Cyber Security News


  • CISA Releases Five Industrial Control Systems Advisories

    October 4, 2022

    CISA has released five (5) Industrial Control Systems (ICS) advisories on October 04, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations: ICSA-22-277-01 Johnson Controls Metasys ADX Server ICSA-22-277-02 Hitachi Energy Modular Switchgear Monitoring ICSA-22-277-03 Horner ...

  • Moody’s turns up the heat on ‘riskiest’ sectors for cyberattacks

    October 3, 2022

    About $22 trillion of global debt rated by Moody’s Investors Service has “high,” or “very high” cyber-risk exposure, with electric, gas and water utilities, as well as hospitals, among the sectors facing the highest risk of cyberattacks. That’s more than one-quarter (28 percent) of the $80 trillion in Moody’s rated debt across 71 global sectors, and ...

  • How Ransomware Is Causing Chaos in American Schools

    October 3, 2022

    May 19, 2021 was supposed to be just another day at the end of the school year at Sierra College, a community college in Rocklin, California. Instead, hackers hit the school with ransomware, throwing it into chaos. “We are experiencing a major cybersecurity event this morning that is impacting the majority of services at Sierra College,” ...

  • Microsoft Exchange server zero-day mitigation can be bypassed

    October 3, 2022

    Microsoft has shared mitigations for two new Microsoft Exchange zero-day vulnerabilities tracked as CVE-2022-41040 and CVE-2022-41082, but researchers warn that the mitigation for on-premise servers is far from enough. Threat actors are already chaining both of these zero-day bugs in active attacks to breach Microsoft Exchange servers and achieve remote code execution. Both security flaws were reported ...

  • Ransomware gang leaks data stolen from LAUSD school system

    October 3, 2022

    Thousands of files apparently stolen last month in a ransomware attack on the Los Angeles Unified School District were released on the dark web over the weekend. The threat has been a major concern for the nation’s second-largest school district since Labor Day Weekend, when a cyber intrusion forced school district officials to take the extraordinary ...

  • U.S. Department of Homeland Security Kicks Off Cybersecurity Awareness Month

    October 3, 2022

    WASHINGTON – Throughout October, in recognition of Cybersecurity Awareness Month, the Department of Homeland Security is committed to raising awareness about how to combat the constant and ever-increasing threat from malicious cyber actors. Many of the Department’s component agencies play a lead role in strengthening the nation’s resilience across public and private sectors, investigating malicious ...

  • CISA Issues Binding Operational Directive 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks

    October 3, 2022

    CISA has issued Binding Operational Directive (BOD) 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks, which seeks improve asset visibility and vulnerability enumeration across the federal enterprise. Although BOD 23-01 is only applicable to federal civilian executive branch (FCEB) agencies, CISA recommends all stakeholders review and incorporate the standards it sets forth. Doing so ...

  • Russian retail chain ‘DNS’ confirms hack after data leaked online

    October 3, 2022

    Russian retail chain ‘DNS’ (Digital Network System) disclosed yesterday that they suffered a data breach that exposed the personal information of customers and employees. DNS is Russia’s second-largest computer and home appliance store chain, with 2,000 branches and 35,000 employees. According to the scant details provided in the announcement, a group of hackers residing outside the Russian ...

  • From today, America and UK follow new rules on how they can demand your data from each other

    October 3, 2022

    The Data Access Agreement (DAA), by which the US and UK have agreed how one country can respond to lawful data demands from police and investigators in the other, took effect on Monday. The DAA (aka the Access to Electronic Data for the Purpose of Countering Serious Crime) is intended to facilitate cross-border law enforcement within ...

  • BlackCat malware lashes out at US defense IT contractor

    October 2, 2022

    The BlackCat ransomware gang, also known as ALPHV, has allegedly broken into IT firm NJVC, a provider of services to civilian US government agencies and the Department of Defense. DarkFeed, which monitors the dark web for ransomware intelligence, tweeted this week that BlackCat had added NJVC to its victims’ list, along with sharing a screenshot allegedly ...

  • UK: Liz Truss’ and Cabinet Ministers’ mobile numbers are being sold online for £6.49

    October 2, 2022

    The personal mobile phone numbers of the Prime Minister and 25 of her Cabinet Ministers are being sold on the internet, The Mail on Sunday can reveal. They can be accessed on a shady US website charging just £6.49 for access to the information, which cyber experts warn could be used by China and Russia to ...