CyberSecure Specialist

04 Dec

NCCoE 5G Cybersecurity: Connecting the Dots Between IT and Teleco Cybersecurity Capabilities in 5G Systems

Insights

5G will eventually impact every single industry—from healthcare to financial to even agriculture and transportation…and its impact is only increasing over time. Despite its benefits, it comes with privacy and security risks. An increasing number of interconnected devices increases the attack surface. In addition, there are also increased supply chain vulnerabilities and network visibility issues (companies may have issues identifying attacks since there may be a lot of new web traffic from mobile devices and/or…

Read More
02 Dec

Teaching appropriate use of AI tech – Week in security with Tony Anscombe

Information

Video Several cases of children creating indecent images of other children using AI software add to the worries about harmful uses of AI technology 01 Dec 2023 It has been reported recently that children are using artificial intelligence (AI) image generators to create indecent images of other children. The reports came amid a few publicized cases where several young people faced severe emotional distress and trauma as a result of fabricated imagery depicting them, further…

Read More
01 Dec

Executives behaving badly: 5 ways to manage the executive cyberthreat

Information

Business Security Failing to practice what you preach, especially when you are a juicy target for bad actors, creates a situation fraught with considerable risk Phil Muncaster 30 Nov 2023  •  , 5 min. read When it comes to corporate cybersecurity, leading by example matters. Yes, it’s important for every employee to play their part in a security-by-design culture. But their cues more often than not come from the top. If the board and senior…

Read More
01 Dec

CISA Removes One Known Exploited Vulnerability From Catalog

Attacks, Insights, Malware

CISA is continually collaborating with partners across government and the private sector. As a result of this collaboration, CISA has concluded that there is insufficient evidence to keep the following CVE in the catalog and has removed it: CVE-2022-28958 DIR-816L Remote Code Execution Vulnerability Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant…

Read More
01 Dec

CISA and Partners Release Joint Advisory on IRGC-Affiliated Cyber Actors Exploiting PLCs

Attacks, Insights, Malware

Today, CISA, the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Environmental Protection Agency (EPA), and the Israel National Cyber Directorate (INCD) released a joint Cybersecurity Advisory (CSA) IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors in response to the active exploitation of Unitronics programmable logic controllers (PLCs) in multiple sectors, including U.S. Water and Wastewater Systems (WWS) facilities, by Iranian Government Islamic Revolutionary Guard Corps (IRGC)-affiliated advanced persistent threat (APT) cyber actors.  IRGC-affiliated cyber…

Read More
30 Nov

Very precisely lost – GPS jamming

Information

Digital Security The technology is both widely available and well developed, hence it’s also poised to proliferate – especially in the hands of those wishing ill Cameron Camp 29 Nov 2023  •  , 2 min. read Who would be to blame if your plane got tricked into flying into a war zone? If GPS gets jammed, machines could confidently err off course into strange and dangerous locales, potentially edging up already mounting tensions in geopolitical…

Read More
30 Nov

IOTW: Ransomware gang steals 1.3TB of data from Sabre

Malware

Ransomware gang Dunghill Leak has claimed responsibility for a cyber attack against travel booking company Sabre. Dunghill claimed in a post on its dark web data leaks site that it had stolen 1.3 terabytes of data from Sabre, including corporate financial information, passenger turnover and ticket sales data and personal employee information. The ransomware gang validated its claims by sharing a portion of the stolen data, promising that the rest of the data will be…

Read More
30 Nov

Spyware is being spread via fake natural disaster alerts

Malware

Malware is being spread to Android devices via fake volcano eruption alerts, cyber security researchers have found.  Researchers at Italian cyber security company, D3Labs, published a blog about the malicious software on October 16. They discovered that malicious actors were exploiting the IT-Alert service, a new public alert system used by the Italian government to disseminate crucial information to its citizens in emergency situations, for example natural disasters.  In order to convince unsuspecting victims into…

Read More
30 Nov

Cyber security advisory warns of emerging ransomware variant Rhysida

Malware

A new cybersecurity advisory has warned of the threats posed by emerging ransomware variant Rhysida. The advisory, published jointly by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), disseminates the known indicators of compromise (IOCs) and tactics, techniques and procedures (TTPs) of the Rhysida ransomware operators. It also outlines the mitigative steps organizations should take to reduce the likelihood and impact…

Read More
30 Nov

Multiple Vulnerabilities Affecting Web-Based Court Case and Document Management Systems

Attacks, Insights, Malware

CISA has assisted a researcher with coordinating the disclosure of multiple researcher-discovered vulnerabilities affecting web-based case and document management systems used by multiple state, county, and municipal courts. Affected systems include products from Tyler Technologies and Catalis and custom software used by specific counties in Florida. In summary, the vulnerabilities allow an unauthenticated, remote attacker to access sensitive documents by manipulating identifiers and file names in URLs. CISA understands that some of the vulnerabilities may…

Read More