You are here

Home

Cybersecurity

Joint Cybersecurity Advisory – Top CVEs Actively Exploited by People’s Republic of China State-Sponsored Cyber Actors

CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) released a joint Cybersecurity Advisory (CSA) providing the top Common Vulnerabilities and Exposures (CVEs) used since 2020 by People’s Republic of China (PRC) state-sponsored cyber actors. PRC state-sponsored cyber actors continue to exploit known vulnerabilities to actively target U.S. and allied networks, including software and hardware companies to illegally obtain intellectual property and develop access into sensitive networks.

Cybersecurity Awareness Month – Behavior: Enable MFA to (Greatly) Reduce Risk Away

This year, Cybersecurity Awareness Month has changed up its typical approach of weekly themes and is focusing on four behaviors that are most important to #BeCyberSmart and stay safe online. The behaviors focus on the “people” part of cybersecurity to ensure all individuals and organizations make smart decisions personally and professionally. The behaviors that will be highlighted during the month include:

FBI-CISA PSA: Malicious Cyber Activity Against Election Infrastructure Unlikely to Disrupt or Prevent Voting

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have published a Public Service Announcement (PSA) assessing that any attempts by cyber actors to compromise election infrastructure are unlikely to result in largescale disruptions or prevent voting.

Joint Cybersecurity Advisory – Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization

This week, the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the National Security Agency (NSA) published a joint Cybersecurity Advisory (CSA) to highlight malicious cyber activity by advanced persistent threat (APT) actors observed on a Defense Industrial Base sector organization’s enterprise network. Most notably, the advisory highlights how threat actors continue to successfully maintain persistence in victim networks by leveraging legitimate account credentials.

CISA Issues Binding Operational Directive (BOD) 23-01 to Improve Cybersecurity Asset Visibility and Vulnerability Detection

Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA) announced a new Binding Operational Directive (BOD) 23-01, Improving Asset Visibility and Vulnerability Detection on Federal Networks. The intent of the BOD is to help federal agencies strengthen their cyber defenses by gaining visibility into all the assets on their networks and improving vulnerability detection capabilities.

CISA Warns Users to Remain on Alert for Hurricane-Related Scams

The Cybersecurity and Infrastructure Security Agency (CISA) is warning users to remain on alert for malicious cyber activity targeting potential disaster victims and charitable donors following Hurricane Ian. Fraudulent emails – often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with hurricane-related subject lines, attachments, or hyperlinks. In addition, be wary of social media pleas, texts, or door-to-door solicitations relating to severe weather events.

Pages

Subscribe to Cybersecurity