#StopRansomware: MedusaLocker

CISA, the Federal Bureau of Investigation FBI, the Department of the Treasury Treasury, and the Financial Crimes Enforcement Network FinCEN have released a joint Cybersecurity Advisory CSA, StopRansomware: MedusaLocker, to provide information on MedusaLocker ransomware. MedusaLocker actors target...

Log4Shell Vulnerability Targeted in VMware Servers to Exfiltrate Data

The Cybersecurity and Infrastructure Security Agency CISA and Coast Guard Cyber Command CGCYBER released a joint advisory warning the Log4Shell flaw is being abused by threat actors that are compromising public-facing VMware Horizon and Unified Access Gateway UAG servers. The VMware Horizon is a...

APT Cyber Tools Targeting ICS/SCADA Devices

Summary Actions to Take Today to Protect ICS/SCADA Devices: • Enforce multifactor authentication for all remote access to ICS networks and devices whenever possible. • Change all passwords to ICS/SCADA devices and systems on a consistent schedule, especially all default passwords, to device-uniqu...

10 ways attackers gain access to networks

A joint multi-national cybersecurity advisory has revealed the top ten attack vectors most exploited by cybercriminals in order to gain access to organisation networks, as well as the techniques they use to gain access. The advisory cites five techniques used to gain leverage: 1. Public facing...

CVE-2022-30689

HashiCorp Vault and Vault Enterprise from 1.10.0 to 1.10.2 did not correctly configure and enforce MFA on login after server restarts. This affects the Login MFA feature introduced in Vault and Vault Enterprise 1.10.0 and does not affect the separate Enterprise MFA feature set. Fixed in 1.10.3...

Easy authentication and authorization in Azure Active Directory with No-Code Datawiza

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. The acceleration of cloud journeys fueled by the pandemic and ever-increasing concerns about data security and information privacy have made access management one of the hottest topi...

Easy authentication and authorization in Azure Active Directory with No-Code Datawiza

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. The acceleration of cloud journeys fueled by the pandemic and ever-increasing concerns about data security and information privacy have made access management one of the hottest topi...

Strengthening Cybersecurity of SATCOM Network Providers and Customers

Summary Updated May 10, 2022: The U.S. government attributes this threat activity to Russian state-sponsored malicious cyber actors. Additional information may be found in a statement from the State Department . For more information on Russian malicious cyber activity, refer to...

Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure

Summary Actions critical infrastructure organizations should implement to immediately protect against Russian state-sponsored and criminal cyber threats: • Patch all systems. Prioritize patching known exploited vulnerabilities. • Enforce multifactor authentication. • Secure and monitor Remote...

Five Eyes Alliance Advisory & Using Threat Intelligence

Trellix Global Defenders: Five Eyes Alliance Advisory and Using Threat Intelligence to Protect Against Future Attacks By Taylor Mullins · May 6, 2022 Evolving intelligence continues to indicate that the Russian government is exploring options to launch cyberattacks in retaliation against...

This World Password Day consider ditching passwords altogether

Did you know that May 5, 2022, is World Password Day?1 Created by cybersecurity professionals in 2013 and designated as the first Thursday every May, World Password Day is meant to foster good password habits that help keep our online lives secure. It might seem strange to have a day set aside to...

This World Password Day consider ditching passwords altogether

Did you know that May 5, 2022, is World Password Day?1 Created by cybersecurity professionals in 2013 and designated as the first Thursday every May, World Password Day is meant to foster good password habits that help keep our online lives secure. It might seem strange to have a day set aside to...

Update: Destructive Malware Targeting Organizations in Ukraine

Summary Actions to Take Today: • Set antivirus and antimalware programs to conduct regular scans. • Enable strong spam filters to prevent phishing emails from reaching end users. • Filter network traffic. • Update software. • Require multifactor authentication. Updated April 28, 2022 This advisor...

How to Strategically Scale Vendor Management and Supply Chain Security

This post is co-authored by Collin Huber Recent security events — particularly the threat actor activity from the Lapsu$ group, Spring4Shell, and various new supply-chain attacks — have the security community on high alert. Security professionals and network defenders around the world are wonderi...

Zero-Trust For All: A Practical Guide

While “zero-trust architecture” has become a buzz phrase, there’s plenty of confusion as to what it actually is. Is it a concept? A standard? A framework? An actual set of technology platforms? According to security experts, it’s best described as a fresh mindset for approaching cybersecurity...

TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies

Summary Actions to take today to mitigate cyber threats to cryptocurrency: • Patch all systems. • Prioritize patching known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Use multifactor authentication. The Federal Bureau of Investigation FBI, the...

Vulnerabilities fixed in GitLab

Vulnerabilities have been fixed in GitLab Community Edition CE and Enterprise Edition EE. The vulnerabilities allow a malicious party to conduct attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication Accessing sensitive...

A Sinister Way to Beat Multifactor Authentication Is on the Rise

Lapsus$ and the group behind the SolarWinds hack have utilized prompt bombing to defeat weaker MFA protections in recent months...

Russian threat actors leveraging misconfigured multifactor authentication to exploit PrintNightmare vulnerability

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have issued an alert for enterprises that Russian state-sponsored cyber attackers have obtained network access by exploiting...

What Generation Z can teach us about cybersecurity

Girl Security National Security Fellows Program fellow Amulya, a 17-year-old interested in countering online disinformation, said she feels her sense of personal privacy has been largely nonexistent “growing up in a media-saturated world.” She believes her sense of privacy was stolen by a...