Security News

Threat actors are targeting K-12 educational institutions in the United States to deploy ransomware, steal data, or disrupt distance learning services. In a joint alert this week, the Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency, and the Multi-State Information Sharing and Analysis Center warned of continuous attacks targeting K-12 educational institutions.

U.S. DHS Cybersecurity and Infrastructure Security Agency has warned admins to upgrade their vulnerable OpenSSL instances immediately. OpenSSL advisory states, one place where the GENERAL NAME cmp function is used is when OpenSSL validates a certificate's CRL distribution point field.

"Unfortunately, despite some of the conveniences and efficiencies that remote work can provide, it has greatly expanded the attack surface for all businesses, including think-tanks," Banda said. In late October, CISA warned that the North Korean APT group known as Kimsuky is actively attacking think-tanks, commercial-sector businesses and others, often by posing as South Korean reporters.

Threat actors are continuously targeting United States think tanks, the Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation warn. The adversaries, CISA and the FBI say in an advisory this week, attempt initial access through spear-phishing and third-party messaging services, targeting both corporate and personal accounts of intended victims.

"While the presence or absence of one individual or entity only has a limited effect on the overall risk posture of our nation, to be sure, without the kind of transformative leadership that Chris Krebs showed as the leader of a new agency in CISA and his effort to promote collective defense capabilities across the public and private sectors, we could go back to the historical siloed approach of defense limiting the progress we've made in recent years. Our adversaries are going to be punching from all angles and coming at us in an organized manner, so we also need to defend in the same way." "While unlikely that the firing of the CISA Director will inspire cyber attacks from abroad on critical infrastructure in the US because systems appear more vulnerable today than yesterday, industry partners, observers, and US citizens certainly will be skeptical of any statements made by CISA about the election or anything else between now and January 2021.".

Government officials and cybersecurity experts alike condemned President Trump's firing of Christopher Krebs by tweet Tuesday, as the director of the Cybersecurity and Infrastructure Security Agency became the latest victim of the president's housecleaning efforts after his failed bid at a second term. Krebs was appointed by Trump in 2018 as the first director of the Department of Homeland Security's CISA. However, he challenged the president by trying to debunk false claims Trump has made suggesting that the recent 2020 presidential election was rigged against him-the reason why Krebs was sacked, observers said.

Because of the CISA's support of a fair election process, the White House is expected to call for Krebs' resignation, according to a Reuters report, citing sources close to the CISA chief. Upon hearing the news, lawmakers and other observers took to Twitter and to praise the job Krebs has done as CISA director, nothing how he put aside partisanship to work for a common goal to protect U.S. cybersecurity infrastructure and the election process.

Two election committees of the U.S. Department of Homeland Security issued a joint statement on Thursday saying there was no evidence of voting systems being compromised, noting that the recent election "Was the most secure in American history." "Other security measures like pre-election testing, state certification of voting equipment, and the U.S. Election Assistance Commission's certification of voting equipment help to build additional confidence in the voting systems used in 2020.".

The Cybersecurity and Infrastructure Security Agency on Friday informed users about the availability of patches for two remote code execution vulnerabilities that affect Windows Codecs Library and Visual Studio Code. Residing in Visual Studio Code and tracked as CVE-2020-17023, the second vulnerability can be triggered when the user opens a malicious 'package.

The U.S. Cybersecurity and Infrastructure Security Agency warns of an increase in attacks targeting state and local governments with the Emotet Trojan. Active for over a decade, Emotet is a Trojan mainly used to drop additional malware onto compromised systems.