A key Department of Homeland Security information-sharing database was accessed by an unknown threat actor in recent weeks, potentially exposing sensitive data exchanged between federal, state, local and industry partners, according to two people familiar with the matter.
DHS investigators are probing the intrusion of the Homeland Security Information Network, said both people, who spoke on the condition of anonymity because the incident is sensitive. The hackers’ affiliation and whether any documentation was pilfered from the system are both unclear.
Read more…
Source: Nextgov
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- MGM Resorts Slot machines go down in cyber-attack on firm
September 12, 2023
Customers have reported problems with slot machines and online room booking systems following a cyber-attack on casino and hotel giant MGM Resorts. Certain systems were shut down due to a “cyber-security issue”, the firm said. But it added that its facilities remained “operational”. One customer at the MGM Grand in Las Vegas said she had walked ...
- Analyzing Cuba ransomware
September 11, 2023
The group’s offensives first got on Kaspersky researchers radar in late 2020. Back then, the cybercriminals had not yet adopted the moniker “Cuba”; they were known as “Tropical Scorpius”. Cuba mostly targets organizations in the United States, Canada and Europe. The gang has scored a series of resonant attacks on oil companies, financial services, government ...
- 11 alleged Conti criminals hit with UK and US sanctions
September 8, 2023
UK and US authorities have issued sanctions on 11 individuals who are allegedly part of a cybercriminal gang that use Trickbot and Conti malware. The 11 individuals have been hit with asset freezes and travel bans in a coordinated effort to counter the threat of ransomware, according to UK officials. The country’s National Crime Agency (NCA) ...
- Storm-0558: Understanding How Microsoft Failed to Protect Itself
September 7, 2023
You’re undoubtedly familiar with the so-called Storm-0558 attacks from July 2023. If not a quick recap: these attacks (widely attributed as the work of the Chinese government) compromised a number of high-value Exchange Online mailboxes, including the US Secretary of Commerce and the US Ambassador to China. Given the sensitivity of the mailboxes, it’s likely ...
- CISA, FBI, and CNMF Release Advisory on Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475
September 7, 2023
Today, CISA, Federal Bureau of Investigation (FBI), and U.S. Cyber Command’s Cyber National Mission Force (CNMF) published a joint Cybersecurity Advisory (CSA), Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475. This CSA provides information on an incident at an Aeronautical Sector organization, with malicious activity occurring as early as January 2023. CISA, FBI, and CNMF confirmed ...
- Cooperation Across DOD, Private Sector Critical Amid Emerging Cyber Threats
September 7, 2023
Maintaining a robust defense against emerging cyberthreats requires collaboration and cooperation throughout the Defense Department and across industry partners, a top Pentagon information security executive said today. Principal Deputy Chief Information Officer Leslie A. Beavers warned emerging cybersecurity challenges pose a “whole of government, almost whole of society threat. At the end of the day, security ...

