CyberSecurity Updates

13 Dec

CISA and EPA Release Joint Fact Sheet Detailing Risks Internet-Exposed HMIs Pose to WWS Sector

Attacks, Insights, Malware

Today, CISA and the Environmental Protection Agency (EPA) released Internet-Exposed HMIs Pose Cybersecurity Risks to Water and Wastewater Systems. This joint fact sheet provides Water and Wastewater Systems (WWS) facilities with recommendations for limiting the exposure of Human Machine Interfaces (HMIs) and securing them against malicious cyber activity. HMIs enable operational technology owners and operators to read supervisory control and data acquisition systems connected to programmable logic controllers. Threat actors can exploit exposed HMIs at…

Read More
11 Dec

How Cryptocurrency Turns to Cash in Russian Banks

Information, Insights

A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services aimed at Russian-speaking customers, new research finds. Meanwhile, an investigation into the Vancouver street address used by this company shows it is home to dozens of foreign currency dealers, money transfer businesses, and cryptocurrency exchanges — none of which are physically located there. Richard Sanders is a blockchain analyst and investigator who…

Read More
10 Dec

Patch Tuesday, December 2024 Edition

Information, Insights

Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that is already being exploited in active attacks. The zero-day seeing exploitation involves CVE-2024-49138, a security weakness in the Windows Common Log File System (CLFS) driver — used by applications to write transaction logs — that could let an authenticated attacker gain “system” level privileges on a vulnerable Windows device. The security firm Rapid7 notes there…

Read More
10 Dec

Microsoft Releases December 2024 Security Updates

Attacks, Insights, Malware

Microsoft released security updates to address vulnerabilities in multiple Microsoft products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessary updates: Microsoft Security Update Guide for December

Read More
05 Dec

Data Pipeline Challenges of Privacy-Preserving Federated Learning

Insights

Introduction In this post, we talk with Dr. Xiaowei Huang and Dr. Yi Dong (University of Liverpool) and Sikha Pentyala (University of Washington Tacoma), who were winners in the UK-US PETs Prize Challenges. We discuss real-world data pipeline challenges associated with privacy-preserving federated learning (PPFL) and explore upcoming solutions. Unlike traditional centralized or federated learning, PPFL solutions prevent the organization training the model from looking at the training data. This means it’s impossible for that organization to assess…

Read More
05 Dec

ASD’s ACSC, CISA, and US and International Partners Release Guidance on Choosing Secure and Verifiable Technologies

Attacks, Insights, Malware

Today, CISA—in partnership with the Australian Signals Directorate Australian Cyber Security Centre (ASD ACSC), and other international partners—released updates to a Secure by Design Alert, Choosing Secure and Verifiable Technologies. Partners that provided recommendations in this alert include: The Canadian Centre for Cyber Security (CCCS). United Kingdom’s National Cyber Security Centre (NCSC-UK). New Zealand’s National Cyber Security Centre (NCSC-NZ). Republic of Korea’s National Intelligence Service (NIS) and NIS’ National Cyber Security Centre (NCSC). Cyber threats…

Read More
05 Dec

Cisco Releases Security Updates for NX-OS Software

Attacks, Insights, Malware

Cisco released security updates to address a vulnerability in Cisco NX-OS software. A cyber threat actor could exploit this vulnerability to take control of an affected system.  CISA encourages users and administrators to review the following advisory and apply the necessary updates: Cisco NX-OS Software Image Verification Bypass Vulnerability

Read More
04 Dec

U.S. Offered $10M for Hacker Just Arrested by Russia

Information, Insights

In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “Wazawaka,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The U.S. government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest. Last week, the Russian government reportedly arrested Matveev and charged him with creating malware used to extort companies. An FBI wanted poster for Matveev. Matveev,…

Read More
04 Dec

CISA Releases New Public Version of CDM Data Model Document

Attacks, Insights, Malware

Today, the Cybersecurity and Infrastructure Security Agency (CISA) released an updated public version of the Continuous Diagnostics and Mitigation (CDM) Data Model Document. Version 5.0.1 aligns with fiscal year 2023 Federal Information Security Modernization Act (FISMA) metrics. The CDM Data Model Document provides a comprehensive description of a common data schema to ensure that prescribed diagnostic activities within CDM solutions are consistent across all participating federal agencies. Agencies leverage the common data schema to accomplish…

Read More
03 Dec

Why Phishers Love New TLDs Like .shop, .top and .xyz

Information, Insights, Malware

Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as .shop, .top, .xyz — that attract scammers with rock-bottom prices and no meaningful registration requirements, new research finds. Meanwhile, the nonprofit entity that oversees the domain name industry is moving forward with plans to introduce a slew of new gTLDs. Image: Shutterstock. A study…

Read More