Cybersecurity

Security Awareness – $36 Million Vendor Email Compromise Attack Demonstrates Risk of Trust

Abnormal published a detailed blog post discussing a Vendor Email Compromise (VEC) attack with a 36 million dollar impact that was detected by its platform. In textbook fashion, the attacker impersonated a senior leader at a third party vendor that had a long-term relationship with the target and attempted to further gain legitimacy by cc’ing a peer business in the same sector. The spoofed emails utilized addresses with a “.cam” (not “.com”) domain, which had been set up less than a week prior to the attack.

Read more about Security Awareness – $36 Million Vendor Email Compromise Attack Demonstrates Risk of Trust

Cyber Resilience – Identity and Access Management Best Practices Document Released by CISA/NSA

CISA and the NSA have released a document titled “Identity and Access Management Recommended Best Practices Guide for Administrators” as part of their work on the Enduring Security Framework working group.

Read more about Cyber Resilience – Identity and Access Management Best Practices Document Released by CISA/NSA

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 21, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 21, 2023

Threat Awareness – Emotet Malware Being Distributed Via Microsoft OneNote

Threat actors behind the infamous Emotet malware, which recently re-emerged this month to infect users through their inboxes once again, are now exploiting Microsoft OneNote to distribute the malware and bypass Microsoft security restrictions, according to security researchers at Malwarebytes.

Read more about Threat Awareness – Emotet Malware Being Distributed Via Microsoft OneNote

Report: China Continues to Utilize Most Zero-Day Exploits in Latest Mandiant Report

Mandiant released a report analyzing zero-day exploitation trends in 2022 and their relation to nation state cyber activity. Overall, the company tracked 55 zero-day vulnerabilities (measured as a vulnerability exploited in the wild before a patch was released) over the course of the year, a significant increase in comparison to prior years, though not comparable to the record breaking 81 exploits tracked in 2021. Mandiant is confident that 13 of those zero-days were exploited by state actors, with China as the most enthusiastic participant, utilizing seven zero-days.

Read more about Report: China Continues to Utilize Most Zero-Day Exploits in Latest Mandiant Report

Joint Cybersecurity Advisory – Threat Actors Exploited Progress Telerik Vulnerability in U.S. Government IIS Server

Yesterday, CISA, the FBI, and MS-ISAC released a joint Cybersecurity Advisory (CSA) concerning the successful exploitation of a .NET deserialization vulnerability in the Progress Telerik user interface (UI) software (CVE-2019-18935). Successful exploitation of the vulnerability provided threat actors with remote code execution capabilities on a federal network.

Read more about Joint Cybersecurity Advisory – Threat Actors Exploited Progress Telerik Vulnerability in U.S. Government IIS Server

Joint Cybersecurity Advisory – #StopRansomware: LockBit 3.0

Today, CISA, the FBI, and MS-ISAC released a joint Cybersecurity Advisory (CSA) to provide network defenders with known LockBit 3.0 ransomware indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) identified through FBI investigations as recently as March 2023.

Read more about Joint Cybersecurity Advisory – #StopRansomware: LockBit 3.0

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 16, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 16, 2023

Security Awareness – Phishing Scams Penchant for Impersonating Popular Brands

Cloudflare has released a list of the top 50 brands that phishing URLs impersonate in an effort to make employees more aware of which types of emails in their inbox they should be most skeptical. The top five brands include AT&T Inc., Paypal, Microsoft, DHL, and Facebook.

Read more about Security Awareness – Phishing Scams Penchant for Impersonating Popular Brands

Cyber Resilience – NSA Urges Organizations to Implement Zero Trust in New Resource Sheet

The NSA has released a Cybersecurity Information Sheet titled “Advancing Zero Trust Maturity throughout the User Pillar” that provides recommendations for maturing identity, credential and access management (ICAM) capabilities. Noting the increased trend in threat actors targeting users and user accounts, the NSA promotes the use of the Zero Trust framework by organizations looking to achieve a more maturity cybersecurity posture.

Read more about Cyber Resilience – NSA Urges Organizations to Implement Zero Trust in New Resource Sheet

You are here

Cybersecurity

Security Awareness – $36 Million Vendor Email Compromise Attack Demonstrates Risk of Trust

Cyber Resilience – Identity and Access Management Best Practices Document Released by CISA/NSA

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 21, 2023

Threat Awareness – Emotet Malware Being Distributed Via Microsoft OneNote

Report: China Continues to Utilize Most Zero-Day Exploits in Latest Mandiant Report

Joint Cybersecurity Advisory – Threat Actors Exploited Progress Telerik Vulnerability in U.S. Government IIS Server

Joint Cybersecurity Advisory – #StopRansomware: LockBit 3.0

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - March 16, 2023

Security Awareness – Phishing Scams Penchant for Impersonating Popular Brands

Cyber Resilience – NSA Urges Organizations to Implement Zero Trust in New Resource Sheet

Pages

You are here

Cybersecurity

Pages

Footer Email Signup