You are here

Home » Cybersecurity

Cybersecurity

CISA Releases Second Graphic Novel to Educate about the Risk of Disinformation

The Cybersecurity and Infrastructure Security Agency (CISA) has released its second graphic novel in the Resilience Series to educate the public on the dangers and risks associated with dis- and misinformation campaigns. Bug Bytes tells the fictional story of Ava Williams, a graduate student, who uses her wits and journalism skills to uncover a disinformation campaign set to damage critical communications infrastructure in the U.S.

If Your Utility Qualifies for a “.gov” Top-Level Domain (TLD), Consider This

On Tuesday, administration of the “.gov” top-level domain (TLD) was officially transferred to CISA. Organizations that qualify as a government entity but do not currently use a .gov TLD can be confusing to the public as to whether the website is legitimate. Reasons vary for why some government entities do not use a .gov. Often that reason is due to the cost of registering and maintaining .gov, especially for small municipalities.

Emotet Effectively Exhausted – Uninstall Command Executed on April 25

The uninstall code planted by the German Bundeskriminalamt (BKA) federal police agency instructing Emotet to uninstall from roughly one million remaining infected systems executed on Sunday. This action cleans up the Windows registry key that enabled the Emotet modules to run automatically and stops and deletes associated services, but does not remove other files, nor does it erase additional malware that might have been installed through the botnet.

Security Awareness – Recent Analysis of Previously Published “Compilation of Many Breaches” (COMB)

A recent sensational headline states that “3.2 billion leaked passwords contain 1.5 million records with government emails,” is indeed notable. However, this is not a new development, nor are these newly leaked credentials. This 100GB “database” was published for free this February in an online cybercrime forum. Dubbed “COMB,” or “Compilation of Many Breaches,” this data set is composed of multiple leaks and breaches across different companies that have occurred over the years.

Joint Cybersecurity Advisory: Russian Foreign Intelligence Service Cyber Operations Trends and Best Practices for Network Defenders

The FBI, the U.S. Department of Homeland Security, and the Cybersecurity and Infrastructure Security Agency (CISA) have published a Joint Cybersecurity Advisory presenting their assessment that Russian Foreign Intelligence Service (SVR) cyber actors – also known as APT29, the Dukes, CozyBear, and Yttirum – will continue to attempt to exploit U.S. and other foreign entities using a range of initial techniques that vary in sophistication, coupled with stealthy intrusion tradecraft within compromised networks. The U.S.

Trend Micro Vulnerability Being Actively Exploited

Cybersecurity firm Trend Micro has disclosed that a threat actor began using a vulnerability in its antivirus products to gain admin rights on Windows systems as part of its attacks. The vulnerability, tracked as CVE-2020-24557, affects the company’s Apex One and OfficeScan XG, two advanced security products aimed at enterprise customers. The vulnerability was discovered last year and patched, but Trend Micro said it learned of incidents where this same bug was weaponized to attack some of its customers.

U.S. Department of Justice Launches Ransomware Task Force

In one of the latest of the federal government’s efforts to address today’s daunting cybersecurity challenges, the U.S. Department of Justice has formed a task force aimed at curtailing the proliferation of ransomware. The task force’s goal is to make these extortion schemes less lucrative by targeting the entire digital ecosystem that supports them. It will increase training and dedicate more resources to the issue, seek to improve intelligence sharing across the department, disrupt command and control infrastructure, and seize profits.

Large Energy Supplier Suffers Data Breach Caused by Unsecured Cloud Storage

A large energy supplier in New England, Eversource, has reported it suffered a data breach due to customers' personal information, including names, social security numbers, and more, being left exposed on an unsecured cloud server. The company discovered the breach during a security review in mid-March, when it found a cloud data storage folder that was misconfigured so that anyone could access its contents. Eversource immediately secured the folder and has stated that there is no indication that any of the data was acquired or misused by unauthorized people.

Pages

Subscribe to Cybersecurity