Cyber entities continue to show a persistent interest in targeting critical infrastructure by taking advantage of vulnerable OT assets. To counter this threat, NSA has released a repository for OT Intrusion Detection Signatures and Analytics to the NSA Cyber GitHub. The capability, known as ELITEWOLF, can enable defenders of critical infrastructure, defense industrial base, and […]
The AvosLocker ransomware gang has been linked to attacks against critical infrastructure sectors in the U.S., with some of them detected as recently as May 2023. That’s according to a new joint cybersecurity advisory released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) detailing the ransomware-as-a-service (RaaS) […]
Internet infrastructure providers Google Cloud, Cloudflare and Amazon Web Services have reported the largest ever distributed-denial-of-service (DDoS) attacks. The DDoS attacks were reported on October 10, with the cloud service providers noting that the attacks were part of a mass exploit of a zero-day vulnerability. The DDoS attacks themselves started during August and are still […]
Protecting critical infrastructure is not optional, it is a must. Energy grids, financial systems, healthcare facilities among other critical infrastructures are the backbone of modern society. Any disruption to operations, whether accidental via misconfigurations or as a result of a targeted cyber attack, can send ripples across nations. This article shines a spotlight on the […]
Oct 11, 2023NewsroomVulnerability / Exploit The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity flaw in Adobe Acrobat Reader to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-21608 (CVSS score: 7.8), the vulnerability has been described as a use-after-free bug that can be exploited to […]
Despite concerted efforts by the FBI in August to dismantle the infrastructure supporting the Qakbot malware, the threat actors behind it appear undeterred. Recent evidence indicates an active distribution of Ransom Knight ransomware and the Remcos backdoor via phishing emails, starting from early August. Diving into details Cisco Talos has tracked and shared details about […]
Dive Brief: The Cybersecurity and Infrastructure Security Agency is sharply focused on threat activity tied to the People’s Republic of China as that country has become the top nation-state cyber adversary to the U.S. China is actively targeting more critical infrastructure, CISA Director Jen Easterly said Wednesday at the Secureworks Threat Intelligence Summit. China-linked threat […]
Oct 05, 2023NewsroomRansomware / Malware Despite the disruption to its infrastructure, the threat actors behind the QakBot malware have been linked to an ongoing phishing campaign since early August 2023 that led to the delivery of Ransom Knight (aka Cyclops) ransomware and Remcos RAT. This indicates that “the law enforcement operation may not have impacted […]
Oct 05, 2023NewsroomVulnerability / Cyber Attack The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation, while removing five bugs from the list due to lack of adequate evidence. The vulnerabilities newly added are below – CVE-2023-42793 (CVSS score: 9.8) […]