Cybersecurity

Australian Advisory: Mailto Ransomware Incidents

The Australian Cyber Security Centre (ACSC) has published an advisory noting that it is aware of recent ransomware incidents involving a ransomware tool known as “Mailto” or “Kazakavkovkiz.” The ACSC has limited information regarding the initial intrusion vector for Mailto, but evidence suggests that phishing and password spray attacks have been used to compromise user accounts. The ACSC advisory provides recommendations for users to detect and mitigate these types of attacks and assist with limiting their spread within networks.

Read more about Australian Advisory: Mailto Ransomware Incidents

Business Email Compromise – Don’t Forget About Your Vendors (VEC)

Email security firm Agari posted an article reminding us how the attack surface from the scourge known as business email compromise (BEC) is larger than we may think. Agari points out the need to protect against the compromised supply chain, in what is referred to as vendor email compromise (VEC). With the majority of phishing emails we receive impersonating trusted suppliers, it is imperative that organizations are intentional about securing their supply chain.

Read more about Business Email Compromise – Don’t Forget About Your Vendors (VEC)

Five ICS Cybersecurity Myths that Might be Holding You Back

There is no doubt that complex industrial control systems need to be secured, but what is holding us back from achieving even a minimum level of security? ICS cybersecurity firm Dragos explores five misconceptions that might be inhibiting your organization from reducing risk to your ICS environments:

Read more about Five ICS Cybersecurity Myths that Might be Holding You Back

FBI Director Says HVEs, Domestic Extremists, and FTOs Are Most Persistent Terrorist Threat to U.S.

In testimony before the U.S. House Judiciary Committee yesterday, FBI Director Christopher Wray identified the most persistent terrorism threats to the U.S. as homegrown violent extremists (HVEs), domestic extremists, and foreign terrorist organizations (FTOs). Drawing a link between two of the groups, he explained how FTOs have made extensive use of the Internet and social media to disseminate propaganda and training materials to attract and influence individuals in the U.S., giving rise to HVEs.

Read more about FBI Director Says HVEs, Domestic Extremists, and FTOs Are Most Persistent Terrorist Threat to U.S.

OpenSMTPD Vulnerability

The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting OpenSMTPD. An attacker could exploit this vulnerability to take control of an affected system. OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol (SMTP) that is part of the OpenBSD Project. CISA encourages users and administrators to review CERT/CC’s Vulnerability Note VU#390745 and apply the necessary updates.

Read more about OpenSMTPD Vulnerability

EKANS Ransomware Has Direct Implications for ICS Operations, and It May Not Be the First

Until mid-2019, previous ICS-impacting ransomware had been limited to only IT-based mechanisms that enabled the propagation into control system environments. ICS cybersecurity firm Dragos assesses the newly disclosed EKANS ransomware (also reported as SNAKE) is not the first sample with direct ICS-impacting implications.

Read more about EKANS Ransomware Has Direct Implications for ICS Operations, and It May Not Be the First

IRS Launches “Identify Theft Central” Webpage

The Internal Revenue Service (IRS) has launched its “Identity Theft Central” webpage to provide 24/7 access to online information regarding tax-related identity theft and data security protection. Tax-related identity theft occurs when someone steals personal information to commit tax fraud.

Read more about IRS Launches “Identify Theft Central” Webpage

AutomationDirect C-More Touch Panels (ICSA-20-035-01) – Product Used in the Water and Wastewater and Energy Sectors

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has published an advisory on an insufficiently protected credentials vulnerability in AutomationDirect C-More Touch Panels. Firmware versions prior to 6.53 are affected. Successful exploitation of this vulnerability may allow an attacker to get account information such as usernames and passwords, obscure or manipulate process data, and lock out access to the device. AutomationDirect recommends users upgrade to version 6.53.

Read more about AutomationDirect C-More Touch Panels (ICSA-20-035-01) – Product Used in the Water and Wastewater and Energy Sectors

Tax Identity Theft Awareness Week

Next week, February 3 to 7, is Tax Identity Theft Awareness Week. The Federal Trade Commission (FTC) will provide webinars and other resources throughout the week to help educate the public on how to protect against identity theft this tax season. The U.S.

Read more about Tax Identity Theft Awareness Week

CISA Webinar: A Modified Approach to OT Security and Achieving IT/OT Convergence

Wednesday, March 11, 2020; 1:00 – 2:00 pm ET; webinar

Read more about CISA Webinar: A Modified Approach to OT Security and Achieving IT/OT Convergence

You are here

Cybersecurity

Australian Advisory: Mailto Ransomware Incidents

Business Email Compromise – Don’t Forget About Your Vendors (VEC)

Five ICS Cybersecurity Myths that Might be Holding You Back

FBI Director Says HVEs, Domestic Extremists, and FTOs Are Most Persistent Terrorist Threat to U.S.

OpenSMTPD Vulnerability

EKANS Ransomware Has Direct Implications for ICS Operations, and It May Not Be the First

IRS Launches “Identify Theft Central” Webpage

AutomationDirect C-More Touch Panels (ICSA-20-035-01) – Product Used in the Water and Wastewater and Energy Sectors

Tax Identity Theft Awareness Week

CISA Webinar: A Modified Approach to OT Security and Achieving IT/OT Convergence

Pages

You are here

Cybersecurity

Pages

Footer Email Signup