You are here

Home » Cybersecurity

Cybersecurity

(TLP:CLEAR) New Russia-Affiliated Threat Actor Targeting Critical Infrastructure: Void Blizzard

Summary: Microsoft Threat Intelligence and Dutch intelligence security services (AIVD and MIVD) have observed a new Russia-affiliated threat actor conducting espionage operations targeting organizations that are important to Russian government objectives, primarily in government and other critical infrastructure sectors. The new group is tracked as Laundry Bear by Dutch intelligence and Void Blizzard by Microsoft.

(TLP:CLEAR) Best Practices for Securing Data Used to Train & Operate AI Systems

Summary: Last week, CISA and other federal and international partners released a joint cybersecurity information sheet on AI Data Security: Best Practices for Securing Data Used to Train & Operate AI Systems. This information sheet highlights the critical role of data security in ensuring the accuracy, integrity, and trustworthiness of AI outcomes.

(TLP:CLEAR) Advisory Update on Cyber Threat Activity Targeting Commvault’s SaaS Cloud Application (Metallic)

Summary: Data protection software company Commvault has updated a cybersecurity advisory, originally sent in February, regarding unauthorized activity by a nation-state threat actor based on Microsoft’s visibility within Azure environments. Commvault continues to monitor cyber threat activity targeting the applications hosted in their Microsoft Azure cloud environment. Threat actors may have accessed client secrets for Commvault’s (Metallic) Microsoft 365 (M365) backup software-as-a-service (SaaS) solution, hosted in Azure.

(TLP:CLEAR) CISA and Partners Release New Guidance for SIEM and SOAR Implementation

Summary: On Tuesday, CISA, in collaboration with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and other international and U.S. partners, released new guidance for organizations seeking to procure Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms.

(TLP:CLEAR) Threat Actors Target U.S. Critical Infrastructure and Exfiltrate Data with LummaC2 Malware

Summary: Yesterday, CISA and the FBI released a joint Cybersecurity Advisory (CSA) detailing the tactics, techniques, and procedures (TTPs), and indicators of compromise (IOCs) linked to threat actors deploying LummaC2 malware. This malware poses a serious threat, capable of infiltrating networks and exfiltrating sensitive information of vulnerable individuals’ and organizations’ computer networks across U.S. critical infrastructure sectors.

(TLP:CLEAR) Russian GRU Targeting Western Logistics Entities and Technology Companies

Summary: A joint Cybersecurity Advisory (CSA) was just released by over 20 federal and international partner agencies to highlight a Russian state-sponsored campaign targeting Western logistics entities and technology companies. The CSA provides an overview of targets, initial access tactics, techniques, and procedures (TTPS), and indicators of compromise (IOCs) that are associated with the campaign.

(TLP:CLEAR) Insights into the Continued Salt Typhoon Telecom Infiltrations

Summary: New insights have been shed into the problems that allowed the Chinese advanced persistent threat group known as Salt Typhoon to infiltrate several telecommunications companies’ networks over the last year. CyberScoop gives a detailed analysis of how telecoms may never fully eradicate the threat actor fromtheir networks.

Pages

Subscribe to Cybersecurity