October 29, 2020
CISA has updated this advisory with additonal information on the researcher who reported the vulnerabilities. Read the advisory at CISA.
October 20, 2020
The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published a joint alert with the FBI and the U.S. Department of Health and Human Services describing the tactics, techniques, and procedures (TTPs) used by cybercriminals against targets in the healthcare and public health sector to infect systems with Ryuk ransomware for financial gain. In the alert, the authoring organizations state that they have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.
CISA has published an advisory on authentication bypass by capture-replay and command injection vulnerabilities in SHUN HU Technology JUUKO Industrial Radio Remote Control. JUUKO K-800 and K-808, with firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc., are affected. Successful exploitation of these vulnerabilities could allow attackers to replay commands, control the device, view commands, and/or stop the device from running.
Today the U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the U.S. Cyber Command published a joint cybersecurity advisory describing the tactics, techniques, and procedures used by the North Korean advanced persistent threat (APT) group Kimsuky.
The Federal Trade Commission (FTC) has posted an advisory on overpaid utility bill scams. While primarily intended for consumers, a utility could provide this advisory to its customers to help them identify and avoid these scams. According to the advisory, in this scam a customer receives a robocall saying they paid too much on a utility bill. To make up for this mistake, they’ll get a cash refund and a discount on future bills. All they have to do is provide some information, such as their social security number or account details, to get their money and discount.
Ok, maybe it takes a cybersecurity nerd to think cyber threat detection and incident response is fun. But be assured, if you aren’t monitoring and detecting cyber threats against your organization, it’ll be anything but fun trying to respond to an attack or other cyber incident.
The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released two joint cybersecurity advisories on widespread advanced persistent threat (APT) activity. The first, on Russian APT actors, is an update to a previous CISA-FBI advisory (AA20-283A APT Actors Chaining Vulnerabilities against SLTT, Critical Infrastructure, and Elections Organizations, published on October 9, 2020) and provides information on targeting of U.S.
As part of its Tech Tuesday series, the FBI's Portland, Oregon office has published an article the provides tips for identifying misinformation and disinformation. One key factor it recommends watching for: Is the information designed to create a strong emotional reaction? If so, that can indicate that the person or group posting the information is trying to manipulate you.
During a public briefing yesterday, top U.S. intelligence officials, including Director of National Intelligence John Ratcliff and FBI Director Christopher Wray, described some of the malicious activities foreign governments have taken ahead of the upcoming presidential election. In one example, they discussed how Iran had sent spoofed emails to voters that were intended to intimidate them. One of the goals of these efforts appears to be to incite social unrest.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
