28 Jan 2021

CISA Issues Advisory for High-Severity Vulnerabilities in Fuji Electric HMI Products

Earlier this week, the US Cybersecurity and Infrastructure Security Agency (CISA) released an advisory informing industrial organizations that there is a critical flaw in SCADA/HMI products made by Fuji Electric, a Japanese electrical equipment company. This means that some organizations are facing a security threat due to potentially serious vulnerabilities.

Read More
28 Dec 2020

SolarWinds Hackers “Impacting” State and Local Governments

The Cybersecurity and Infrastructure Security Agency (CISA) recently issued a warning regarding the impact of the recent SolarWinds Orion software government espionage campaign likely conducted by Russia. The hack consisted of Russian nation-state hackers compromising SolarWinds’s popular Orion software supply chain, effectively installing a backdoor into hundreds of high profile

Read More
08 Dec 2020

CISA Warns About Iran’s Offensive Cyber Capabilities

The CISA recently issued a warning centered on the capabilities of Iranian hackers, advising companies to stay alert in terms of detecting suspicious activity. The alert states that Iran continues to engage in more conventional offensive cyber activities, such as website defacement, distributed denial of service attacks, information theft, destructive

Read More
08 Dec 2020

The NSA Warns That Russia Is Attacking Remote Work Platforms

The COVID-19 pandemic has created a massive movement towards working from home, inadvertently also creating more opportunities for hackers. The National Security Agency (NSA) released an advisory warning that Russian-state sponsored hackers have been actively attacking a vulnerability in remote-work platforms developed by VMware. The agency also released a security

Read More
03 Dec 2020

Think-Tanks Under Attack by Foreign APTs, CISA Warns

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a joint advisory warning of persistent cyberattacks targeting US think-tanks, with the goal of stealing intellectual property. The two agencies stated that they have witnessed an uptick in cyberattacks intentionally targeting think tanks, utilizing phishing and VPN exploit

Read More
01 Oct 2020

Zerologon Attacks Against Microsoft DCs Snowball in a Week

Last week, the first active exploits of the Microsoft Zerologon vulnerability (CVE-2020-1472) were flagged. Now, just over a week later, threat actors are leveraging the bug to attempt to take over Active Directory identity services as security researchers observe a massive spike in the bug’s exploitation attempts. Researchers at Cisco

Read More
30 Sep 2020

FBI says hackers want to stoke doubt about the 2020 election

Misinformation campaigns have plagued the US Presidental Elections for years, and on Monday the FBI and Cybersecurity and Infrastructure Agency (CISA) warned the public about the potential of foreign-produced disinformation aiming to cast doubt about the legitimacy of the upcoming election. Foreign actors may be trying to spread false claims

Read More
25 Sep 2020

Federal Agency Compromised by Malicious Cyber Actor

The Cybersecurity and Infrastructure Security Agency (CISA) released an analysis report yesterday detailing a recent cyberattack on a federal agency’s network that was achieved through leveraging compromised employee credentials. The cyberattacker was then able to drop harmful and sophisticated malware onto the agency’s system. This malware was able to effectively

Read More
24 Sep 2020

FBI and CISA Alert: Foreign Actors and Cybercriminals Likely to Spread Disinformation Regarding 2020 Election Results

Earlier this week, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) issued an announcement to alert the public to the potential threat of foreign interference in reporting 2020 election results and disinformation campaigns. According to the government agencies, foreign actors and cybercriminals may create or alter websites, and share

Read More
21 Sep 2020

Agencies Must Patch Zerologon Bug by Monday says US CISA

Earlier this week, the US Department of Homeland Security issued an emergency directive that calls for all civilian government agencies to patch a Windows vulnerability that has been categorized as high-risk. The bug, CVE-2020-1472, is a new form of a privilege bug that occurs when an attacker uses the Netlogon

Read More