https://www.cisa.gov/news-events/alerts/2023/03/13/cisa-announces-ransomware-vulnerability-warning-pilot Today, CISA is announcing the creation of the Ransomware Vulnerability Warning Pilot (RVWP). Through the RVWP, CISA: Review the RVWP webpage for details, including information on the authorities and services CISA leverages to enable RVWP notifications.
https://www.cisa.gov/news-events/alerts/2023/03/02/fbi-and-cisa-release-stopransomware-royal-ransomware Today, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released joint Cybersecurity Advisory (CSA) #StopRansomware: Royal Ransomware to provide network defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Royal ransomware variants. FBI investigations identified these TTPs and IOCs as recently Read more…
https://www.cisa.gov/news-events/alerts/2023/03/01/cisa-releases-decider-tool-help-mitre-attck-mapping Today, CISA released Decider, a free tool to help the cybersecurity community map threat actor behavior to the MITRE ATT&CK framework. Created in partnership with the Homeland Security Systems Engineering and Development Institute™ (HSSEDI) and MITRE, Decider helps make mapping quick and accurate through guided questions, a powerful search and Read more…
Servers running unpatched versions of ESXi are sitting ducks for ESXiArgs attacks. An explosion of cyberattacks is infecting servers around the world with crippling ransomware by exploiting a vulnerability that was patched two years ago, it was widely reported on Monday. The hacks exploit a flaw in ESXi, a hypervisor Read more…
A Note From the CISA, NSA, and MS-ISAC The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) have identified a financially motivated, malicious cyber campaign that uses Remote Monitoring and Management (RMM) software to grant cyber criminals local user access Read more…
Top API security tools can help hold the line against modern threats to the important and ubiquitous software development interfaces. Application programming interfaces (APIs) have become a critical part of networking, programs, applications, devices, and nearly everything else in the computing landscape. This is especially true for cloud and mobile Read more…
Technology investments and process updates are proving key to delivering the seamless, productive, and equitable experiences employees expect from hybrid working environments. A significant number of organizations are operating in a hybrid model — and expect to continue with that hybrid environment for the foreseeable future. Global analytics and advice Read more…
https://www.technologyreview.com/2022/01/21/1043980/how-a-russian-cyberwar-in-ukraine-could-ripple-out-globally/?truid=%2A%7CLINKID%7C%2A&utm_source=weekend_reads&utm_medium=email&utm_campaign=weekend_reads.unpaid.engagement&utm_content=wr.11.26.22.cyberwknd&mc_cid=cde6f8d49b&mc_eid=cc872fb6b7 Soldiers and tanks may care about national borders. Cyber doesn’t. Russia has sent more than 100,000 soldiers to the nation’s border with Ukraine, threatening a war unlike anything Europe has seen in decades. Though there hasn’t been any shooting yet, cyber operations are already underway. Last week, hackers defaced Read more…
Countless reports have emerged in recent years, and seemingly more frequently in the last year, of organizations confirming they have experienced a cyber attack or unauthorized entities accessing their systems, networks, or data stores. After extensive research into the root cause of these attacks, many organizations have found that the Read more…
Cybersecurity issues can strike anyone, anywhere, at any time. Regardless of how big or small your company is, you are not exempt from any cyber threat. Implementing sufficient cybersecurity solutions that can protect your business is essential. It will act as a much-needed layer of protection to mitigate issues that Read more…