You are here

Home » Cybersecurity

Cybersecurity

Advisory on Iranian APT Actor Targeting Voter Registration Data

On the topic of activities that could help trigger election-related civil unrest and violence, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint cybersecurity advisory on an Iranian advanced persistent threat (APT) actor targeting U.S. state websites, including elections websites, to obtain voter registration data. CISA and the FBI assess this actor is responsible for the mass dissemination of voter intimidation emails to U.S. citizens and the dissemination of U.S.

CISA Malware Analysis Report: Zebrocy

The U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has published a TLP:WHITE Malware Analysis Report (MAR) regarding a malware variant known as Zebrocy. According to the MAR, this malware has been used by a sophisticated cyber actor. This MAR is being distributed to enable network defense and reduced exposure to malicious activity.

CISA Malware Analysis Report: ComRat

The U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has published a TLP:WHITE Malware Analysis Report (MAR) regarding a malware variant known as ComRAT. According to the MAR, this malware has been used by Turla, a Russian-sponsored Advanced Persistent Threat (APT) actor. This MAR is being distributed to enable network defense and reduced exposure to malicious activity.

15CFAM – Even though 15CFAM is over, the FUN Never Ends when Participating in Information Sharing

Perhaps we’re bias, but the adage, “cybersecurity is a shared responsibility,” seems to aptly embody information sharing more than anything else. Information sharing and collaboration takes many forms. From Information Sharing & Analysis Centers/Organizations (ISACs/ISAOs) - like WaterISAC - to regional and local collaboration groups, and even trusted one-on-one interactions, sharing threat information (across all-hazards) is imperative for the security and resilience of any organization, sector, community, region, or nation.

Mitsubishi Electric MELSEC iQ-R (ICSA-20-303-02)

CISA has published an advisory on a improper restriction of operations within the bounds of a memory buffer, session fixation, NULL pointer dereference, improper access control, argument injection, and resource management errors vulnerability in Mitsubishi Electric MELSEC iQ-R. Numerous versions of the products in these series are affected. Successful exploitation of these vulnerabilities by malicious attackers may result in network functions entering a denial-of-service condition or allow malware execution.

Mitsubishi Electric MELSEC iQ-R, Q and L Series (ICSA-20-303-01)

CISA has published an advisory on an uncontrolled resource consumption vulnerability in Mitsubishi Electric MELSEC iQ-R, Q and L Series. Numerous versions of the products in these series are affected. Successful exploitation of this vulnerability could cause a denial-of-service condition in the Ethernet port on the CPU module. Mitsubishi Electric recommends users take a series of mitigation measures to minimize the risk of exploiting this vulnerability. CISA has also provided a series of measures to help mitigate the vulnerability.

CISA Alert: Ransomware Activity Targeting the Healthcare and Public Heath Sector

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published a joint alert with the FBI and the U.S. Department of Health and Human Services describing the tactics, techniques, and procedures (TTPs) used by cybercriminals against targets in the healthcare and public health sector to infect systems with Ryuk ransomware for financial gain. In the alert, the authoring organizations state that they have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.

SHUN HU Technology JUUKO Industrial Radio Remote Control (ICSA-20-301-01)

CISA has published an advisory on authentication bypass by capture-replay and command injection vulnerabilities in SHUN HU Technology JUUKO Industrial Radio Remote Control. JUUKO K-800 and K-808, with firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc., are affected. Successful exploitation of these vulnerabilities could allow attackers to replay commands, control the device, view commands, and/or stop the device from running.

Pages

Subscribe to Cybersecurity