, and think tanks.
- August 03, 2020
- 11:12 AM
- 1
-
UK and US warn QNAP owners to upgrade firmware to block malware
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the UK's National Cyber Security Centre (NCSC) today issued an alert about the risks of infection faced by QNAP NAS devices if QSnatch malware attacks restart.
- July 27, 2020
- 12:16 PM
- 0
