You are here

Home » Cybersecurity

Cybersecurity

FBI PIN: Business Email Compromise Actors Targeting Governments, Straining Resources

The FBI has published a Private Industry Notification (PIN) advising that it observed increased in business email compromise (BEC) actors targeting state, local, tribal, and territorial government entities for financial gain due to vulnerability exploitation and transparency requirements. It adds that the COVID-19 pandemic has exacerbated these challenges as many government entities shifted a significant portion of their workforce to remote work.

CISA Encourages Users and Administrators Update Vulnerable F5 BIG-IP and BIG-IQ Devices

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review an F5 advisory regarding multiple CVEs impacting BIG-IP and BIG-IQ devices and install updated software as soon as possible. CISA emphasizes that four of the CVEs involve critical remote code execution vulnerabilities, whereby an attacker could exploit these to take control of an affected system. Two related CVEs are buffer-overflow vulnerabilities.

Oldsmar City Officials Identify Areas for Improvement following Water Treatment Plant Compromise

The water treatment plant compromise in Oldsmar, Florida on February 5 led city officials to reassess and upgrade security measures at the facility, some of which are starting to be disclosed. Last week, the city council unanimously approved an upgrade for the plant’s supervisory controls and data acquisition software that allows a local firm to replace the facility’s current computers and software. It will also install a “simplified yet robust program” used by other local utilities, including a nearby electric utility, as well as install additional security.

FBI PIN: Malicious Actors Almost Certainly Will Leverage Synthetic Content for Cyber and Foreign Influence Operations

The FBI has published a Private Industry Notification (PIN) advising that malicious actors will almost certainly leverage synthetic content for cyber and foreign operations in the next 12-18 months. The FBI reports that foreign actors are already using synthetic content in their influence campaigns and that they and criminal cyber actors will increasingly use this material for spear phishing and social engineering in an evolution of cyber operations tradecraft.

Blended Threat Awareness – Cyber Attackers Compromise Security Cameras

Used across multitude of facilities, often unmanaged and connected to the corporate network with little to no security, surveillance cameras provide an avenue for compromise. Compromise that usually leads to serious privacy concerns, but also opens the lens of access to the broader corporate network and for launching future attacks against customers. Attackers claim to have obtained privileged credentials for a high-level administrator at Verkada, an enterprise security camera solutions company.

CISA Awards Grant for State, Local, Tribal, and Territorial Government IT Guidance and Best Practices Pilot Program

The Cybersecurity and Infrastructure Security Agency (CISA) has awarded the Center for Infrastructure Assurance and Security (CIAS) at the University of Texas at San Antonio a $1.2 million grant to conduct a pilot program to help state, local, tribal and territorial governments identify high value assets (HVA) to prioritize resources and planning. The pilot will aid these governments in establishing an HVA program that aligns with the federal government’s while maintaining the flexibility needed to incorporate their individual needs.

Joint NSA and CISA Guidance on Strengthening Cyber Defense Through Protective DNS

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released a Joint Cybersecurity Information (CSI) sheet with guidance on selecting a protective Domain Name System (PDNS) service as a key defense against malicious cyber activity. Protective DNS can greatly reduce the effectiveness of ransomware, phishing, botnet, and malware campaigns by blocking known-malicious domains.

Pages

Subscribe to Cybersecurity