CISA Archives - Page 6 of 7 - Cyber Security Minute

BlackMatter ransomware group announces shutdown. But for how long?

Issued by: Blog Malwarebytes

The BlackMatter ransomware gang has announced they are going to shut down their operation, citing pressure from local authorities. And pressure there is. Only two weeks ago, we wrote about a warning that the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA) had issued over…

Vulnerabilities

Fuji Electric Patches Vulnerabilities in Factory Monitoring Software

Issued by: Security Week

The security holes, identified by a researcher who uses the online moniker “kimiya,” were discovered in the Tellus Lite V-Simulator and V-Server Lite products, which are used worldwide to remotely monitor and operate factories. Versions prior to 4.0.12.0 are affected. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday published an advisory to inform…

Malware & Threats

North Korean Hackers Targeting IT Supply Chain: Kaspersky

Issued by: Security Week

As part of the observed attacks, the group used an updated DeathNote malware cluster, which includes a slightly modified version of BLINDINGCAN, a piece of malware that the U.S. Cybersecurity and Infrastructure Security Agency (CISA) associated with the group. A new variant of COPPERHEDGE, which Lazarus has been using for at least two years, was…

Network Security

CISA Opens IPv6 Guidance to Public Feedback

Issued by: Security Week

Named IPv6 Considerations for TIC 3.0, the document was issued in line with Office of Management and Budget (OMB) Memorandum 21-07, which mandates CISA to enhance the Trusted Internet Connections (TIC) program to ensure Internet Protocol version 6 (IPv6) is implemented within federal IT systems. The new IPv6 guidance is meant to provide information on…

Network Security

CISA Appoints Kiersten Todt as New Chief of Staff

Issued by: Security Week

Before joining CISA as chief of staff, Todt served as managing director of the non-profit Cyber Readiness Institute (CRI). She also served as president and managing partner at risk management consulting firm Liberty Group Ventures between 2012 and 2016. Kiersten TodtAs for roles in the government, Todt served in 2016 as the executive director of…

Vulnerabilities

WordPress 5.8.1 Patches Several Vulnerabilities

Issued by: Security Week

Users have been informed that the latest update includes three security fixes, including for a data exposure flaw related to the REST API, and a cross-site scripting (XSS) issue in the block editor. WordPress 5.8.1 also updates Lodash, a JavaScript library that provides utility functions for common programming tasks, to address security issues. These vulnerabilities…

Vulnerabilities

USCYBERCOM Warns of Mass Exploitation of Atlassian Vulnerability Ahead of Holiday Weekend

Issued by: Security Week

“Mass exploitation of Atlassian Confluence CVE-2021-26084 is ongoing and expected to accelerate,” USCYBERCOM tweeted Friday morning. “Please patch immediately if you haven’t already— this cannot wait until after the weekend.” On August 25, Atlassian issued patches to address the critical code execution vulnerability that carried a CVSS score of 9.8. Described by the software maker…

Network Security

CISA’s Joint Cyber Defense Collaborative: Why it just might work

Issued by: CSO

The Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS) has a new director, Jen Easterly. The Senate confirmed Easterly in July, with swearing taking place on August 09, 2021. It should come as no surprise to CISOs to see Easterly dig in and immediately leverage the newly minted Joint Cyber…

Vulnerabilities

Patch now! Microsoft Exchange is being attacked via ProxyShell

Issued by: Blog Malwarebytes

Last Saturday the Cybersecurity and Infrastructure Security Agency issued an urgent warning that threat actors are actively exploiting three Microsoft Exchange vulnerabilities—CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. These vulnerabilities can be chained together to remotely execute arbitrary code on a vulnerable machine. This set of Exchange vulnerabilities is often grouped under the name ProxyShell. Fixes were available…

Vulnerabilities

High-Severity DoS Vulnerability Patched in BIND DNS Software

Issued by: Security Week

The flaw, tracked as CVE-2021-25218, affects BIND versions 9.16.19, 9.17.16, and 9.16.19-S1. Patches are included in versions 9.16.20, 9.17.17 and 9.16.20-S1. Workarounds are also available. It’s worth noting that while the existence of the vulnerability was made public on August 18, customers received a notification one week in advance. The vulnerability can be exploited remotely…