Johnson Controls Inc. iSTAR Configuration Utility (ICU) tool

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a failure within the operating system of the machine hosting the ICU tool. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

Nearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scan Campaign

Cybersecurity researchers are warning of a spike in suspicious login scanning activity targeting Palo Alto Networks PAN-OS GlobalProtect gateways, with nearly 24,000 unique IP addresses attempting to access these portals. "This pattern suggests a coordinated effort to probe network defenses and...

Immediate Steps to Strengthen Critical Infrastructure against Potential Cyberattacks

In light of persistent and ongoing cyber threats, CISA urges critical infrastructure owners and operators to take immediate steps to strengthen their computer network defenses against potential cyberattacks. CISA has released CISA Insights: Preparing For and Mitigating Potential Cyber Threats to...

Cybercriminals Abusing Internet-Sharing Services to Monetize Malware Campaigns

Threat actors are capitalizing on the growing popularity of proxyware platforms like Honeygain and Nanowire to monetize their own malware campaigns, once again illustrating how attackers are quick to repurpose and weaponize legitimate platforms to their advantage. "Malware is currently leveraging...

Zero-Trust Frameworks: Securing the Digital Transformation

Given the ongoing, rapid rise in digital transformation, the “zero-trust” concept is fast gaining traction as the go-to strategy for securing modern business networks. Zero trust refers to the notion of shifting access controls from the perimeter to the individual users and their devices. Thus,...

Interview with CTO Michael Viscuso – Ransomware: The Problem That Won’t Go Away

Editor's Note: This article originally appeared on BankInfoSecurity.com Click here to listen to the full podcast Dealing with ransomware is a lot like dealing with mosquitos: The best approach is to anticipate getting bit and take steps to try to fend off attacks. But the growth of ransomware int...

Malware That Can’t Clean Its Tracks: CCleaner and Ongoing Supply-Chain Attacks

A new malware compromise identified this week was using malware officially signed and provided by its software manufacturer for public download by millions of people. It’s a move that started the week for many organizations in a state of worry. This week, the Cisco Talos research team disclosed...

Common Security Mistakes Can Lead to Major Compromises

SAN FRANCISCO–Security is hard and getting it right all the time is nearly impossible. But many of the mistakes that people make are simple, avoidable ones that can lead to serious intrusions and major network compromises. “Maintaining network defenses by hand is difficult,” Mike Lloyd, chief...