U.S. federal agencies have until Dec. 12 to patch vulnerable Linux devices on their networks after researchers discovered an actively exploited security flaw. The Cybersecurity and Infrastructure Security Agency added the “Looney Tunables” vulnerability, tracked as CVE-2023-4911, to its catalog of known exploited vulnerabilities Tuesday and mandated federal civilian branch agencies to download patches to…

On October 10, the Cybersecurity and Infrastructure Security Agency (CISA) updated the Known Exploited Vulnerabilities (KEV) catalog with five known software flaws. At the top of the list: A use-after-free vulnerability in Adobe’s Acrobat and Reader PDF-viewing applications that could allow code execution with the privileges of any user that clicked on a malicious file….

The FBI and U.S. Cybersecurity and Infrastructure Security Agency are urging critical infrastructure organizations to implement mitigation techniques to thwart a cybercriminal group known as Scattered Spider that targets major companies and their IT help desks. A joint advisory describes the hacking group, also known as Octo Tempest and UNC3944, as having expertise in social…

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added five new flaws to its Known Exploited Vulnerabilities Catalog, including a high-severity flaw (CVE-2023-21608) (CVSS score: 7.8) in Adobe Acrobat Reader. The flaw is a use-after-free issue, an attacker can trigger the flaw to achieve remote code execution (RCE) with the privileges of the current user….

BeyondID, a leading managed identity solutions provider, today announced the industry’s first solution that accurately conveys the true nature of identity within the zero trust security framework. BeyondID’s Identity Fabric Model for Zero Trust promises optimal threat detection, investigation, and round-the-clock remediation via the BeyondID Security Operations Center (SOC). “The Zero Trust Maturity Model by…

Cybersecurity advisories from the FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) are usually a good indication that a particular threat merits priority attention from organizations in the crosshairs. That would appear to be the case with “Snatch,” a ransomware-as-a-service (RaaS) operation that has been active since at least 2018 and is the…

The new Caldera for OT extension is the result of a collaboration between the Homeland Security Systems Engineering and Development Institute (HSSEDI) and CISA, to help improve the resilience of critical infrastructure. The Caldera cybersecurity platform provides automated adversary emulation, security assessments, and red-, blue-, and purple-teaming, and uses the MITRE ATT&CK framework as its…

Researchers have discovered hundreds of devices running on government networks that expose remote management interfaces on the open Web. Thanks to the Cybersecurity and Infrastructure Security Agency (CISA), that will change quickly — possibly too quickly, according to some experts. On June 13, CISA released Binding Operational Directive (BOD) 23-02, with the goal of eliminating…

The FBI and CISA issued a joint advisory warning that the Bl00dy Ransomware group is actively targeting the education sector by exploiting the PaperCut remote-code execution vulnerability CVE-2023-27350. The Bl00dy ransomware has been active since May 2022, it has been the first group that started using the leaked LockBit ransomware builder in attacks in the…

APT28, the hacking arm of Russia’s GRU military intelligence agency has been backdooring Cisco routers by exploiting a remote code execution vulnerability in the Cisco IOS implementation of the simple network management protocol (SNMP), according to a statement by Western security agencies. The malware deployed on compromised routers patches the router’s authentication mechanism to always…