CISA Issues Emergency Directive Requiring Federal Agencies To Mitigate Windows Print Spooler Service Vulnerability

WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive (ED) 21-04 today to mitigate a Microsoft Windows print spooler service vulnerability CVE-2021-34527 being actively exploited. Federal civilian agencies are required to immediately disable the print spooler service Read More …

White House urges mayors to review local govts’ cybersecurity posture

July 7 Following recent ransomware attacks, Deputy National Security Advisor Anne Neuberger asked US mayors to immediately hold a meeting with state agencies’ chiefs to evaluate their cybersecurity posture. Local governments have been under a constant barrage of ransomware attacks Read More …

NSA, Partners Release Cybersecurity Advisory on Brute Force Global Cyber Campaign

FORT MEADE, Md. – The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and the UK’s National Cyber Security Centre (NCSC) released a Cybersecurity Advisory today exposing malicious cyber activities by Russian military Read More …

Biden gave Putin list of 16 critical infrastructure entities ‘off limits’ to cyberattacks

President Biden told reporters Wednesday he gave President Vladimir Putin a list of 16 critical infrastructure entities that are “off limits” to a Russian cyberattack. Those entities include energy, water, health care, emergency, chemical, nuclear, communications, government, defense, food, commercial Read More …

New SkinnyBoy malware used by Russian hackers to breach sensitive orgs

Security researchers have discovered a new piece of malware called SkinnyBoy that was used in spear-phishing campaigns attributed to Russian-speaking hacking group APT28. The threat actor, also known as Fancy Bear, Sednit, Sofacy, Strontium, or PwnStorm, used SkinnyBoy in attacks Read More …

Australian Cyber Security Centre using classified capabilities to warn local entities of impending ransomware hit

While the Australian Cyber Security Centre (ACSC) is engaged in helping a local organisation remove and recover from a ransomware hit or cyber attack, its overseer, the Australian Signals Directorate (ASD) is able to use its more secretive powers to Read More …

Russian gang behind SolarWinds hack returns with phishing attack disguised as mail from US aid agency

Nobelium, the Russia-aligned gang identified as the perpetrators of the supply chain attack on SolarWinds’ Orion software, has struck again, Microsoft vice president Tom Burt in a blogpost Thursday. Burt’s post says the attacks saw Nobelium gain access to accounts Read More …

Re-Checking Your Pulse: Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices

Mandiant published detailed results of our investigations into compromised Pulse Secure devices by suspected Chinese espionage operators. This blog post is intended to provide an update on our findings, give additional recommendations to network defenders, and discuss potential implications for Read More …

Various Japanese government entities had data stolen in cyber attack: Report

Data from various Japanese government entities has reportedly been stolen by hackers that gained access to Fujitsu’s ProjectWEB platform. Fujitsu’s software-as-a-service platform has since been taken down and the Japanese tech giant is currently investigating the scope of the attacks, Read More …

How Myanmar’s military moved in on the telecoms sector to spy on citizens

In the months before the Myanmar military’s Feb. 1 coup, the country’s telecom and internet service providers were ordered to install intercept spyware that would allow the army to eavesdrop on the communications of citizens, sources with direct knowledge of Read More …