You are here

Home » Cybersecurity

Cybersecurity

CISA and FBI Release Joint Advisories on Russian and Iranian APT Actors

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released two joint cybersecurity advisories on widespread advanced persistent threat (APT) activity. The first, on Russian APT actors, is an update to a previous CISA-FBI advisory (AA20-283A APT Actors Chaining Vulnerabilities against SLTT, Critical Infrastructure, and Elections Organizations, published on October 9, 2020) and provides information on targeting of U.S.

FBI Tech Tuesday on Building a Digital Defense Against Misinformation and Disinformation

As part of its Tech Tuesday series, the FBI's Portland, Oregon office has published an article the provides tips for identifying misinformation and disinformation. One key factor it recommends watching for: Is the information designed to create a strong emotional reaction? If so, that can indicate that the person or group posting the information is trying to manipulate you.

U.S. Intelligence Officials Warn of Foreign Government Election-related Activity Intended to Incite Social Unrest

During a public briefing yesterday, top U.S. intelligence officials, including Director of National Intelligence John Ratcliff and FBI Director Christopher Wray, described some of the malicious activities foreign governments have taken ahead of the upcoming presidential election. In one example, they discussed how Iran had sent spoofed emails to voters that were intended to intimidate them. One of the goals of these efforts appears to be to incite social unrest.

15CFAM – Cybersecurity Culture is FUN

Alas! We get to one of my (Jennifer Lyn Walker) favorite 15CFAM topics, cybersecurity culture. Walking back through WaterISAC’s 15 Cybersecurity Fundamentals for Water and Wastewater Utilities guide, we wrap up another three relevant FUNdamentals into one. For this ‘15 Cybersecurity Fundamentals Awareness Month’ (15CFAM) series post we visit #8-Create a Cybersecurity Culture, #9-Develop and Enforce Cybersecurity Policies and Procedures, and #12-Tackle Insider Threats.

CISA Launches Webpage to Help Partners Understand and Address Disinformation and Misinformation

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has just launched a #Protect2020 Rumor vs. Reality webpage, in which it addresses some common disinformation and misinformation rumors that can undermine public confidence in the electoral process. The webpage lists the disinformation or misinformation rumors, provides factual information to counteract this information, and offers resources to support these facts.

NSA Releases Advisory on Chinese State-sponsored Actors Exploiting Publicly Known Vulnerabilities

The National Security Agency (NSA) has released a cybersecurity advisory on Chinese state-sponsored malicious cyber activity. This advisory provides 25 Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks. Read the NSA advisory.

Rockwell Automation 1794-AENT Flex I/O Series B (ICSA-20-294-01)

CISA has published an advisory on a classic buffer overflow vulnerability in Rockwell Automation 1794-AENT Flex I/O Series B. Versions 4.003 and prior are affected. Successful exploitation of these vulnerabilities could crash the device being accessed, resulting in a buffer overflow condition that may allow remote code execution. Rockwell Automation recommends affected users ensure they are employing proper network segmentation and security controls when implementing the affected product. CISA also recommends a series of measures to mitigate this vulnerability.

Pages

Subscribe to Cybersecurity