You are here

Home » Cybersecurity

Cybersecurity

CISA Warns of Hurricane-Related Scams

With June 1 marking the official start of the 2020 Atlantic hurricane season, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) warns users to remain on alert for malicious cyber activity targeting potential disaster victims and charitable donors following a hurricane. Fraudulent emails – often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with hurricane-related subject lines, attachments, or hyperlinks.

NSA Releases Advisory on Sandworm Actors Exploiting an Exim Vulnerability

The National Security Agency (NSA) has released a cybersecurity advisory on Russian advanced persistent threat (APT) group Sandworm exploiting a vulnerability—CVE-2019-10149—in Exim Mail Transfer Agent (MTA) software. An unauthenticated remote attacker can use this vulnerability to send a specially crafted email to execute commands with root privileges, allowing the attacker to install programs, modify data, and create new accounts.

Situational Awareness – Coronavirus Cyber Compendium, May 28, 2020

Flashpoint continues to track key updates regarding Covid-19 and how the pandemic is impacting cyber operations. Highlights include an FBI report warning of the risk of criminals and nation-states targeting US vaccine research, continued incidents of criminals attempting to scam government programs related to the pandemic, the latest misinformation and disinformation narratives that are popular on social media, and the deployment of Covid-19 tracking apps by governments.

Johnson Controls Kantech EntraPass (ICSA-20-147-02)

CISA has published an advisory on an improper access control vulnerability in Johnson Controls Kantech EntraPass. For Special Edition, Corporate Edition, and Global Edition, all versions up to and including v8.22 are affected. Successful exploitation of this vulnerability could potentially allow an authorized low-privileged user to gain full system-level privileges Johnson Controls recommends users upgrade all Kantech EntraPass Editions to Version 8.23. CISA also recommends a series of measures to mitigate the vulnerabilities.

ACSC Releases Cyber Criminal and APT Tradecraft Trends for 2019-2020

The Australian Cyber Security Centre (ACSC) has released a summary of trends for 2019-2020 outlining tactics, techniques, and procedures (TTPs) used by cyber criminals and advanced persistent threat (APT) groups to target Australian networks. ACSC uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework to identify notable adversary TTPs.

CISA, DOE, and UK’s NCSC Issue Guidance on Protecting Industrial Control Systems

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the Department of Energy (DOE), and the UK's National Cyber Security Centre (NCSC) have released “Cybersecurity Best Practices for Industrial Control Systems,” an infographic providing recommended cybersecurity practices for industrial control systems (ICS).

FBI PIN: Cybersecurity Criminals Take Advantage of COVID-19 Pandemic to Target Teleworking Employees through Fake Termination Phishing Emails and Meeting Invites

The FBI has published a Private Industry Notification advising that cyber criminals are targeting teleworking employees with fraudulent termination phishing emails and virtual teleconference meeting invites, citing COVID-19 as the reason. Employees who are alarmed by the message may not scrutinize the spoofed email address that looks similar to their company’s legitimate one. The emails entice victims to click on malicious links purporting to provide more information or online conferences pertaining to the victim’s termination or severance packages.

CISA, IRS, USSS, and Treasury Release Joint Alert on Scams Related to Coronavirus Economic Impact Payments

The Cybersecurity and Infrastructure Security Agency (CISA), U.S. Department of the Treasury, Internal Revenue Service (IRS), and United States Secret Service (USSS) have released a Joint Alert with mitigations to help Americans avoid scams related to coronavirus economic impact payments – particularly attempts to steal payments, personal and financial information, and disrupt payment efforts. Read the alert at CISA.

Pages

Subscribe to Cybersecurity