You are here

Home » Cybersecurity

Cybersecurity

FBI FLASH: Indicators of Compromise Associated with Ragnar Locker Ransomware

The FBI has published a TLP:WHITE FLASH message containing indicators of compromise associated with the Ragnar Locker ransomware, which the FBI notes has been deployed against an increasing number of victims. This product also contains a list of recommended mitigation measures and encourages recipients to report information concerning suspicious or criminal activity to their local FBI field office or the FBI’s 24/7 Cyber Watch (CyWatch) at (855)-292-3937 or [email protected].

Cybersecurity Accountability – Food for Thought, as CEO’s may be Personally on the Hook by 2024 for Cyber-Physical Attacks

Nothing screams cybersecurity is serious like personally being on the hook for an entire organization. Personal liability of executives for cyber incidents isn’t new. But when safety of the cyber-physical systems (CPS) that operate within industrial environments is on the line, executives and boards need to be acutely aware of these systems and their vulnerabilities and intentionally pursue a sound risk management strategy for securing these assets.

State-sponsored Actors and Ransomware Threaten Canadian Critical Infrastructure, according to Annual Cyber Threat Assessment

The Canadian Centre for Cyber Security has released the National Cyber Threat Assessment 2020, which begins by noting increased vulnerability of Canadian individuals and organizations to cyber threat actors given their greater reliance on the internet in the COVID-19 environment. One of the key judgements presented in the document is state-sponsored actors are very likely attempting to develop cyber capabilities to disrupt Canadian critical infrastructure, such as the supply of electricity, to further their goals.

Insider Threat Mitigation Guide and Fact Sheets (CISA)

Today the Cybersecurity and Infrastructure Security Agency (CISA) published its Insider Threat Mitigation Guide, which brings together planning and preparedness resources from federal and private sector experts into a single format that organizations can use to prepare for and respond to an insider threat. It contains step-by-step information, best practices, metrics, tools, and training that can be used for establishing an effective threat mitigation plan to decrease the likelihood of harm to people, companies, organizations, and critical infrastructure.

OT/ICS Cybersecurity – Vulnerability Management of Embedded Devices

After its recent webinar on Understanding Embedded Devices and Firmware in OT, Verve Industrial took to its blog to address many questions posed during the event. Verve responds in detail and provides “pro-tips” to six important questions for understanding cybersecurity and vulnerability management issues for embedded devices.

Questions answered in this post include:

Security Awareness Reminder – Business Email Compromise, a Primer on Impersonation Attacks

Given the Abnormal Security’s Q3 Quarterly BEC Report shows that business email compromise (BEC) has recently grown in interest over the last quarter, and the energy/infrastructure industries have experienced a 93% increase in attacks, now is NOT the time to curtail your security awareness reminders on BEC and other impersonation-based scams.

Resilience – Water and Wastewater Sector Cybersecurity Resilience Considerations

WaterISAC members continue to needfully advance cybersecurity as a top business and operational priority, but that does not mean it is always easy. Therefore we continue to provide encouragement, reminders, and resources to help utilities stay on track. One such resource is a recent article posted in the Water & Wastes Digest.

Pages

Subscribe to Cybersecurity