You are here

Home

Cybersecurity

Joint Cybersecurity Advisory - Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester

Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI published a joint Cybersecurity Advisory (CSA) providing information about an incident at a Federal Civilian Executive Branch (FCEB) organization which involved Iranian government-sponsored APT actors exploiting a Log4Shell vulnerability in an unpatched VMware Horizon server. 

Session Cookie Hijacking – The Not so Sweet Side of MFA

Develop a viable defense and threat actors will inevitably find a way to bypass it. That’s the endless game of cat-and-mouse, especially in the cybersecurity world. A historical example was the old advice to ‘never open an email from someone you don’t know,’ so threat actors now expertly purport to be or impersonate someone (or something, as in the case of a well-known brand) we do know. A more recent example is in regards to multifactor authentication (MFA).

European Cybersecurity Agency (ENISA) Releases Threat Landscape Report, Ransomware and Phishing Remain Top Threats

The European Cybersecurity Agency (ENISA) recently released its annual report on the cybersecurity threat environment facing the European Union. The report, Volatile Geopolitics Shake the Trends of the 2022 Cybersecurity Threat Landscape, identifies significant threats, threat actors and attack techniques, tracks major trends, and also provides mitigation measures.

FBI PSA - Scammers Using Computer-Technical Support Impersonation Scams to Target Victims and Conduct Wire Transfers

The FBI has published a Public Service Announcement (PSA) advising the public on how to protect themselves from cyber criminals conducting computer-technical support scams. Technical support scams involve fraudsters posing as service representatives of a company's technical or computer repair service and contacting victims through email or by telephone about a highly priced, soon-to-renew subscription. According to the PSA, “Scammers request victims contact the scammers at a provided telephone number or email to cancel the renewal and receive a varying refund amount.

Proofpoint – Cybersecurity Predictions for a Turbulent 2023

Last week, cybersecurity company Proofpoint released an assessment of cybersecurity predictions for 2023. Notably, Proofpoint forecasts that the commercialization of malware and other exploitation tools on the dark web will likely lead to an increase in cybercrime. The assessment also predicts that ongoing geopolitical tensions, such as the continuing Russian war in Ukraine, will likely catalyze new cyber attacks and expand systemic risk for organizations.

Pages

Subscribe to Cybersecurity