Lucene search
K

219 matches found

ThreatPost
ThreatPost
added 2021/08/05 9:54 p.m.91 views

Auditors: Feds’ Cybersecurity Gets the Dunce Cap

Out of eight U.S. federal agencies identified two years ago with critical cybersecurity failures, seven still don’t meet basic standards, a new audit report found. The Federal government’s overall posture was given just a C-. Audited agencies included the Departments of State, Homeland Security,...

7.1AI score
Exploits0References10
Malwarebytes
Malwarebytes
added 2021/04/30 12:5 p.m.247 views

IoT riddled with BadAlloc vulnerabilities

The Cybersecurity and Infrastructure Security Agency CISA has published advisory ICSA-21-119-04 about vulnerabilities found in multiple real-time operating systems RTOS and supporting libraries. Those operating systems and libraries are widely used in smart, Internet-connected "things". The numbe...

0.6AI score
Exploits0
ThreatPost
ThreatPost
added 2021/04/30 11:49 a.m.105 views

Microsoft Warns of 25 Critical Vulnerabilities in IoT, Industrial Devices

Security researchers at Microsoft are warning the industry about 25 as-yet undocumented critical memory-allocation vulnerabilities across a number of vendors’ IoT and industrial devices that threat actors could exploit to execute malicious code across a network or cause an entire system to crash...

0.5AI score0.01326EPSS
Exploits0References7
ICS
ICS
added 2021/04/26 12:0 p.m.68 views

Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders

Summary The Federal Bureau of Investigation FBI, Department of Homeland Security DHS, and Cybersecurity and Infrastructure Security Agency CISA assess Russian Foreign Intelligence Service SVR cyber actors—also known as Advanced Persistent Threat 29 APT 29, the Dukes, CozyBear, and Yttrium—will...

9.8CVSS10AI score0.99999EPSS
Exploits48References26
CISA
CISA
added 2021/04/26 12:0 a.m.23 views

FBI-DHS-CISA Joint Advisory on Russian Foreign Intelligence Service Cyber Operations

The Federal Bureau of Investigation FBI, Department of Homeland Security, and CISA have released a Joint Cybersecurity Advisory CSA addressing Russian Foreign Intelligence Service SVR cyber actors—also known as Advanced Persistent Threat 29 APT 29, the Dukes, CozyBear, and Yttrium—continued...

6.6AI score
Exploits0References6
CISA
CISA
added 2021/01/07 12:0 a.m.29 views

Google Releases Security Updates for Chrome

Google has released Chrome version 87.0.4280.141 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release and apply the necessary updates. This...

7AI score
Exploits0References1
Malwarebytes
Malwarebytes
added 2021/01/04 3:52 p.m.37 views

A week in security (December 28 – January 3)

First off we would like to wish all our readers a happy and secure 2021! Last week on Malwarebytes Labs we presented an overview of developments in the SearchDimension hijackers, we looked at the most enticing cyberattacks of 2020, and we also looked back at the strangest cybersecurity events of...

0.7AI score
Exploits0
ThreatPost
ThreatPost
added 2020/10/30 11:41 a.m.134 views

Microsoft Warns Threat Actors Continue to Exploit Zerologon Bug

Threat attackers continue to exploit the Microsoft Zerologon vulnerability, a situation that’s been a persistent worry to both the company and the U.S. government over the last few months. Both on Thursday renewed their pleas to businesses and end users to update Windows systems with a patch...

9.3CVSS8.4AI score0.99512EPSS
Exploits75References15
Krebs on Security
Krebs on Security
added 2020/10/29 12:43 a.m.36 views

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

On Monday, Oct. 26, KrebsOnSecurity began following up on a tip from a reliable source that an aggressive Russian cybercriminal gang known for deploying ransomware was preparing to disrupt information technology systems at hundreds of hospitals, clinics and medical care facilities across the Unit...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2020/09/21 7:29 p.m.200 views

DHS Issues Dire Patch Warning for ‘Zerologon’

Federal agencies that haven’t patched their Windows Servers against the ‘Zerologon’ vulnerability by Monday Sept. 21 at 11:59 pm EDT are in violation of a rare emergency directive issued by the Secretary of Homeland Security. With only hours until the deadline for the directive, issued on Friday,...

