As security professionals we’re used to dealing with unknowns and unpredictability. We understand that it’s impossible to always know what’s around the corner. It’s not just about external threats and the big breaches splashed across the news headlines.
On one hand, we’re combating threat actors attempting to steal information, money or simply trying to cause havoc. On the other, we’re trying to better understand employee behavior amidst the myriad of applications they use on a daily basis; always vigilant for any suspicious activity. And while it certainly makes our jobs interesting, unpredictability runs contrary to how the organisations we protect prefer to operate.
Read more…
Source: Rapid7
Related:
- CISA Releases Security Advisories for Rockwell Automation Products
March 31, 2022
CISA has released two Industrial Controls Systems Advisories (ICSAs) detailing vulnerabilities in Rockwell Automation products. An attacker could exploit these vulnerabilities to inject code on affected system. CISA encourages users and administrators to review ICSA-22-090-05: Rockwell Automation Logix Controllers and ICSA-22-090-07: Rockwell Automation Studio 5000 Logix Designer for more information and to apply the necessary mitigations ...
- FBI: Ransomware Attacks Straining Local US Governments and Public Services
March 30, 2022
The FBI is informing Government Facilities Sector (GFS) partners of cyber actors conducting ransomware attacks on local government agencies that have resulted in disrupted operational services, risks to public safety, and financial losses. Ransomware attacks against local government entities and the subsequent impacts are especially significant due to the public’s dependency on critical utilities, emergency ...
- FBI: Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector
March 24, 2022
This joint Cybersecurity Advisory (CSA)—coauthored by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Energy (DOE)—provides information on multiple intrusion campaigns conducted by statesponsored Russian cyber actors from 2011 to 2018 and targeted U.S. and international Energy Sector organizations. CISA, the FBI, and DOE responded to ...
- Countering threats from North Korea
March 24, 2022
On February 10, Threat Analysis Group discovered two distinct North Korean government-backed attacker groups exploiting a remote code execution vulnerability in Chrome, CVE-2022-0609. These groups’ activity has been publicly tracked as Operation Dream Job and Operation AppleJeus. We observed the campaigns targeting U.S. based organizations spanning news media, IT, cryptocurrency and fintech industries. However, other organizations ...
- TRITON Malware Remains Threat to Global Critical Infrastructure Industrial Control Systems (ICS)
March 24, 2022
The FBI is warning that the group responsible for the deployment of TRITON malware against a Middle East–based petrochemical plant’s safety instrumented system in 2017, the Russian Central Scientific Research Institute of Chemistry and Mechanics (TsNIIKhM), continues to conduct activity targeting the global energy sector. This warning follows the 24 March 2022 unsealing of a ...
- CRI-O Security Update for Kubernetes
March 18, 2022
CRI-O has released a security update addressing a critical vulnerability—CVE-2022-0811—in CRI-O 1.19. A local attacker could exploit this vulnerability to take control of an affected Kubernetes environment as well as other software or platforms that use CRI-O runtime containers. CISA encourages users and administrators to review the CRI-O Security Advisory and apply the necessary updates or ...

