You are here

Home » Cybersecurity

Cybersecurity

15 Cybersecurity Fundamentals Refresher – #10 Implement Threat Detection and Monitoring

If you are not monitoring network activity, you will not detect an attack when it happens. Without the ability to detect threats within your environment, adversaries will go unnoticed. According to numerous findings by CISA during its cybersecurity assessments, while most organizations enable logging, many fail to aggregate relevant logs to a centralized log management system or SIEM (security information and event management) for correlation and analysis.

CISA’s Harrell Stresses Resilience to Make Critical Infrastructure Secure

In comments made at Auburn University on Friday, Brian Harrell, assistant director for infrastructure security at DHS’s Cybersecurity and Infrastructure Security Agency (CISA), emphasized the need for critical infrastructure to be built and managed with resilience in mind so that attacks don’t take down these important systems. “Resilience is key,” Harrell stressed, adding that “we should make the assumption that one day we’re going to be attacked,” whether by natural or manmade forces.

Security Awareness – New Phishing Campaign Detected in National Grid Utilities

Phishing defense firm Cofense has observed a new phishing campaign targeting national grid utility infrastructure. The new campaign includes what appears to be a PDF attachment, but is actually a jpg file with an embedded malicious hyperlink directing users to a malicious webpage that downloads Adwind RAT (also known as jRAT, AlienSpy, JSocket, etc.). Adwind RAT evades most antivirus and antimalware detection and foils sandbox analysis.

Cyber Insurance – You Better Shop Around

Cyber insurance policies are not new, but until recent years they lacked maturity. While cyber insurance is still evolving, it is becoming a necessity in cybersecurity resilience strategy. Cisco Talos Intelligence Group published a post covering some key points all businesses should know about cyber insurance. It is important to understand that not all cyber policies are created equal, and it is likely no two policies are the same. Cyber policies are not plug ’n play like traditional vehicle insurance policies and each policy is customized on a case-by-case basis.

CISA’s Insights on the Ransomware Outbreak

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published a one-page document addressing considerations in light of the outbreak of ransomware attacks against the nation’s networks. CISA observes that the ransomware infections being reported and discussed in the news are just part of the picture, as many more incidents are not being disclosed.

Microsoft Releases Security Update for Windows Elevation of Privilege Vulnerability

Microsoft has released a security update to address an elevation of privilege vulnerability (CVE-2019-1162) in Windows. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Microsoft Security Advisory and apply the necessary update.

Security Awareness – Use Caution with Malware Scanning Services

Back in the day, data found in malware was much more generic, or at least much less specific. Today, with phishing-based scams, BEC, and CEO-fraud leading the pack of cyber attack techniques, the malware samples being uploaded to free malware scanning services reveal far more specific company data than they used to. The Register posted a reminder about the dangers of uploading malware to public online sandbox services. Malware samples certainly provide valuable data for cyber analysts, but malicious actors also view the data.

Pages

Subscribe to Cybersecurity