Bank had no firewall license, intrusion or phishing protection – guess the rest

An Indian bank that did not have a valid firewall license, had not employed phishing protection, lacked an intrusion detection system and eschewed use of any intrusion prevention system has, shockingly, been compromised by criminals who made off with millions Read More …

How Does Cybersecurity Impact Environmental Services and Infrastructure?

Environmental sustainability has become a significant concern for businesses today. Yet, many are not seeing the connection between sustainability efforts and cybersecurity. Despite how different they may seem, these two topics are intertwined. If environmental services and infrastructure don’t embrace Read More …

An In-Depth Look at ICS Vulnerabilities Part 2

In part one, Trend Micro researchers discussed ICS-CERT advisories from 2010 to 2021. Using MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for ICS, determined the number of identified CVEs that affect the ICS environment. For this blog entry, Trend Read More …

SpringShell RCE vulnerability: Guidance for protecting against and detecting CVE-2022-22965

On March 31, 2022, vulnerabilities in the Spring Framework for Java were publicly disclosed. Microsoft is currently assessing the impact associated with these vulnerabilities. This blog is for customers looking for protection against exploitation and ways to detect vulnerable installations Read More …

Australia’s SkyGuardian drones shot down by spicy cybers

The Australian government has cancelled the SkyGuardian armed drone program for the Royal Australian Air Force. The funding is being redirected to the newly-announced REDSPICE cybersecurity and intelligence program. REDSPICE, the Resilience, Effects, Defence, Space, Intelligence, Cyber and Enablers program, Read More …

CISA Releases Security Advisories for Rockwell Automation Products

CISA has released two Industrial Controls Systems Advisories (ICSAs) detailing vulnerabilities in Rockwell Automation products. An attacker could exploit these vulnerabilities to inject code on affected system. CISA encourages users and administrators to review ICSA-22-090-05: Rockwell Automation Logix Controllers and Read More …

FBI: Ransomware Attacks Straining Local US Governments and Public Services

The FBI is informing Government Facilities Sector (GFS) partners of cyber actors conducting ransomware attacks on local government agencies that have resulted in disrupted operational services, risks to public safety, and financial losses. Ransomware attacks against local government entities and Read More …

FBI: Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector

This joint Cybersecurity Advisory (CSA)—coauthored by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Energy (DOE)—provides information on multiple intrusion campaigns conducted by statesponsored Russian cyber actors from 2011 to 2018 Read More …

Countering threats from North Korea

On February 10, Threat Analysis Group discovered two distinct North Korean government-backed attacker groups exploiting a remote code execution vulnerability in Chrome, CVE-2022-0609. These groups’ activity has been publicly tracked as Operation Dream Job and Operation AppleJeus. We observed the Read More …

TRITON Malware Remains Threat to Global Critical Infrastructure Industrial Control Systems (ICS)

The FBI is warning that the group responsible for the deployment of TRITON malware against a Middle East–based petrochemical plant’s safety instrumented system in 2017, the Russian Central Scientific Research Institute of Chemistry and Mechanics (TsNIIKhM), continues to conduct activity Read More …