CyberSecurity Updates

27 Feb

Data Distribution in Privacy-Preserving Federated Learning

Insights

This post is part of a series on privacy-preserving federated learning. The series is a collaboration between NIST and the UK government’s Responsible Technology Adoption Unit (RTA), previously known as the Centre for Data Ethics and Innovation. Learn more and read all the posts published to date at NIST’s Privacy Engineering Collaboration Space or RTA’s blog.  Our first post in the series introduced the concept of federated learning and described how it’s different from traditional centralized learning…

Read More
27 Feb

CISA, FBI, and HHS Release an Update to #StopRansomware Advisory on ALPHV Blackcat

Attacks, Insights, Malware

Today, CISA, the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) released an update to the joint advisory #StopRansomware: ALPHV Blackcat to provide new indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with the ALPHV Blackcat ransomware as a service (RaaS). ALPHV Blackcat affiliates have been observed primarily targeting the healthcare sector. CISA, the FBI, and HHS urge network defenders to review the updated joint advisory…

Read More
26 Feb

Travel Update! The NIST CSF 2.0 is HERE…Along with Many Helpful Resources…

Insights

Credit: Natasha Hanacek, NIST The NIST Cybersecurity Framework (CSF) development process all started with Executive Order (EO)13636 over a decade ago, which called for building a set of approaches (a framework) for reducing risks to critical infrastructure. Through this EO, NIST was tasked with developing a “Cybersecurity Framework.” We knew that, to do this the right way, NIST would need to work alongside industry, academia, and other government agencies. This is exactly what we did—and have…

Read More
26 Feb

CISA, NCSC-UK, and Partners Release Advisory on Russian SVR Actors Targeting Cloud Infrastructure

Attacks, Insights, Malware

CISA, in partnership with UK National Cyber Security Centre (NCSC) and other U.S. and international partners released the joint advisory, SVR Cyber Actors Adapt Tactics for Initial Cloud Access. This advisory provides recent tactics, techniques, and procedures (TTPs) used by Russian Foreign Intelligence Service (SVR) cyber actors—also known as APT29, the Dukes, CozyBear, and NOBELIUM/Midnight Blizzard—to gain initial access into a cloud environment. The authoring agencies encourage network defenders and organizations review the joint advisory…

Read More
25 Feb

FBI’s LockBit Takedown Postponed a Ticking Time Bomb in Fulton County, Ga.

Information, Insights

The FBI’s takedown of the LockBit ransomware group last week came as LockBit was preparing to release sensitive data stolen from government computer systems in Fulton County, Ga. But LockBit is now regrouping, and the gang says it will publish the stolen Fulton County data on March 2 unless paid a ransom. LockBit claims the cache includes documents tied to the county’s ongoing criminal prosecution of former President Trump, but court watchers say teaser documents…

Read More
24 Feb

PSYOP campaigns targeting Ukraine – Week in security with Tony Anscombe

Information

Video Coming in two waves, the campaign sought to demoralize Ukrainians and Ukrainian speakers abroad with disinformation messages about war-related subjects 23 Feb 2024 This week, ESET researchers revealed their findings about Operation Texonto, a disinformation/psychological (PSYOP) campaign where Russia-aligned threat actors sought to demoralize Ukrainians and Ukrainian speakers abroad with disinformation messages about war-related topics. Coming in two waves (in November 2023 and in late December 2023, respectively), the two campaigns spread false information…

Read More
23 Feb

Everything you need to know about IP grabbers

Information

Digital Security You would never give your personal ID to random strangers, right? So why provide the ID of your computer? Unsuspecting users beware, IP grabbers do not ask for your permission. Márk Szabó 22 Feb 2024  •  , 6 min. read A common message that any user of a social platform like Discord might see sometimes are warnings about IP grabbers being included as links in messages on various servers. For someone who probably…

Read More
23 Feb

Updated: Top Cyber Actions for Securing Water Systems

Attacks, Insights, Malware

Today, CISA, the Environmental Protection Agency (EPA), and the Federal Bureau of Investigation (FBI) updated the joint fact sheet Top Cyber Actions for Securing Water Systems. This update includes additional resources—from American Water Works Association, the WaterISAC, and MS-ISAC—to support water systems in defending against from malicious cyber activity.  The fact sheet outlines the following practical actions Water and Wastewater Systems (WWS) Sector entities can take to better protect water systems from malicious cyber activity…

Read More
22 Feb

Watching out for the fakes: How to spot online disinformation

Information

How To Why and how are we subjected to so much disinformation nowadays, and is there a way to spot the fakes? Márk Szabó 20 Feb 2024  •  , 6 min. read One of the best things about the internet is that it’s an expansive repository of knowledge – and this wealth of knowledge is almost never more than a few clicks away. This unfettered access to information brings along its fair share of challenges,…

Read More
22 Feb

Operation Texonto: Information operation targeting Ukrainian speakers in the context of the war

Information

ESET products and research have been protecting Ukrainian IT infrastructure for years. Since the start of the war in February 2022, we have prevented and investigated a significant number of attacks launched by Russia-aligned groups. We have also published some of the most interesting findings on WeLiveSecurity: Even though our main focus remains on analyzing threats involving malware, we have found ourselves investigating an information operation or psychological operation (PSYOP) trying to raise doubts in…

Read More