Lucene search
K

9 matches found

CISA
CISA
added 2025/09/23 12:0 p.m.13 views

Widespread Supply Chain Compromise Impacting npm Ecosystem

CISA is releasing this Alert to provide guidance in response to a widespread software supply chain compromise involving the world’s largest JavaScript registry, npmjs.com. A self-replicating worm—publicly known as “Shai-Hulud”—has compromised over 500 packages.i After gaining initial access, the...

6.9AI score
Exploits0References14
The Hacker News
The Hacker News
added 2024/10/24 11:0 a.m.25 views

Why Phishing-Resistant MFA Is No Longer Optional: The Hidden Risks of Legacy MFA

Sometimes, it turns out that the answers we struggled so hard to find were sitting right in front of us for so long that we somehow overlooked them. When the Department of Homeland Security, through the Cybersecurity and Infrastructure Security Agency CISA, in coordination with the FBI, issues a...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/18 11:0 a.m.45 views

U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long Campaign

Cybersecurity and intelligence agencies from Australia, Canada, and the U.S. have warned about a year-long campaign undertaken by Iranian cyber actors to infiltrate critical infrastructure organizations via brute-force attacks. "Since October 2023, Iranian actors have used brute force and passwor...

10CVSS7.2AI score0.99512EPSS
Exploits75
ICS
ICS
added 2024/08/29 12:0 p.m.57 views

#StopRansomware: RansomHub Ransomware

Actions to take today to mitigate cyber threats from ransomware: 1. Install updates for operating systems, software, and firmware as soon as they are released. 2. Require phishing-resistant MFA i.e., non-SMS text based for as many services as possible. 3. Train users to recognize and report...

10CVSS8.3AI score0.99654EPSS
Exploits253References114
ICS
ICS
added 2024/05/10 12:0 p.m.52 views

#StopRansomware: Black Basta

Actions for critical infrastructure organizations to take today to mitigate cyber threats from ransomware: 1. Install updates for operating systems, software, and firmware as soon as they are released. 2. Require phishing-resistant MFA for as many services as possible. 3. Train users to recognize...

10CVSS8AI score0.99959EPSS
Exploits129References80
ICS
ICS
added 2023/12/15 12:0 p.m.69 views

Enhancing Cyber Resilience: Insights from the CISA Healthcare and Public Health Sector Risk and Vulnerability Assessment

Actions to take today to harden your internal environment to mitigate follow-on activity after initial access. 1. Use phishing-resistant multi-factor authentication MFA for all administrative access. 2. Verify the implementation of appropriate hardening measures, and change, remove, or deactivate...

10CVSS9.7AI score0.99999EPSS
Exploits177References133
ICS
ICS
added 2023/09/20 12:0 p.m.23 views

#StopRansomware: Snatch Ransomware

Actions to take today to mitigate malicious cyber activity: 1. Secure and closely monitor Remote Desktop Protocol RDP. 2. Maintain offline backups of data. 3. Enable and enforce phishing-resistant multifactor authentication MFA...

9.5AI score
Exploits0References78
Malwarebytes
Malwarebytes
added 2023/05/24 5:0 a.m.16 views

CISA updates ransomware guidance

The Cybersecurity and Infrastructure Security Agency CISA has updated its StopRansomware guide to account for the fact that ransomware actors have accelerated their tactics and techniques since the original guide was released in September of 2020. The StopRansomware guide is set up as a one-stop...

7.5AI score
Exploits0
Talos Blog
Talos Blog
added 2023/02/23 7:0 p.m.47 views

Threat Source newsletter (Feb. 23, 2023) — Social media sites are making extra security a paid feature

Welcome to this weeks edition of the Threat Source newsletter. Social medias latest business plan seems to be charging for security. Twitter recently announced a plan to make SMS-based two-factor authentication a paid service as part of Twitter Blue -- asking users to pay either $8 or $11 monthly...

8.3AI score0.99999EPSS
Exploits12
Rows per page
Query Builder