Insights

12 Dec

CISA Releases SCuBA Google Workspace Secure Configuration Baselines for Public Comment

Attacks, Insights, Malware

Today, CISA released the draft Secure Cloud Business Applications (SCuBA) Google Workspace (GWS) Secure Configuration Baselines and the associated assessment tool ScubaGoggles for public comment. The draft baselines offer minimum viable security configurations for nine GWS services: Groups for Business, Google Calendar, Google Common Controls, Google Classroom, Google Meet, Gmail, Google Chat, Google Drive and Docs, and Google Sites. The ScubaGoggles tool assesses GWS tenants’ compliance against the baselines.    Federal agencies and other organizations are invited…

Read More
12 Dec

A Note on progress…NIST’s Digital Identity Guidelines.

Insights

In August 2023 the Digital Identity Guidelines team hosted a two-day workshop to provide a public update on the status of revision 4. As part of that session, we committed to providing further information on the status of each volume going forward. In fulfillment of this commitment, we wanted to offer a quick update on where we stand. Our goal remains to have the next version of each volume out by the Spring of 2024.…

Read More
08 Dec

Atlassian Releases Security Advisories for Multiple Products

Attacks, Insights, Malware

Atlassian has released security updates to address vulnerabilities affecting multiple Atlassian products. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary updates or mitigations. CVE-2023-22522 – RCE Vulnerability In Confluence Data Center and Confluence Server CVE-2023-22524 – RCE Vulnerability in Atlassian Companion App for MacOS CVE-2023-22523 – RCE Vulnerability in Assets Discovery CVE-2022-1471 –…

Read More
07 Dec

The UK-US Blog Series on Privacy-Preserving Federated Learning: Introduction

Insights

This post is the first in a series on privacy-preserving federated learning.The series is a collaboration between CDEI and NIST. Advances in machine learning and AI, fueled by large-scale data availability and high-performance computing, have had a significant impact across the world in the past two decades. Machine learning techniques shape what information we see online, influence critical business decisions, and aid scientific discovery, which is driving advances in healthcare, climate modelling, and more. Training…

Read More
07 Dec

CISA and International Partners Release Advisory on Russia-based Threat Actor Group, Star Blizzard

Attacks, Insights, Malware

Today, the Cybersecurity and Infrastructure Security Agency (CISA)—in coordination with the United Kingdom’s National Cyber Security Centre (UK-NCSC), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), Canadian Centre for Cyber Security (CCCS), New Zealand National Cyber Security Centre (NCSC-NZ), and the U.S. National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Cyber Command Cyber National Mission Force (CNMF)—released a joint Cybersecurity Advisory (CSA) Russian FSB Cyber Actor Star Blizzard Continues Worldwide Spear-phishing Campaigns.…

Read More
06 Dec

ICANN Launches Service to Help With WHOIS Lookups

Information, Insights

More than five years after domain name registrars started redacting personal data from all public domain registration records, the non-profit organization overseeing the domain industry has introduced a centralized online service designed to make it easier for researchers, law enforcement and others to request the information directly from registrars. In May 2018, the Internet Corporation for Assigned Names and Numbers (ICANN) — the nonprofit entity that manages the global domain name system — instructed all…

Read More
06 Dec

CISA Releases Joint Guide for Software Manufacturers: The Case for Memory Safe Roadmaps

Attacks, Insights, Malware

Today, as part of the Secure by Design campaign, CISA published The Case for Memory Safe Roadmaps: Why Both C-Suite Executives and Technical Experts Need to Take Memory Safe Coding Seriously in collaboration with the following partners: United States National Security Agency United States Federal Bureau of Investigation Australian Signals Directorate’s Australian Cyber Security Centre Canadian Centre for Cyber Security United Kingdom National Cyber Security Centre New Zealand National Cyber Security Centre Computer Emergency Response…

Read More
05 Dec

CISA Releases Advisory on Threat Actors Exploiting CVE-2023-26360 Vulnerability in Adobe ColdFusion

Attacks, Insights, Malware

Today, CISA released a Cybersecurity Advisory (CSA), Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers, to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs). The vulnerability in ColdFusion (CVE-2023-26360) presents as an improper access control issue and exploitation of this CVE can result in arbitrary code execution. CISA encourages network defenders and critical infrastructure organizations to review the CSA to improve their cybersecurity posture and protect against…

Read More
04 Dec

NCCoE 5G Cybersecurity: Connecting the Dots Between IT and Teleco Cybersecurity Capabilities in 5G Systems

Insights

5G will eventually impact every single industry—from healthcare to financial to even agriculture and transportation…and its impact is only increasing over time. Despite its benefits, it comes with privacy and security risks. An increasing number of interconnected devices increases the attack surface. In addition, there are also increased supply chain vulnerabilities and network visibility issues (companies may have issues identifying attacks since there may be a lot of new web traffic from mobile devices and/or…

Read More