Cybersecurity

5G Wireless Network Risk Factors

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published an infographic providing an overview of the risk factors associated with the deployment of 5G technology, the next generation of wireless networks. 5G is expected to bring security improvements and a better user experience, but supply chain, deployment, network security, and competition and choice vulnerabilities may affect the security and resilience of networks.

Read more about 5G Wireless Network Risk Factors

Canadian Centre for Cyber Security Advisory on Fileless Malware

The Canadian Centre for Cyber Security (CCCS) has released an advisory on an Astaroth fileless malware campaign affecting Microsoft Windows. Astaroth resides solely in memory, and an attacker can use it and other fileless malware to steal information, such as credentials and keystrokes, and obtain other sensitive data. The U.S.

Read more about Canadian Centre for Cyber Security Advisory on Fileless Malware

Johnson Controls exacqVision Server (ICSA-19-199-01)

The NCCIC has published an advisory on an unquoted search path or element vulnerability in Johnson Controls exacqVision Server. This vulnerability impacts exacqVision server versions 9.6 and 9.8. Successful exploitation of this vulnerability could allow an unauthenticated user to elevate their privileges. Johnson Controls recommends users upgrade to the latest product, version 19.03. The NCCIC also advises of a series of measures for mitigating the vulnerability. Read the advisory at CISA.

Read more about Johnson Controls exacqVision Server (ICSA-19-199-01)

CISA Encourages Utilities and Critical Infrastructure Operators to Review WaterISAC's 15 Cybersecurity Fundamentals

The U.S.

Read more about CISA Encourages Utilities and Critical Infrastructure Operators to Review WaterISAC's 15 Cybersecurity Fundamentals

Cyber Assessments Webinar 1: Introduction to the Process

On July 17, WaterISAC conducted the first webinar in its "Conducting Cyber Risk Assessments under AWIA" series. This kick-off webinar was intended to prepare a utility to complete a cybersecurity assessment.

Read more about Cyber Assessments Webinar 1: Introduction to the Process

IRS Releases Six Cybersecurity Safeguards

The Internal Revenue Service (IRS) has issued a news release outlining six cybersecurity safeguards to protect computers, email, and sensitive data. The recommendations are part of the Taxes. Security. Together. Checklist, which the IRS created to help tax professionals protect sensitive taxpayer data.

Read more about IRS Releases Six Cybersecurity Safeguards

NCSC Releases Advisory on Ongoing DNS Hijacking Campaign

The United Kingdom’s National Cyber Security Centre (NCSC) has released an advisory about an ongoing Domain Name System (DNS) hijacking campaign. The advisory details risks and mitigations for organizations to defend against this campaign, in which attackers use compromised credentials to modify the location to which an organization’s domain name resources resolve to redirect users, obtain sensitive information, and cause man-in-the-middle attacks.

Read more about NCSC Releases Advisory on Ongoing DNS Hijacking Campaign

Is ‘REvil’ the New GandCrab Ransomware?

Despite the cyber criminals behind GandCrab having announced they are shutting down their operation, cybersecurity expert Brian Krebs observes that a growing body of evidence suggests they have instead quietly regrouped behind a more exclusive and advanced ransomware program known variously as “REvil,” “Sodin,” and “Sodinokibi.” In late April, researchers at Cisco Talos discovered the REvil ransomware strain being used to deploy GandCrab.

Read more about Is ‘REvil’ the New GandCrab Ransomware?

FBI Flash: Master Decryption Keys for GandCrab, Versions 5 through 5.2

The FBI has issued a FLASH message advising on the release of a decryption tool applicable for all versions of the GandCrab ransomware. The FBI was part of the effort to make available the decryption tool, and it notes that it hopes the release of the master keys will facilitate development of additional decryption tools.

Read more about FBI Flash: Master Decryption Keys for GandCrab, Versions 5 through 5.2

Atlassian Releases Security Updates for Jira

Atlassian has released security updates to address a vulnerability affecting Jira Server and Jira Data Center. A remote attacker could exploit this vulnerability to take control of an affected system.

Read more about Atlassian Releases Security Updates for Jira

You are here

Cybersecurity

5G Wireless Network Risk Factors

Canadian Centre for Cyber Security Advisory on Fileless Malware

Johnson Controls exacqVision Server (ICSA-19-199-01)

CISA Encourages Utilities and Critical Infrastructure Operators to Review WaterISAC's 15 Cybersecurity Fundamentals

Cyber Assessments Webinar 1: Introduction to the Process

IRS Releases Six Cybersecurity Safeguards

NCSC Releases Advisory on Ongoing DNS Hijacking Campaign

Is ‘REvil’ the New GandCrab Ransomware?

FBI Flash: Master Decryption Keys for GandCrab, Versions 5 through 5.2

Atlassian Releases Security Updates for Jira

Pages

You are here

Cybersecurity

Pages

Footer Email Signup