You are here

Home » Cybersecurity

Cybersecurity

CISA Analysis Report: Strengthening Security Configurations to Defend against Attacks Targeting Cloud Services

The Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis report advising that threat actors are using phishing and other vectors to exploit poor cyber hygiene practices within a victims’ cloud services configuration, adding that it is aware of several recent successful attacks. CISA observes these types of attacks frequently occurred when victim organizations’ employees worked remotely and used a mixture of corporate laptops and personal devices to access their respective cloud services.

Threat Awareness – MegaCortex Ransomware Overview

Researchers at Heimdal Security have provided a high-level overview of MegaCortex ransomware. While MegaCortex has been primarily known to target enterprise networks, members may recall that version 2 has been linked to its OT process aware cousin, EKANS. For more on EKANS and its relationship to MegaCortex v2, members are encouraged to review the Security & Resilience Update on February 4, 2020.

General Cybersecurity Hygiene Compendium

‘Tis the new year, and with a new year comes a great time to revisit some of the basic blocking and tackling of cybersecurity. Listed in this post you will find sage guidance on some cyber hygiene basics. Tackle a topic a week and you’re sure to keep busy. Oh, and don’t forget to review those policies and procedures (#9 in WaterISAC’s 15 Cybersecurity Fundamentals for Water and Wastewater Utilities) – these tips and tools could be valuable updates!

NSA Cybersecurity Directorate Releases 2020 Year in Review

The National Security Agency (NSA) Cybersecurity Directorate has released its 2020 Year in Review, outlining key milestones and mission outcomes achieved during its first full year of existence. The report begins by highlighting NSA Cybersecurity’s contributions to the 2020 elections, Operation Warp Speed, and the Department of Defense’s pandemic-influenced transition to telework. But it also discusses the organization’s work to strengthen public-private partnerships and steps it took to build a more diverse and resilient workforce.

Cybersecurity and Physical Security Convergence Guide (CISA)

The Cybersecurity and Infrastructure Security Agency (CISA) has published a Cybersecurity and Physical Security Convergence Action Guide, which provides guidance on converging cybersecurity and physical security functions to better position organizations to mitigate cyber-physical threats. Convergence is defined as formal collaboration between previously disjointed security functions, and is anchored by communication, coordination, and collaboration.

Cyber Threat Intelligence - The Importance of OSINT for ICS

Adversaries do not usually have to work too hard to discover valuable information to plan and execute attacks against their targets. Even threat actors targeting ICS are able to find plenty of open source information during their reconnaissance phase to disrupt operational functions. For example, Dragos observed adversaries conducting ICS-targeting activities that sought data about energy infrastructure and physical processes necessary to recover from a compromise.

FBI PIN: Egregor Ransomware Targets Businesses Worldwide, Attempting to Extort Businesses by Publicly Releasing Extorted Data

The FBI has published a Private Industry Notification (PIN) on the Egregor ransomware, noting that the threat actors behind this operation have so far claimed to have compromised over 150 victims worldwide. The PIN provides an overview of the Egregor operation, observing that once a victim company’s network is compromised the threat actors exfiltrate and encrypt files on the network. The threat actors then demand a ransom payment for the return of the exfiltrated files and decryption of the network.

FBI Tech Tuesday on Building a Digital Defense against Tech Support Fraud

As part of its Tech Tuesday series, the FBI's Portland, Oregon office has published an article on building a digital defense against tech support fraud, which is an especially relevant topic now given that many people received new electronic gadgets over the holidays. In one version of the scam, the user of the new device scans the internet for help on how to use it, which could lead them to illegitimate websites. In the second scenario, the scam starts with the fraudster contacting the user first, pretending to represent a well-known, reputable tech company.

NSA Releases Guidance on Eliminating Obsolete TLS Protocol Configurations

The National Security Agency (NSA) has released a Cybersecurity Information (CSI) sheet on eliminating obsolete Transport Layer Security (TLS) configurations. The information sheet identifies strategies to detect obsolete cipher suites and key exchange mechanisms, discusses recommended TLS configurations, and provides remediation recommendations for organizations using obsolete TLS configurations. Access the CSI sheet at the NSA.

Recent Swatting Attacks Targeting Camera and Voice-Capable Smart Devices

The FBI has issued a Public Service Announcement (PSA) warning users of smart home device with cameras and voice capabilities to use complex, unique passwords and enable two-factor authentication to help protect against “swatting” attacks. Smart home device manufacturers recently notified law enforcement that offenders have been using stolen e-mail passwords to access smart devices with cameras and voice capabilities and carry out these attacks.

Pages

Subscribe to Cybersecurity