Cybersecurity

Ransomware Awareness – LokiLocker Ransomware

Security researchers have identified a new Ransomware-as-a-Service (Raas) family dubbed LokiLocker that has been active in the wild since August 2021. The ransomware employs file encryption to extort its victims and data wiping capabilities that can make an infected device unusable if a victim fails to pay the ransom. To obfuscate its activities, LokiLocker displays a fake Windows Update screen and disables multiple Windows security applications. It also deletes backup files and shadow copies to prevent data recovery.

Read more about Ransomware Awareness – LokiLocker Ransomware

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 17, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Treck TCP/IP Stack (Update H) - Product Used in Energy Sector

Alerts, Updates, and Bulletins:

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 17, 2022

Russian State-Sponsored Actors Combine Exploits to MFA Protocols and a Known Vulnerability

Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA) – Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability (AA22-074A) – to warn organizations that Russian state-sponsored cyber actors have gained network access through exploitatio

Read more about Russian State-Sponsored Actors Combine Exploits to MFA Protocols and a Known Vulnerability

Security Awareness – BazarBackdoor Spreading via Corporate Contact Forms

The BazarBackdoor malware has been observed spreading via corporate website contact forms rather than its typical phishing email attack chain, allowing it to evade security software.

Read more about Security Awareness – BazarBackdoor Spreading via Corporate Contact Forms

Threat Awareness – Active Qakbot Email Phishing Campaign

The Qbot/Qakbot malware is “extremely active” and propagating itself via a new phishing campaign, according to security researchers. The botnet, which WaterISAC has reported on numerous times, is a highly modular malware used for many malign activities such as credential harvesting and dropping ransomware.

Read more about Threat Awareness – Active Qakbot Email Phishing Campaign

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 15, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Alerts, Updates, and Bulletins:

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 15, 2022

The Cyber Incident Reporting for Critical Infrastructure Act of 2022 and its Applicability to Water and Wastewater Systems

Approved by the House of Representatives on March 9, 2022 and the Senate on March 10 as Division Y of H.R. 2471, the Consolidated Appropriations Act of 2022.

Brief summary:

Read more about The Cyber Incident Reporting for Critical Infrastructure Act of 2022 and its Applicability to Water and Wastewater Systems

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 10, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 10, 2022

Joint Cybersecurity Advisory – Conti Ransomware

The Cybersecurity and Infrastructure Security Agency (CISA), along with the FBI, the National Security Agency (NSA), and the United States Secret Service (USSS) have re-released a joint Cybersecurity Advisory on Conti ransomware. The advisory was updated to include indicators of compromise. It also notes that Conti threat actors remain active and reported Conti ransomware attacks against U.S. and international entities have grown to more than 1,000. The advisory also contains mitigation measures to reduce the risk of compromise by Conti ransomware. \

Read more about Joint Cybersecurity Advisory – Conti Ransomware

Threat Awareness – Emotet’s Slow Resurgence

Since November of last year, the infamous Emotet malware has slowly resurged in the wild, currently infecting more than 130,000 systems in 179 countries. Emotet activity ceased in January 2021, after law enforcement agencies took down its server infrastructure.

Read more about Threat Awareness – Emotet’s Slow Resurgence

You are here

Cybersecurity

Ransomware Awareness – LokiLocker Ransomware

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 17, 2022

Russian State-Sponsored Actors Combine Exploits to MFA Protocols and a Known Vulnerability

Security Awareness – BazarBackdoor Spreading via Corporate Contact Forms

Threat Awareness – Active Qakbot Email Phishing Campaign

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 15, 2022

The Cyber Incident Reporting for Critical Infrastructure Act of 2022 and its Applicability to Water and Wastewater Systems

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 10, 2022

Joint Cybersecurity Advisory – Conti Ransomware

Threat Awareness – Emotet’s Slow Resurgence

Pages

You are here

Cybersecurity

Pages

Footer Email Signup