You are here

Home » Cybersecurity

Cybersecurity

Security Awareness – Top Smartphone Security Threats

Typically, people think of cyber attacks occurring on their personal or work computers. However, mobile smartphones, which many people use for banking, business communications, and other sensitive activities, are also prime targets for cyber threat actors. Consequently, some of the top threats to Android and Apple smartphones include, but are not limited to, phishing and more specifically smishing (SMS text phishing), SIM hijacking, spyware, financial malware, open Wi-Fi, and ransomware.

Atlassian Releases Security Advisory for Questions for Confluence App

The Cybersecurity and Infrastructure Security Agency (CISA) has shared a security advisory from the software company Atlassian urging users of the Confluence application to apply the necessary updates to address a critical security vulnerability. Attackers could exploit this vulnerability to acquire sensitive information from users of the Confluence app. Atlassian reports that the vulnerability is likely to be exploited in the wild now that the hardcoded password is publicly known. Many organizations utilize Confluence for project management and for collaboration between remote workers.

CISA Releases Security Advisory on MiCODUS MV720 Global Positioning System (GPS) Tracker

This week, the Cybersecurity and Infrastructure Security Agency (CISA) released a security advisory detailing six vulnerabilities that were detected in MiCODUS MV720 Global Positioning System (GPS) Tracker. Successful exploitation of these vulnerabilities could allow threat actors to gain control over any MV720 GPS tracker, granting access to vehicle location, routes, fuel cutoff commands, and the disarming of various features such as alarms, according to CISA. These devices are present in vehicles used by businesses and governments across the world.

EPA Highlights Resources to Assist with Implementation of Bipartisan Infrastructure Law, including for Security and Climate Resilience

EPA recently published a Bipartisan Infrastructure Law Resources for Drinking Water webpage, which highlights resources designed to help states and water systems with the implementation of the Bipartisan Infrastructure Law (BIL) that was enacted late last year.

FBI PIN - Cyber Criminals Create Fraudulent Cryptocurrency Investment Applications to Defraud US Investors

The FBI has published a TLP:WHITE Private Industry Notification (PIN) warning that cyber criminals are creating fraudulent cryptocurrency investment applications to defraud financial institutions and other investors. Cyber criminals are seeking to exploit the increased interest in mobile banking and cryptocurrency investing.

Security Awareness – BlackCat Ransomware Adds New Tools and Tricks

Security researchers at Sophos recently published a report on BlackCat ransomware, that warned the threat actors behind the ransomware are adding new tools and practices, making the malware more effective at compromising organizations. BlackCat threat actors have targeted organizations in the US, Europe, and Asia, and don’t appear to favor any type of victim.

CISA Releases Report of its Review into Log4j Vulnerabilities and Response

Last week, DHS’s Cyber Safety Review Board’s (CSRB) released a report reviewing the U.S. government and industry’s response to the Log4j Vulnerabilities first discovered in December 2021. The report stresses the Log4j event is not over and contends it will remain an “endemic vulnerability and that vulnerable instances of Log4j will remain in systems for many years to come.” The study also concluded that defenders from across government and industry collaborated and communicated in a dedicated fashion to address the incident.

Pages

Subscribe to Cybersecurity