Critical Vulnerabilities Affecting SAP Applications Employing Internet Communication Manager (ICM)

On February 8, 2022, SAP released security updates to address vulnerabilities affecting multiple products, including critical vulnerabilities affecting SAP applications using SAP Internet Communication Manager (ICM). SAP applications help organizations manage critical business processes—such as enterprise resource planning, product lifecycle Read More …

FBI: Criminals Increasing SIM Swap Schemes to Steal Millions of Dollars from US Public

The Federal Bureau of Investigation is issuing this announcement to inform mobile carriers and the public of the increasing use of Subscriber Identity Module (SIM) swapping by criminals to steal money from fiat and virtual currency accounts. From January 2018 Read More …

What Does an Internal Attack Resulting in a Data Breach Look Like in Today’s Threat Landscape?

A common scenario is one in which an attacker gains access to an internal network via a compromised workstation that has been infected with malware, invariably via a social engineering email attack. No enterprise is immune to this type of Read More …

DHS Launches First-Ever Cyber Safety Review Board

WASHINGTON – Today, the U.S. Department of Homeland Security (DHS) announced the establishment of the Cyber Safety Review Board (CSRB), as directed in President Biden’s Executive Order 14028 on Improving the Nation’s Cybersecurity. The CSRB is an unprecedented public-private initiative Read More …

Telehealth: A New Frontier in Medicine and Security

Telehealth today doesn’t just involve chatting with a doctor via a video-conferencing application. It’s become an entire collection of rapidly developing technologies and products that includes specialized applications, wearable devices, implantable sensors, and cloud databases, many of which have only Read More …

Potential for Malicious Cyber Activities to Disrupt the 2022 Beijing Winter Olympics and Paralympics

The FBI is warning entities associated with the February 2022 Beijing Winter Olympics and March 2022 Paralympics that cyber actors could use a broad range of cyber activities to disrupt these events. These activities include distributed denial of service (DDoS) Read More …

U.S. unveils plan to improve cyber defenses for water utilities

The White House on Thursday unveiled a plan to beef up cybersecurity in the nation’s water sector, an extension of its efforts to thwart attacks against critical infrastructure including electricity and natural gas pipeline operators. Senior administration officials said water Read More …

Defending the Supply Chain: Why the DDS Protocol is Critical in Industrial and Software Systems

Given this technology’s ubiquity, Trend Micro researchers decided to investigate further and discovered multiple security vulnerabilities, resulting in 13 new CVE IDs for the six most common DDS implementations. This includes one vulnerability in the standard specifications and other deployment Read More …

Context and Recommendations to Protect Against Malicious Activity by Iranian Cyber Group Emennet Pasargad

This Private Industry Notice provides a historical overview of Iran-based cyber company Emennet Pasargad’s tactics, techniques, and procedures (TTPs) to enable recipients to identify and defend against the group’s malicious cyber activities. On 20 October 2021, a grand jury in Read More …