CISA

CISA releases free tool for detecting malicious activity in Microsoft cloud environments

March 24, 2023

Network defenders searching for malicious activity in their Microsoft Azure, Azure Active Directory (AAD), and Microsoft 365 (M365) cloud environments have a new free solution …

CISA warns CI operators about vulnerabilities on their networks exploited by ransomware gangs

March 14, 2023

Organizations in critical infrastructure sectors whose information systems contain security vulnerabilities associated with ransomware attacks are being notified by the US …

CISA launches Decider to make MITRE ATT&CK more accessible for network defenders

March 3, 2023

The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the Homeland Security Systems Engineering and Development Institute (HSSEDI), has released …

Steps CISA should take in 2023

February 14, 2023

Recently, I was asked to imagine that I had been granted an hour with top officials at the Cybersecurity and Infrastructure Security Agency (CISA) – what advice would I …

North Korea targets US, South Korean hospitals with ransomware to fund further cyber operations

February 10, 2023

US and South Korean agencies have issued a joint cybersecurity advisory describing the tactics, techniques and procedures used by North Korean hackers to deploy …

CISA releases ESXiArgs ransomware recovery script

February 8, 2023

According to the latest data, the number of ESXiArgs ransomware victims has surpassed 3,800, and CISA has published a recovery script for victim organizations. Fixing the mess …

While governments pass privacy laws, companies struggle to change

February 6, 2023

Government agencies keep making new privacy rules while end users fall victim to malpractice and scams. Bill Tolson, VP of Compliance and eDiscovery at Archive360, has spent …

ICS vulnerabilities: Insights from advisories, how CVEs are reported

January 30, 2023

SynSaber recently released its second Industrial Control Systems (ICS) Vulnerabilities & CVEs Report. In this Help Net Security video, Ronnie Fabela, CTO at SynSaber, …

Attackers use portable executables of remote management software to great effect

January 26, 2023

Tricking users at targeted organizations into installing legitimate remote monitoring and management (RMM) software has become a familiar pattern employed by financially …

Extent of reported CVEs overwhelms critical infrastructure asset owners

January 23, 2023

The sheer volume of reported ICS vulnerabilities and CVEs may cause critical infrastructure asset owners to feel overwhelmed, or need help knowing where to begin, according to …

Google Chrome zero-day exploited in the wild (CVE-2022-4262)

December 6, 2022

Google has patched CVE-2022-4262, a type confusion vulnerability in the V8 JavaScript engine used by Google Chrome (and Chromium), which is being exploited by attackers in the …

Pre-auth RCE in Oracle Fusion Middleware exploited in the wild (CVE-2021-35587)

November 29, 2022

A pre-authentication RCE flaw (CVE-2021-35587) in Oracle Access Manager (OAM) that has been fixed in January 2022 is being exploited by attackers in the wild, the …