Malware

Today, CISA and the Environmental Protection Agency (EPA) released Internet-Exposed HMIs Pose Cybersecurity Risks to Water and Wastewater Systems. This joint fact sheet provides Water and Wastewater Systems (WWS) facilities with recommendations for limiting the exposure of Human Machine Interfaces (HMIs) and securing them against malicious cyber activity. HMIs enable operational technology owners and operators to read supervisory control and data acquisition systems connected to programmable logic controllers. Threat actors can exploit exposed HMIs at…

Read More

Microsoft released security updates to address vulnerabilities in multiple Microsoft products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessary updates: Microsoft Security Update Guide for December

Read More

Cisco released security updates to address a vulnerability in Cisco NX-OS software. A cyber threat actor could exploit this vulnerability to take control of an affected system.  CISA encourages users and administrators to review the following advisory and apply the necessary updates: Cisco NX-OS Software Image Verification Bypass Vulnerability

Read More

Today, CISA—in partnership with the Australian Signals Directorate Australian Cyber Security Centre (ASD ACSC), and other international partners—released updates to a Secure by Design Alert, Choosing Secure and Verifiable Technologies. Partners that provided recommendations in this alert include: The Canadian Centre for Cyber Security (CCCS). United Kingdom’s National Cyber Security Centre (NCSC-UK). New Zealand’s National Cyber Security Centre (NCSC-NZ). Republic of Korea’s National Intelligence Service (NIS) and NIS’ National Cyber Security Centre (NCSC). Cyber threats…

Read More

Today, the Cybersecurity and Infrastructure Security Agency (CISA) released an updated public version of the Continuous Diagnostics and Mitigation (CDM) Data Model Document. Version 5.0.1 aligns with fiscal year 2023 Federal Information Security Modernization Act (FISMA) metrics. The CDM Data Model Document provides a comprehensive description of a common data schema to ensure that prescribed diagnostic activities within CDM solutions are consistent across all participating federal agencies. Agencies leverage the common data schema to accomplish…

Read More

Today, CISA—in partnership with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and international partners—released joint guidance, Enhanced Visibility and Hardening Guidance for Communications Infrastructure. Partners of this guidance include:  Australian Signals Directorate’s (ASD’s) Australian Cyber Security Centre (ACSC)  Canadian Centre for Cyber Security (CCCS) New Zealand’s National Cyber Security Centre (NCSC-NZ) This guidance was crafted in response to a People’s Republic of China (PRC)-affiliated threat actor’s compromise of “networks of major…

Read More

Today, CISA released Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a U.S. Critical Infrastructure Sector Organization in coordination with the assessed organization. This cybersecurity advisory details lessons learned and key findings from an assessment, including the Red Team’s tactics, techniques, and procedures (TTPs) and associated network defense activity. This advisory provides comprehensive technical details of the Red Team’s cyber threat activity, including their attack path to compromise a domain controller and human…

Read More

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Homeland Security Systems Engineering and Development Institute (HSSEDI), operated by MITRE, has released the 2024 CWE Top 25 Most Dangerous Software Weaknesses. This annual list identifies the most critical software weaknesses that adversaries frequently exploit to compromise systems, steal sensitive data, or disrupt essential services. Organizations are strongly encouraged to review this list and use it to inform their software security strategies. Prioritizing these weaknesses…

Read More

Today, CISA, the Federal Bureau of Investigation (FBI), and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) released updates to #StopRansomware: BianLian Ransomware Group on observed tactics, techniques, and procedures (TTPs) and indicators of compromise attributed to data extortion group, BianLian. The advisory, originally published May 2023, has been updated with additional TTPs obtained through FBI and ASD’s ACSC investigations and industry threat intelligence as of June 2024. BianLian is likely based in…

Read More