Lucene search
K

26 matches found

The Hacker News
The Hacker News
added 2025/06/30 4:29 p.m.6 views

U.S. Agencies Warn of Rising Iranian Cyber Attacks on Defense, OT Networks, and Critical Infrastructure

U.S. cybersecurity and intelligence agencies have issued a joint advisory warning of potential cyber attacks from Iranian state-sponsored or affiliated threat actors. "Over the past several months, there has been increasing activity from hacktivists and Iranian government-affiliated actors, which...

8.1AI score
Exploits0
CISA
CISA
added 2025/05/22 12:0 p.m.5 views

New Best Practices Guide for Securing AI Data Released

Today, CISA, the National Security Agency, the Federal Bureau of Investigation, and international partners released a joint Cybersecurity Information Sheet on AI Data Security: Best Practices for Securing Data Used to Train & Operate AI Systems. This information sheet highlights the critical role...

7.1AI score
Exploits0References2
The Hacker News
The Hacker News
added 2023/12/22 5:34 a.m.75 views

Microsoft Warns of New 'FalseFont' Backdoor Targeting the Defense Sector

Organizations in the Defense Industrial Base DIB sector are in the crosshairs of an Iranian threat actor as part of a campaign designed to deliver a never-before-seen backdoor called FalseFont. The findings come from Microsoft, which is tracking the activity under its weather-themed moniker Peach...

9.8CVSS9.6AI score0.96515EPSS
Exploits17
ICS
ICS
added 2023/12/07 12:0 p.m.35 views

Russian FSB Cyber Actor Star Blizzard Continues Worldwide Spear-phishing Campaigns

The Russia-based actor is targeting organizations and individuals in the UK and other geographical areas of interest. OVERVIEW The Russia-based actor Star Blizzard formerly known as SEABORGIUM, also known as Callisto Group/TA446/COLDRIVER/TAG-53/BlueCharlie continues to successfully use...

9.1AI score
Exploits0References55
Schneier on Security
Schneier on Security
added 2023/10/02 4:40 p.m.43 views

NSA AI Security Center

The NSA is starting a new artificial intelligence security center: The AI security centers establishment follows an NSA study that identified securing AI models from theft and sabotage as a major national security challenge, especially as generative AI technologies emerge with immense...

6.9AI score
Exploits0
CISA
CISA
added 2023/09/12 12:0 p.m.6 views

NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats

Today, the National Security Agency NSA, the Federal Bureau of Investigation FBI, and the Cybersecurity and Infrastructure Security Agency CISA released a Cybersecurity Information Sheet CSI, Contextualizing Deepfake Threats to Organizations, which provides an overview of synthetic media threats,...

7AI score
Exploits0References2
Microsoft Secure
Microsoft Secure
added 2023/07/24 5:0 p.m.28 views

New Microsoft identity and data security capabilities to accelerate CMMC compliance for the Defense Industrial Base

As Department of Defense DoD Chief Information Officer Hon. John Sherman said recently, Cybersecurity Maturity Model Certification CMMC is necessary to ensure that the United States raises the bar for protecting sensitive information.1 The DoD is leading by example towards this goal by implementi...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/10 11:52 a.m.5 views

North Korean Hackers Targeting Healthcare with Ransomware to Fund its Operations

State-backed hackers from North Korea are conducting ransomware attacks against healthcare and critical infrastructure facilities to fund illicit activities, U.S. and South Korean cybersecurity and intelligence agencies warned in a joint advisory. The attacks, which demand cryptocurrency ransoms ...

9.8CVSS9AI score0.99912EPSS
Exploits16
Malwarebytes
Malwarebytes
added 2022/10/13 4:15 p.m.170 views

Chinese APT's favorite vulnerabilities revealed

In a joint cybersecurity advisory, the National Security Agency NSA, the Cybersecurity and Infrastructure Security Agency CISA, and the Federal Bureau of Investigation FBI have revealed the top CVEs used by state-sponsored threat actors from China. The advisory aims to "inform federal and state,...

10CVSS3.4AI score0.99999EPSS
Exploits962
Qualys Blog
Qualys Blog
added 2022/10/07 8:3 p.m.169 views

NSA Alert: Topmost CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors

On October 6, 2022, the United States National Security Agency NSA released a cybersecurity advisory on the Chinese government—officially known as the People’s Republic of China PRC states-sponsored cyber actors activity to seek national interests. These malicious cyber activities attributed to t...

