07 Oct 2019

DHS and FDA warn about much broader impact of Urgent/11 vulnerabilities

Urgent/11, a range of security vulnerabilities that were initially thought to impact only the VxWorks real-time operating system (RTOS), actually put many more systems at risk, the US Department of Homeland Security (DHS) and the US Food and Drug Administration (FDA) warned last week. Earlier this year, security researchers with

Read More
01 Oct 2019

Senate Passes Bill Aimed At Combating Ransomware Attacks

The United States Senate recently approved the “DHS Cyber Hunt and Incident Response Teams Act,” which aims to help local governments and private companies fight ransomware infections and other cyberattacks by enabling the Department of Homeland Security (DHS) to set up “incident response teams” that can assist organizations under attack.

Read More
05 Sep 2019

US Lawmakers Propose Bill to Fortify Federal Cybersecurity

US lawmakers will introduce the Advancing Cybersecurity Diagnostics and Mitigation Act to the US House of Representatives this week. The law aims to bolster the government’s cybersecurity program by providing state, local, and tribal governments with access to the Continuous Diagnostics and Mitigation (CDM) program that has been in use

Read More
31 Jul 2019

US Issues Hacking Security Alert for Small Planes

Because security researchers from Rapid7 recently discovered that modern flight systems in small planes can be easily disrupted by a threat actor with physical access to an aircraft, the US Department of Homeland Security (DHS) on Tuesday sent out an alert urging plane owners to restrict this type of access.

Read More
05 Jul 2019

The biggest concern for election security may be phishing

Outdated voting machines that are vulnerable to hacking are hardly the only cybersecurity concern for US election security officials. Earlier this week, the US Department of Homeland Security warned election officials across the country about the threat of phishing campaigns. Threat actors are targeting election officials with seemingly legitimate emails

Read More
20 Jun 2019

Phishing Attack Exposes Data of 645,000 Oregon DHS Clients

The Department of Human Services (DHS) in Oregon suffered a data breach earlier this year in which a threat actor obtained unauthorized access to the personal data of around 645,000 of the agency’s clients. The agency is notifying those impacted by the breach. On January 8, a cybercriminal was able

Read More
18 Jun 2019

US Govt Achieves BlueKeep Remote Code Execution, Issues Alert

The Cybersecurity and Infrastructure Security Agency (CISA) is urging users to patch the highly critical BlueKeep security flaw (CVE-2019-0708) that impacts Remote Desktop Protocol (RDP) implementations on older Windows operating systems. The agency, which operates under Department of Homeland Security oversight, issued the alert after achieving remote code execution on

Read More
21 May 2019

DHS warns of ‘strong concerns’ that Chinese-made drones are stealing data

The US Department of Homeland Security is warning that drones manufactured in China are a “potential risk to an organization’s information,” because they are capable of sending sensitive flight data to servers that may be accessed by the manufacturer as well as by other parties, such as the Chinese government.

Read More
14 May 2019

Use a 3rd Party to Setup Office 365? DHS Says You May Be at Risk.

The Department of Homeland Security CISA has issued an analysis highlighting observed security risks resulting from the use of third parties to move organizations to the Microsoft Office 365 Cloud.

Read More
11 Apr 2019

US Government Warns of New North Korean Malware

The US Department of Homeland Security (DHS) has published a report about a newly uncovered malware strain that is linked to the infamous North Korean hacking group Hidden Cobra aka Lazarus. The malware, dubbed Hoplight, is a backdoor Trojan that has the ability to: “Read, Write, and Move Files; Enumerate

Read More