In a recent opinion piece, Linus Torvalds shares his views on C and C++. “I must be a glutton for punishment. Not only was my first programming language IBM 360 Assembler, but my second language was C. Programming anything in them wasn't easy. Programming safely in either is much harder.” So, when the US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigations (FBI announced they were doubling down on their efforts to persuade software manufacturers t
cisa (81)
It is not the federal government that’s responsible for the cyber defense of critical infrastructure. The responsibility falls on the critical infrastructure operators themselves and most aren’t equipped for the fight. Cyber threats to the United States' critical infrastructure are on the rise. On 31 January 2024, FBI Director Christopher Wray testified before Congress, highlighting how Chinese government hackers are attempting “‘to find and prepare to destroy or degrade the civilian critical
The US Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) is a significant piece of legislation passed in 2022, designed to tackle cyber incidents affecting critical infrastructure. While its full impact is still unknown, CIRCIA presents new requirements for incident reporting that cyber risk professionals must understand and prepare for.
CIRCIA was created to help the US government coordinate responses to significant cyber incidents that affect essential services. Its goal was
The US Cybersecurity and Infrastructure Security Agency (CISA), Australian Signals Directorate Australian Cyber Security Centre (ASD ACSC) and other U.S. and international partners, co-sealed Detecting and Mitigating Active Directory Compromises. This guide informs organizations of recommended strategies to mitigate 17 common techniques used by adversaries and malicious actor to compromise Active Directory.
The objective of malicious activity involving Active Directory is to escalate privileges
Government-run water systems are still at risk of attack by cybercriminals and nation-states, according to a new advisory from the US’s top cybersecurity agency. The notice from the US Cybersecurity and Infrastructure Security Agency (CISA) came two days after Arkansas City, Kansas, reported a cybersecurity issue that forced it to switch to manual operations.
Last week, US DHS CISA said it continues to “respond to active exploitation of internet-accessible operational technology (OT) and indust
Due to economic turbulence and a relentless surge in cyber threats, today's cybersecurity landscape requires enterprises to remain resilient by adapting to security risks. Many organizations have chosen to adapt to these risks by embracing modern technology such as generative artificial intelligence (GenAI), which can present new risks if not implemented properly. The speed at which companies innovate and adopt new technology is far outpacing the security measures that must be addressed first.
When the Heritage Foundation’s nearly 1,000-page Project 2025 report was published earlier this year, cybersecurity experts focused on its radical suggestion to drastically diminish the Cybersecurity and Infrastructure Security Agency (CISA) and other reimagining of cybersecurity policy. But despite the buzz the report has caused in Washington cybersecurity circles, interviews with five former senior Trump administration officials demonstrate a much more moderate vision for cyber if he wins a s
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are alerting the public of false claims that the US voter registration data has been compromised in cyber-attacks. The two agencies note that malicious actors spread disinformation to manipulate public "opinion and undermine confidence in US democratic institutions."
According to public service awareness, the actors present publicly accessible data as evidence of the hacks. "Malicious acto
The US Cybersecurity and Infrastructure Security Agency (CISA) has disclosed that threat actors are abusing the legacy Cisco Smart Install (SMI) feature to access sensitive data. The agency said it has seen adversaries "acquire system configuration files by leveraging available protocols or software on devices, such as abusing the legacy Cisco Smart Install feature." It also said it continues to observe weak passwords used on Cisco network devices, thereby exposing them to password-cracking at
The US Cybersecurity and Infrastructure Security Agency (CISA) has taken a pioneering step in the realm of artificial intelligence and cybersecurity by appointing its first Chief Artificial Intelligence Officer, and it is not a computer, Lisa Einstein. This position, announced on 01 August 2024, underscores the growing importance of AI in national security and sets a precedent that other organizations may soon follow.
Einstein has served as CISA's Senior Advisor for AI since 2023 and as the Exe
In a show of international cooperation, intelligence and cybersecurity agencies from eight countries have jointly accused China of orchestrating a series of cyberattacks on government networks. The United States, United Kingdom, Canada, Australia, New Zealand, Germany, Japan, and South Korea have pointed the finger at APT40, a hacking group believed to be sponsored by China's Ministry of State Security.
