You are here

Home » Cybersecurity

Cybersecurity

Study: Insider Threat Caused by Workers Using Former Employers’ Passwords

PasswordManager has written an article discussing a survey of 1000 U.S. workers the site conducted to better understand employee password hygiene after leaving their company. According to the report, 47 percent of respondents still used their employers’ passwords after leaving the company; 56 percent of which did so for their personal use.

Security Awareness – Zero-Days Increase in Popularity for Ransomware Groups

Kaspersky’s SecureList has published a blog detailing an observed Nokoyawa ransomware attack utilizing a previously unknown Microsoft vulnerability. While the use of zero-days is mostly associated with nation-state threat groups, the actors behind Nokoyawa ransomware are known for their technical sophistication and tendency to utilize exploits targeting the Common Log File System, of which the zero day was associated with.

April 12, 2023 WaterISAC Special Web Briefing

WaterISAC convened a special web briefing on April 12. Nushat Thomas, the cybersecurity branch chief at EPA's Water Infrastructure and Cyber Resilience Division (WICRD), presented.

Agenda - What You Need to Know: EPA’s New Operational Technology Cybersecurity Requirement to Help PWSs 

  • Memorandum Overview
  • Guidance and Resources
  • Training
  • Q&A

In addition to the recording and presentation, WaterISAC provided information on upcoming events and opportunities.

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – April 11, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Alerts, Updates, and Bulletins:

Cyber Resilience – More Comprehensive Cyber Incident Reporting is Critical to Enhance Sector Security

CSO Online has written an article discussing the importance of cyber incident reporting and how it helps build a more resilient security community. While many governments are beginning to implement legislation that mandates incident reporting, the article points to existing mechanisms the private sector has used to share information through Information Sharing and Analysis Centers (ISACs). These channels have helped organizations mitigate attacks and coordinate a response to widespread campaigns.

Organizations Collaborate to Dismantle Malicious Cobalt Strike Infrastructure

Microsoft, Fortra, and Health-ISAC have announced a partnership to remove malicious copies of Cobalt Strike through legal and technical means. This includes copyright claims, targeting file sharing sites, and a court order allowing the partnership to disrupt the infrastructure that utilizes Cobalt Strike to conduct cyber attacks. Fortra’s Cobalt Strike is a popular security tool used by red teams. However, cracked and altered copies have become extremely popular for threat actors to utilize as part of ransomware attacks.

Threat Awareness – 'Proxyjacking' Could Lead to High Cloud Usage Charges for Victims

Threat actors are utilizing a new attack vector that hijacks legitimate proxyware services, which allows users to sell portions of Internet bandwidth to third parties. In large-scale attacks that exploit cloud-based systems, threat actors can use this vector, termed proxyjacking, to earn possibly hundreds of thousands of dollars per month in passive income, according to security researchers from Sysdig Threat Research Team.

Pages

Subscribe to Cybersecurity