10CVSS1AI score0.99999EPSS
Exploits962
ICS
ICS
added 2022/10/06 12:0 p.m.179 views

Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors

Summary This joint Cybersecurity Advisory CSA provides the top Common Vulnerabilities and Exposures CVEs used since 2020 by People’s Republic of China PRC state-sponsored cyber actors as assessed by the National Security Agency NSA, Cybersecurity and Infrastructure Security Agency CISA, and Feder...

10CVSS10AI score0.99999EPSS
Exploits990References46
The Hacker News
The Hacker News
added 2022/10/05 8:12 a.m.44 views

FBI, CISA, and NSA Reveal How Hackers Targeted a Defense Industrial Base Organization

U.S. cybersecurity and intelligence agencies on Tuesday disclosed that multiple nation-state hacking groups potentially targeted a "Defense Industrial Base DIB Sector organization's enterprise network" as part of a cyber espionage campaign. "Advanced persistent threat actors used an open-source...

0.4AI score
Exploits0
CISA
CISA
added 2022/10/04 12:0 a.m.14 views

Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization

CISA, the Federal Bureau of Investigation FBI, and the National Security Agency NSA have released a joint Cybersecurity Advisory CSA, Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization, highlighting advanced persistent threat APT activity...

1.6AI score
Exploits0References2
The Coalfire Blog
The Coalfire Blog
added 2021/11/23 6:6 p.m.14 views

CMMC 2.0 – what, how, and why act now?

With the recent streamlining of the Cybersecurity Maturity Model Certification CMMC framework, the path to assure Defense Industrial Base DIB cybersecurity has changed dramatically from what was originally planned. Theres a lot to learn about CMMC 2.0, but the objective remains the same: protect...

6.7AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/11/09 12:24 a.m.357 views

Threat actor DEV-0322 exploiting ZOHO ManageEngine ADSelfService Plus

Microsoft has detected exploits being used to compromise systems running the ZOHO ManageEngine ADSelfService Plus software versions vulnerable to CVE-2021-40539 in a targeted campaign. Microsoft Threat Intelligence Center MSTIC attributes this campaign with high confidence to DEV-0322, a group...

7.5CVSS10AI score0.9896EPSS
Exploits8
CISA
CISA
added 2021/10/08 12:0 a.m.20 views

NSA Releases Guidance on Avoiding the Dangers of Wildcard TLS Certificates and ALPACA Techniques

The National Security Agency NSA has released a Cybersecurity Information CSI sheet with guidance to help secure the Department of Defense, National Security Systems, and Defense Industrial Base organizations from poorly implemented wildcard Transport Layer Security TLS certificates and the...

6.7AI score
Exploits0References1
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/08/30 4:0 p.m.20 views

How to prepare for CMMC compliance as a defense industrial base supplier using the Microsoft cloud

In 2020, the US Department of Defense DoD began the phased rollout of a new framework for protecting their supply chain, known as the defense industrial base DIB. This new Cybersecurity Maturity Model Certification1 CMMC system requires regular audits that will bolster the security of the DIB,...

0.1AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2021/08/30 4:0 p.m.22 views

How to prepare for CMMC compliance as a defense industrial base supplier using the Microsoft cloud

In 2020, the US Department of Defense DoD began the phased rollout of a new framework for protecting their supply chain, known as the defense industrial base DIB. This new Cybersecurity Maturity Model Certification1 CMMC system requires regular audits that will bolster the security of the DIB,...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/14 3:41 a.m.104 views

Chinese Hackers Exploited Latest SolarWinds 0-Day in Targeted Attacks

Microsoft on Tuesday disclosed that the latest string of attacks targeting SolarWinds Serv-U managed file transfer service with a now-patched remote code execution RCE exploit is the handiwork of a Chinese threat actor dubbed "DEV-0322." The revelation comes days after the Texas-based IT monitori...

10CVSS1.9AI score0.9116EPSS
Exploits2
The Coalfire Blog
The Coalfire Blog
added 2019/10/03 10:19 p.m.54 views

What Is the DoD’s New Cybersecurity Maturity Model Certification, and What Does It Mean for Defense Contractors?

Citing the threat of compromise of Controlled Unclassified Information CUI within the defense industrial base DIB, along with the high cost of cyber breaches in general, the Office of the Assistant Secretary of Defense for Acquisition has initiated a program for rating the cybersecurity maturity ...

2.6AI score
Exploits0
Rows per page
Query Builder