Cybersecurity

Threat Awareness – Keep Our Eyes on Emotet

Various cybersecurity firms have observed that everybody’s email enemy emerged after another routine respite. As Emotet has proven to be a resilient threat, researchers report that it resumed activity again on March 7. While Emotet is still leveraging email as its initial infection vector, it’s important for defenders to track the various behaviors it adopts during each resurrection and detect and protect accordingly. According to Cofense, for this round Emotet is attaching very large .zip files that are not password protected.

Read more about Threat Awareness – Keep Our Eyes on Emotet

Security Awareness – Recruitment Scams are a Threat to Seekers and Employers

Job recruitment scams are nothing new, but related campaigns have been on an uptick in recent weeks as threat actors seem to be exploiting mass layoffs, resignations, and recruitment efforts.

Read more about Security Awareness – Recruitment Scams are a Threat to Seekers and Employers

Cyber Resilience – How to Block Microsoft OneNote Files from Delivering Malware

Since mid-December 2022, threat actors have been increasingly exploiting Microsoft OneNote files to deliver malware and compromise victims. Last week, WaterISAC shared a DHS report on attackers successfully utilizing weaponized Microsoft OneNote files for malware distribution. Threat actors, including ransomware gangs, are actively using this delivery method to infect organizations.

Read more about Cyber Resilience – How to Block Microsoft OneNote Files from Delivering Malware

Recent Ransomware Attack Highlights the Challenging Balancing Act Confronting Municipal CISOs

The city of Oakland, California was recently the victim of a ransomware attack that impacted many of the city’s systems and disrupted some services. This latest ransomware attack, alongside ongoing cyber attacks against local governments, underscores the challenges that CISOs face in protecting a broad range of municipal services from numerous cyber threats. As the Oakland attack highlights, municipal governments have become major targets for ransomware gangs and state sponsored threat actors.

Read more about Recent Ransomware Attack Highlights the Challenging Balancing Act Confronting Municipal CISOs

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 7, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

None

Alerts, Updates, and Bulletins:

CISA Adds Three Known Exploited Vulnerabilities to Catalog

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 7, 2023

EPA Unveils Action Plan to Add Cyber Reviews to Sanitary Surveys

Last week, the EPA formally released its long-anticipated interpretive memorandum requiring states to evaluate the cybersecurity of operational technology used by a public water system (PWS) as part of periodic sanitary surveys or through other state programs.

Read more about EPA Unveils Action Plan to Add Cyber Reviews to Sanitary Surveys

White House Releases New National Cybersecurity Strategy

Today, the White House released a new National Cybersecurity Strategy, which aims to identify the cyber challenges facing the country and offer solutions for improving the security and resilience of federal and private sector networks and systems. The strategy underscores that robust collaboration, particularly between the public and private sectors, is essential to securing cyberspace.

Read more about White House Releases New National Cybersecurity Strategy

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 2, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 2, 2023

CISA Releases New Tool Mapping Adversary Behavior to MITRE ATT&CK®

Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the Homeland Security Systems Engineering and Development Institute™ (HSSEDI), released Decider, a tool for mapping adversary behavior to the MITRE ATT&CK® framework.

Read more about CISA Releases New Tool Mapping Adversary Behavior to MITRE ATT&CK®

Security Awareness – Use of Backdoors One of the Top Attack Methods by Threat Actors

The use of backdoor malware, which provides threat actors with remote access to a device or network, was one of the top attack methods employed by malicious cyber actors last year, according to a recent IBM report.

Read more about Security Awareness – Use of Backdoors One of the Top Attack Methods by Threat Actors

You are here

Cybersecurity

Threat Awareness – Keep Our Eyes on Emotet

Security Awareness – Recruitment Scams are a Threat to Seekers and Employers

Cyber Resilience – How to Block Microsoft OneNote Files from Delivering Malware

Recent Ransomware Attack Highlights the Challenging Balancing Act Confronting Municipal CISOs

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 7, 2023

EPA Unveils Action Plan to Add Cyber Reviews to Sanitary Surveys

White House Releases New National Cybersecurity Strategy

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 2, 2023

CISA Releases New Tool Mapping Adversary Behavior to MITRE ATT&CK®

Security Awareness – Use of Backdoors One of the Top Attack Methods by Threat Actors

Pages

You are here

Cybersecurity

Pages

Footer Email Signup