See: https://redskyalliance.org/transportation/anchor-panda-and-periscope-threat-actors-tar
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert regarding an ongoing phone-based impersonation fraud campaign where scammers are masquerading as CISA staff. In a brief notification, the agency stated it is "aware of recent impersonation scammers claiming to represent the agency."
The CISA warning https://www.cisa.gov/news-events/alerts/2024/06/12/phone-scammers-impersonating-cisa-employees explicitly states that its employees "will never contact you with a
A major cyber-attack occurred just before the Fourth of July holiday in 2021, affecting at least 200 US companies. The attack was a ransomware attack that occurred first at Kaseya, a Florida-based IT company, and then spread through the corporate networks that use its software. The attack affected multiple managed service providers and their customers. The REvil ransomware gang was behind the attack. Please stay vigilant during all holiday times.
At least 200 US companies were hit by a major
US Cyber authorities are releasing this joint CSA to provide information on Black Basta, a ransomware variant whose actors have encrypted and stolen data from at least 12 out of 16 critical infrastructure sectors, including the Healthcare and Public Health (HPH) Sector. This joint CSA provides TTPs and IOCs obtained from FBI investigations and third-party reporting.
Black Basta is considered a ransomware-as-a-service (RaaS) variant and was first identified in April 2022. Black Basta affiliate
In a comprehensive National Security Memorandum (NSM), the current administration has outlined its strategy for strengthening the security and resilience of United States critical infrastructure against threats like cyberattacks, natural disasters, and climate change. The memorandum designates 16 critical infrastructure sectors, such as energy, transportation, and health care, and outlines roles and responsibilities for relevant federal agencies to identify and mitigate risks within each sector
The below information from DHS/CISA is a fact sheet which provides information and mitigations associated with cyber operations conducted by pro-Russia hacktivists who seek to compromise industrial control systems (ICS) and small-scale operational technology (OT) systems in North American and European critical infrastructure sectors, including Water and Wastewater Systems, Dams, Energy, and Food and Agriculture Sectors.[1]
The pro-Russia hacktivist activity appears mostly limited to unsophistica
The Federal Bureau of Investigation (FBI), the U.S. Department of State, and the National Security Agency (NSA) are jointly issuing this advisory to highlight attempts by Democratic People’s Republic of Korea (DPRK, a.k.a. North Korea) Kimsuky cyber actors to exploit improperly configured DNS Domain-based Message Authentication, Reporting and Conformance (DMARC) record policies to conceal social engineering attempts. Without properly configured DMARC policies, malicious cyber actors are able to
Some smart locks controlled by Chirp Systems' software can be remotely unlocked by strangers thanks to a critical security vulnerability. This remote exploitation is possible due to passwords and private keys being hard-coded in Chirp's Android app. Anyone who knows or finds these credentials can use them with an API maintained by smart lock supplier August to remotely open someone's Chirp-powered lock and thus unlock whatever door it is supposed to be protecting. Chirp has claimed its system
The attached US DHS CISA fact sheet provides an overview for executive leaders on the urgent risk posed by People’s Republic of China (PRC) state-sponsored cyber actors known as “Volt Typhoon.” CISA—along with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and other US government and international partners1—released a major advisory on 7 February 2024, in which the U.S. authoring agencies warned cybersecurity defenders that Volt Typhoon has been pre-positioning t
DarkReading recently provided an editorial on the recent cyber security repose to Ivanti’s VPN issues. “Here's what's clear about the current cybersecurity state of Ivanti's VPN appliances, they have been widely vulnerable to cyberattack, and threat actors are onto the possibilities. It's up to enterprise cyber teams to decide what comes next.”
So far, Ivanti has disclosed five VPN flaws in 2024, most exploited as zero-days — with two of them publicly announced weeks before patches became avai
