Continuous Monitoring and Protection
Oracle has released its Critical Patch Update Advisory for October 2023 to address 387 vulnerabilities across multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Oracle Critical Patch Update Advisory – October 2023 and apply the necessary updates.
Read MoreToday, the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released an updated version of the joint #StopRansomware Guide. The update includes new prevention tips such as hardening SMB protocols, revised response steps, and added threat hunting insights. Developed through the U.S. Joint Ransomware Task Force (JRTF), #StopRansomware Guide is designed to be a one-stop resource to…
Read MoreOne of the oldest malware tricks in the book — hacked websites claiming visitors need to update their Web browser before they can view any content — has roared back to life in the past few months. New research shows the attackers behind one such scheme have developed an ingenious way of keeping their malware from being taken down by security experts or law enforcement: By hosting the malicious files on a decentralized, anonymous cryptocurrency…
Read MoreToday, the Cybersecurity Infrastructure and Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint guide, Phishing Guidance: Stopping the Attack Cycle at Phase One. The joint guide outlines phishing techniques malicious actors commonly use and provides guidance for both network defenders and software manufacturers to reduce the impact of phishing techniques used in obtaining credentials and deploying malware.…
Read MoreCredit: NIST It’s week three in our Cybersecurity Awareness Month blog series! This week, we interviewed NIST’s Michael Ogata (Computer Scientist) and Paul Watrobski (IT Security Specialist) about the importance of updating software. This week’s Cybersecurity Awareness Month theme is ‘updating software.’ How does your work/specialty area at NIST tie into this behavior? NIST’s Applied Cybersecurity Division’s core mission is to explore, measure, and evaluate both the cybersecurity guidance NIST provides as well as industry…
Read MoreAmir Golestan, the 40-year-old CEO of the Charleston, S.C. based technology company Micfo LLC, has been sentenced to five years in prison for wire fraud. Golestan’s sentencing comes nearly two years after he pleaded guilty to using an elaborate network of phony companies to secure more than 735,000 Internet Protocol (IP) addresses from the American Registry for Internet Numbers (ARIN), the nonprofit which oversees IP addresses assigned to entities in the U.S., Canada, and parts…
Read MoreToday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) released an update to Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Security-by- Design and -Default with the following international partners: Australian Cyber Security Centre (ACSC) Canadian Centre for Cyber Security (CCCS) United Kingdom’s National Cyber Security Centre (NCSC-UK) Germany’s Federal Office for Information Security (BSI) Netherland’s National Cyber Security Centre (NCSC-NL) Norway’s National Cyber…
Read MoreToday, CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA) in response to the active exploitation of CVE-2023-22515. This critical vulnerability affects certain versions of Atlassian Confluence Data Center and Server, enabling malicious threat actors to obtain initial access to Confluence instances by creating unauthorized Confluence administrator accounts. CISA strongly encourages upgrading to a fixed version or taking servers offline to apply…
Read MoreCisco released a security advisory to address a vulnerability (CVE-2023-20198) affecting IOS XE Software Web UI. A cyber threat actor can exploit this vulnerability to take control of an affected device. CISA encourages users and administrators to review the Cisco security advisory, apply the necessary recommendations, hunt for any malicious activity and report any positive findings to CISA, and apply patches when made available. See the following for additional guidance and resources: BOD 23-02: Mitigating…
Read MoreCISA released nineteen Industrial Control Systems (ICS) advisories on October 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-285-01 Siemens SIMATIC CP products ICSA-23-285-02 Siemens SCALANCE W1750D ICSA-23-285-03 Siemens SICAM A8000 Devices ICSA-23-285-04 Siemens Xpedition Layout Browser ICSA-23-285-05 Siemens Simcenter Amesim ICSA-23-285-06 Siemens SICAM PAS/PQS ICSA-23-285-07 Siemens RUGGEDCOM APE180 ICSA-23-285-08 Siemens SINEC NMS ICSA-23-285-09 Siemens CPCI85 Firmware of SICAM A8000 Devices ICSA-23-285-10 Siemens Tecnomatix Plant Simulation ICSA-23-285-11…
Read More