Malawi: Macra Warns Public to Be On High Alert Against Heightened Cyber Attacks in Comesa Region

Malawi Computer Response Team (mwCERT) of the Malawi Communications Regulatory Authority (MACRA) announces of recent cyber-attacks that have targeted several countries in the COMESA region, resulting in severe disruptions to critical information infrastructure, across various sectors. In a statement, MACRA Read More …

Kenya reports cyber attacks causing government system outages

Cyber attackers targeted a digital platform used by Kenya’s government to deliver services, the country’s technology minister said, highlighting the vulnerabilities of the system. The attack on the e-Citizen platform in recent days caused system outages that left users unable Read More …

Anomaly detection in certificate-based TGT requests

One of the most complex yet effective methods of gaining unauthorized access to corporate network resources is an attack using forged certificates. Attackers create such certificates to fool the Key Distribution Center (KDC) into granting access to the target company’s Read More …

California: City of Hayward says computer network restored 2 weeks after cyberattack discovered

Officials in the city of Hayward announced that the city’s internal computer network has been restored following a ransomware attack that took systems down earlier this month. In a statement Thursday, city officials said the network was brought back on Read More …

CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse

The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA) are releasing a joint Cybersecurity Advisory (CSA), Preventing Web Application Access Control Abuse, to warn vendors, designers, developers, Read More …

A Tale of Two Cities’ water attacks

There have been more than 130 control system cyber incidents in water/wastewater utilities. Like Oldsmar and Discovery Bay, most of these incidents have occurred in small water utilities. Many of these incidents were not publicly disclosed, nor were the utilities Read More …

Uncovering an Iranian mobile malware campaign

During a recent proactive hunt for malicious mobile malware, Sophos X-Ops researchers from SophosLabs discovered a group of four credential-harvesting apps targeting customers of several Iranian banks. Most of the apps are signed using the same – possibly stolen – Read More …

Understanding Machine Learning Attacks, Techniques, and Defenses

Machine learning (ML) is a subset of Artificial Intelligence (AI), which enables machines and software to automatically learn from historical data to generate accurate output without being programmed to do so. Many leading organizations today have incorporated machine learning into Read More …

TSA updates, renews cybersecurity requirements for pipeline owners, operators

The Transportation Security Administration (TSA) announced an update to its Security Directive regarding oil and natural gas pipeline cybersecurity. This revised directive will continue the effort to reinforce cybersecurity preparedness and resilience for the nation’s critical pipelines. Developed with input Read More …

CardioComm, a provider of ECG monitoring devices, confirms cyberattack downed its services

CardioComm Solutions, a Canadian provider of consumer and professional-grade heart monitoring technologies, has been downed by an ongoing cybersecurity incident. The Toronto-based organization said on Tuesday that its business operations will be “impacted for several days and potentially longer” following Read More …