9.3CVSS1.6AI score0.99512EPSS
Exploits75References11
Wired Threat Level
Wired Threat Level
added 2020/09/10 2:22 a.m.33 views

A DHS Official Says He Was Punished for Not Pushing Trump's Agenda

Brian Murphy says he was pressured to alter reports on Russia and white supremacy—and that he was fired for refusing to budge...

1.3AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2020/09/03 4:4 p.m.11 views

The Trump Administration Continues to Erode Election Security

The DHS, the DOJ, and the Office of the Director of National Intelligence have all had recent controversies that bode poorly for electoral integrity...

3.5AI score
Exploits0
GithubExploit
GithubExploit
added 2020/07/21 1:22 a.m.180 views

Exploit for Missing Authentication for Critical Function in Sap Netweaver_Application_Server_Java

Vulnerability Assessment and Indicator of Compromise IoC Sca...

10CVSS9.6AI score0.94719EPSS
Exploits6
ThreatPost
ThreatPost
added 2020/07/17 3:43 p.m.319 views

CISA Emergency Directive Orders Immediate Fix of Windows DNS Server Bug

The U.S. Cybersecurity and Infrastructure Security Agency CISA is ordering all federal executive branch offices to apply a patch for a wormable Windows Server bug within 24 hours, warning of a “high potential for compromise of agency information systems.” In an Emergency Directive, the Department...

10CVSS1.9AI score0.92178EPSS
Exploits22References9
Wired Threat Level
Wired Threat Level
added 2020/05/24 2:0 p.m.53 views

The DHS Prepares for Attacks Fueled by 5G Conspiracy Theories

The claim that 5G can spread the coronavirus has led to dozens of cell-tower burnings in Europe. Now, the US telecom industry is on alert as well...

2.2AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2020/05/14 9:57 p.m.32 views

The US Says Chinese Hackers Went Too Far During the Covid-19 Crisis

The FBI and DHS say that Beijing's hacking “jeopardizes” the delivery of much-needed Covid-19 treatment options...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2020/04/17 8:56 p.m.196922 views

DHS Urges Pulse Secure VPN Users To Update Passwords

The Department of Homeland Security DHS is urging companies that use Pulse Secure VPNs to change their passwords for Active Directory accounts, after several cyberattacks targeted companies who had previously patched a related flaw in the VPN. DHS warns that the Pulse Secure VPN patches may have...

7.5CVSS9.2AI score0.99999EPSS
Exploits23References14
ThreatPost
ThreatPost
added 2020/03/13 3:19 p.m.15 views

ACLU Sues Over U.S. Airport Facial-Recognition Technology

The American Civil Liberties Union ACLU has filed suit the Department of Homeland Security DHS over its use of facial recognition technology in airports, decrying the government’s “extraordinarily dangerous path” to normalize facial surveillance as well as its secrecy in making specific details o...

0.2AI score
Exploits0References12
Krebs on Security
Krebs on Security
added 2020/02/24 5:13 p.m.67 views

Zyxel Fixes 0day in Network Storage Devices

Patch comes amid active exploitation by ransomware gangs Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage NAS devices that can be used to remotely commandeer them. The patch comes 12 days after KrebsOnSecurity alerted the...

10CVSS9.8AI score0.99988EPSS
Exploits2
Talos Blog
Talos Blog
added 2020/01/10 7:13 a.m.123 views

Threat Source newsletter (Jan. 9, 2019)

Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. We’re back after a long break for the holidays. And 2020 is already off to a fast start as tensions continue to rise in the Middle East...

10CVSS0.92835EPSS
Exploits24
Rows per page
Query Builder