Security News

In this Help Net Security interview, Aaron Crow, Senior Director at MorganFranklin Consulting, discusses critical infrastructure cybersecurity strategies, barriers to threat information sharing, and innovative technologies enhancing resilience against cyberattacks. How do current cybersecurity strategies address the critical infrastructure sectors' unique needs and vulnerabilities?

The U.S. Treasury Department has sanctioned a Wuhan-based company used by the Chinese Ministry of State Security as cover in attacks against U.S. critical infrastructure organizations. The Office of Foreign Assets Control has also designated two Chinese nationals linked to the APT31 Chinese state-backed hacking group and who worked as contractors for the Wuhan Xiaoruizhi Science and Technology Company, Limited MSS front company for their involvement in the same attacks and "Endangering U.S. national security."

Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that could be potentially exploited...

The US government has recommended a series of steps that critical infrastructure operators should take to prevent distributed-denial-of-service attacks. The joint guide, entitled Understanding and Responding to Distributed Denial-Of-Service Attacks [PDF], distinguishes between denial-of-service and DDoS attacks.

As the undisputed leader in leaked secrets detection, GitGuardian has been meticulously identifying and reporting the prevalence of such secrets on public GitHub for years. Hardcoding secrets in source code repositories, Committing secrets to public code repositories, Exposing secrets in developer communication channels, Leaking secrets in container images or artifacts at build time.

Ivanti has disclosed details of a critical remote code execution flaw impacting Standalone Sentry, urging customers to apply the fixes immediately to stay protected against potential cyber...

Atlassian has released patches for more than two dozen security flaws, including a critical bug impacting Bamboo Data Center and Server that could be exploited without requiring user interaction....

Ivanti warned customers to immediately patch a critical severity Standalone Sentry vulnerability reported by NATO Cyber Security Centre researchers. Ivanti also fixed a second critical vulnerability in its Neurons for ITSM IT service management solution that enables remote threat actors with access to an account with low privileges to execute commands "In the context of web application's user."

The Feds and friends yesterday issued yet another warning about China's Volt Typhoon gang, this time urging critical infrastructure owners and operators to protect their facilities against destructive cyber attacks that may be brewing. The Tuesday alert - issued by the US Cybersecurity and Infrastructure Security Agency, the National Security Agency, FBI and eight other US and international partners - comes a little more than a month after the same groups from the same Five Eyes nations sounded the alarm on Volt Typhoon compromising "Multiple" critical infrastructure orgs' IT networks in America.

CISA, the NSA, the FBI, and several other agencies in the U.S. and worldwide warned critical infrastructure leaders to protect their systems against the Chinese Volt Typhoon hacking group. Together with the NSA, the FBI, other U.S. government agencies, and partner Five Eyes cybersecurity agencies, including cybersecurity agencies from Australia, Canada, the United Kingdom, and New Zealand, it also issued defense tips on detecting and defending against Volt Typhoon attacks.