Insights

28 Aug

CISA and Partners Release Advisory on Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations

Today, CISA—in partnership with the Federal Bureau of Investigation (FBI) and the Department of Defense Cyber Crime Center (DC3)—released Iran-based Cyber Actors Enabling Ransomware Attacks on U.S. Organizations. This joint advisory warns of cyber actors, known in the private sector as Pioneer Kitten, UNC757, Parisite, Rubidium, and Lemon Sandstorm, targeting and exploiting U.S. and foreign organizations across multiple sectors in the U.S. FBI investigations conducted as recently as August 2024 assess that cyber actors like…

27 Aug

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Information, Insights

Malicious hackers are exploiting a zero-day vulnerability in Versa Director, a software product used by many Internet and IT service providers. Researchers believe the activity is linked to Volt Typhoon, a Chinese cyber espionage group focused on infiltrating critical U.S. networks and laying the groundwork for the ability to disrupt communications between the United States and Asia during any future armed conflict with China. Image: Shutterstock.com Versa Director systems are primarily used by Internet service…

27 Aug

Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-39717

Attacks, Insights, Malware

Versa Networks has released an advisory for a vulnerability (CVE-2024-39717) in Versa Director, a key component in managing SD-WAN networks, used by some Internet Service Providers (ISPs) and Managed Service Providers (MSPs). A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA urges organizations to apply necessary updates, hunt for any malicious activity, report any positive findings to CISA, and review the following for more information: Versa Security Bulletin:…

23 Aug

Local Networks Go Global When Domain Names Collide

Information, Insights

The proliferation of new top-level domains (TLDs) has exacerbated a well-known security weakness: Many organizations set up their internal Microsoft authentication systems years ago using domain names in TLDs that didn’t exist at the time. Meaning, they are continuously sending their Windows usernames and passwords to domain names they do not control and which are freely available for anyone to register. Here’s a look at one security researcher’s efforts to map and shrink the size…

23 Aug

CISA Adds One Known Exploited Vulnerability to Catalog for Versa Networks Director

Attacks, Insights, Malware

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-39717 Versa Director Dangerous File Type Upload Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that…

21 Aug

ASD’s ACSC, CISA, FBI, and NSA, with the support of International Partners Release Best Practices for Event Logging and Threat Detection

Attacks, Insights, Malware

Today, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), CISA, FBI, NSA, and international partners are releasing Best Practices for Event Logging and Threat Detection. This guide will assist organizations in defining a baseline for event logging to mitigate malicious cyber threats. The increased prevalence of malicious actors employing living off the land (LOTL) techniques, such as living off the land binaries (LOLBins) and fileless malware, highlights the importance of implementing and maintaining…

20 Aug

Implementation Challenges in Privacy-Preserving Federated Learning

Insights

In this post, we talk with Dr. Xiaowei Huang and Dr. Yi Dong (University of Liverpool), Dr. Mat Weldon (United Kingdom (UK) Office of National Statistics (ONS)), and Dr. Michael Fenton (Trūata) who were winners in the UK-US Privacy-Enhancing Technologies (PETs) Prize Challenges. We discuss implementation challenges of privacy-preserving federated learning (PPFL) – specifically, the areas of threat modeling and real world deployments. Threat Modeling In research on privacy-preserving federated learning (PPFL), the protections of…

19 Aug

National Public Data Published Its Own Passwords

Data Breaches, Information, Insights

New details are emerging about a breach at National Public Data (NPD), a consumer data broker that recently spilled hundreds of millions of Americans’ Social Security Numbers, addresses, and phone numbers online. KrebsOnSecurity has learned that another NPD data broker which shares access to the same consumer records inadvertently published the passwords to its back-end database in a file that was freely available from its homepage until today. In April, a cybercriminal named USDoD began…

15 Aug

NationalPublicData.com Hack Exposes a Nation’s Data

Data Breaches, Information, Insights

A great many readers this month reported receiving alerts that their Social Security Number, name, address and other personal information were exposed in a breach at a little-known but aptly-named consumer data broker called NationalPublicData.com. This post examines what we know about a breach that has exposed hundreds of millions of consumer records. We’ll also take a closer look at the data broker that got hacked — a background check company founded by an actor…

15 Aug

CISA Releases Eleven Industrial Control Systems Advisories

Attacks, Insights, Malware

CISA released eleven Industrial Control Systems (ICS) advisories on August 15, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-228-01 Siemens SCALANCE M-800, RUGGEDCOM RM1224 ICSA-24-228-02 Siemens INTRALOG WMS ICSA-24-228-03 Siemens Teamcenter Visualization and JT2Go ICSA-24-228-04 Siemens SINEC Traffic Analyzer ICSA-24-228-05 Siemens LOGO! V8.3 BM Devices ICSA-24-228-06 Siemens SINEC NMS ICSA-24-228-07 Siemens Location Intelligence ICSA-24-228-08 Siemens COMOS ICSA-24-228-09 Siemens NX ICSA-24-228-10 AVEVA Historian Web Server ICSA-24-228-11 PTC Kepware…

CISA and Partners Release Advisory on Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-39717

Local Networks Go Global When Domain Names Collide

CISA Adds One Known Exploited Vulnerability to Catalog for Versa Networks Director

ASD’s ACSC, CISA, FBI, and NSA, with the support of International Partners Release Best Practices for Event Logging and Threat Detection

Implementation Challenges in Privacy-Preserving Federated Learning

National Public Data Published Its Own Passwords

NationalPublicData.com Hack Exposes a Nation’s Data

CISA Releases Eleven Industrial Control Systems Advisories

Search

The 6 Stages of a Vulnerability Management Process

Get Cybersecurity Alerts

Read More

Categories

Site Navigation

Resources