CyberSecure Specialist

01 May

CISA Urges Organizations to Incorporate the FCC Covered List Into Risk Management Plans

Attacks, Insights, Malware

The Federal Communications Commission (FCC) maintains a Covered List of communications equipment and services that have been determined by the U.S. government to pose an unacceptable risk to the national security of the United States or the security and safety of United States persons to national security pursuant to the Secure and Trusted Communications Networks Act of 2019. As the 6th annual National Supply Chain Integrity Month concludes, CISA reminds all critical infrastructure owners and operators…

Read More
28 Apr

IOTW: American Bar Association accused of data breach affecting 1.4 million peop…

Attacks, Data Breaches

In a class action lawsuit, the American Bar Association (ABA) has been accused of “grossly fail[ing] to comply with security standards” and causing a data breach that affected approximately 1.5 million people. The data breach, which occurred in March 2023, saw a malicious actor gain access to the ABA’s systems and steal the data of approximately 1.4 million members. The data stolen included personal information such as name, phone number, address and email address. The…

Read More
28 Apr

CISA Requests for Comment on Secure Software Self-Attestation Form

Attacks, Insights, Malware

CISA has issued requests for comment on the Secure Software Self-Attestation Form. CISA, in coordination with the Office of Budget and Management (OMB), released proposed guidance on secure software. This guidance seeks to secure software leveraged by the federal government. CISA expects agencies to use this proposed form to reduce the risk to the federal environment, thereby implementing a standardized process for agencies and software producers that will create transparency on the security of software…

Read More
27 Apr

Many Public Salesforce Sites are Leaking Private Data

Information, Insights

A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. The data exposures all stem from a misconfiguration in Salesforce Community that allows an unauthenticated user to access records that should only be available after logging in. A researcher found DC Health had five Salesforce Community sites exposing data. Salesforce Community is a widely-used cloud-based software product that…

Read More
27 Apr

CISA Releases One Industrial Control Systems Medical Advisory

Attacks, Insights, Malware

CISA released one Industrial Control Systems Medical (ICS) medical advisory on April 27, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS medical advisory for technical details and mitigations: ICSMA-23-117-01 Illumina Universal Copy Service

Read More
25 Apr

Abuse of the Service Location Protocol May Lead to DoS Attacks

Attacks, Insights, Malware

The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated remote attacker to register arbitrary services. This could allow an attacker to use spoofed UDP traffic to conduct a denial-of-service (DoS) attack with a significant amplification factor. Researchers from Bitsight and Curesec have discovered a way to abuse SLP—identified as CVE-2023-29552—to conduct high amplification factor DoS attacks using spoofed source addresses. As noted by Bitsight, many SLP services visible on the internet appear to be…

Read More
21 Apr

VMware Releases Security Update for Aria Operations for Logs

Attacks, Insights, Malware

VMware has released a security update to address multiple vulnerabilities in Aria Operations for Logs (formerly vRealize Log Insight). A cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2023-0007 and apply the necessary updates.

Read More
20 Apr

3CX Breach Was a Double Supply Chain Compromise

Information, Insights

We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX. The lengthy, complex intrusion has all the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accounts on LinkedIn to lure people into opening malware disguised as a job offer; malware targeting Mac and Linux users working at defense and cryptocurrency firms; and software supply-chain attacks nested within earlier supply chain attacks. Researchers…

Read More
20 Apr

Small Business is a Big Priority: NIST Expands Outreach to the Small Business Community

Insights

Screenshot from our Small Business Cybersecurity Corner website, www.nist.gov/itl/smallbusinesscyber Did you know that 99.9% of businesses in America are small businesses?[1] Small businesses are a major source of innovation for our country—but they’re often faced with limited resources and budgets. Many of them need cybersecurity solutions, guidance, and training so they can cost-effectively address and manage their cybersecurity risks. Hmmm…where can you find guidance like this all in one place? Voila! The Small Business Cybersecurity…

Read More
20 Apr

Hundreds of members of congress affected by data breach

Attacks, Data Breaches

DC Health Link, the provider of health insurance for those in the United States (US) Government, has suffered a data breach that affects over 50,000 people.  The breach, which took place on March 6, saw an unauthorized party gain access to the data of 56,415 current and past customers of DC Health Link, including 585 staff members and 17 members of the US Congress.  In a message sent to employees on March 8, the US…

Read More