You are here

Home » Cybersecurity

Cybersecurity

Threat Awareness – Beware of BlackByte Ransomware Disabling Security Products

Threat actors associated with the BlackByte ransomware group are employing a new sophisticated technique, dubbed “Bring Your Own Driver,” which enables attackers to bypass system and network defenses by disabling more than 1,000 drivers used by various security solutions, according to security researchers at Sophos. Researchers analyzed past attacks and found that Blackbyte threat actors have exploited known vulnerabilities in legitimate drivers resulting in disabled drivers and the prevention of endpoint detection and response (EDR) and antivirus products from operating normally.

FBI – CISA PSA: Foreign Actors Likely to Use Information Manipulation Tactics for 2022 Midterm Elections

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have published a Public Service Announcement (PSA) to raise awareness of the potential threat posed by foreign cyber actors attempting to manipulate information or spread disinformation in the lead up to and after the 2022 midterm elections.

Joint Cybersecurity Advisory – Top CVEs Actively Exploited by People’s Republic of China State-Sponsored Cyber Actors

CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) released a joint Cybersecurity Advisory (CSA) providing the top Common Vulnerabilities and Exposures (CVEs) used since 2020 by People’s Republic of China (PRC) state-sponsored cyber actors. PRC state-sponsored cyber actors continue to exploit known vulnerabilities to actively target U.S. and allied networks, including software and hardware companies to illegally obtain intellectual property and develop access into sensitive networks.

Cybersecurity Awareness Month – Behavior: Enable MFA to (Greatly) Reduce Risk Away

This year, Cybersecurity Awareness Month has changed up its typical approach of weekly themes and is focusing on four behaviors that are most important to #BeCyberSmart and stay safe online. The behaviors focus on the “people” part of cybersecurity to ensure all individuals and organizations make smart decisions personally and professionally. The behaviors that will be highlighted during the month include:

FBI-CISA PSA: Malicious Cyber Activity Against Election Infrastructure Unlikely to Disrupt or Prevent Voting

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have published a Public Service Announcement (PSA) assessing that any attempts by cyber actors to compromise election infrastructure are unlikely to result in largescale disruptions or prevent voting.

Joint Cybersecurity Advisory – Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization

This week, the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the National Security Agency (NSA) published a joint Cybersecurity Advisory (CSA) to highlight malicious cyber activity by advanced persistent threat (APT) actors observed on a Defense Industrial Base sector organization’s enterprise network. Most notably, the advisory highlights how threat actors continue to successfully maintain persistence in victim networks by leveraging legitimate account credentials.

CISA Issues Binding Operational Directive (BOD) 23-01 to Improve Cybersecurity Asset Visibility and Vulnerability Detection

Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA) announced a new Binding Operational Directive (BOD) 23-01, Improving Asset Visibility and Vulnerability Detection on Federal Networks. The intent of the BOD is to help federal agencies strengthen their cyber defenses by gaining visibility into all the assets on their networks and improving vulnerability detection capabilities.

Pages

Subscribe to Cybersecurity