Security News

The U.S. Department of Homeland Security, plus the Treasury and Commerce departments, have been hacked in an attack related to the FireEye compromise last week, according to reports. SolarWinds acknowledged the bug in an advisory over the weekend, saying that exploitation of the issue must be done in a "Narrow, extremely targeted, and manually executed attack," and was likely the work of a nation-state.

U.S. DHS Cybersecurity and Infrastructure Security Agency has warned admins to upgrade their vulnerable OpenSSL instances immediately. OpenSSL advisory states, one place where the GENERAL NAME cmp function is used is when OpenSSL validates a certificate's CRL distribution point field.

President Donald Trump on Tuesday fired the director of the federal agency that vouched for the reliability of the 2020 election. Trump fired Christopher Krebs in a tweet, saying his recent statement defending the security of the election was "Highly inaccurate."

President Trump has fired Chris Krebs, Director of the Cybersecurity and Infrastructure Security Agency, after Krebs disputed claims that the U.S. 2020 Presidential Election was insecure and fraudulent. Trump appointed Krebs as the first director of CISA after it was established on November 16, 2018, as part of the Cybersecurity and Infrastructure Security Agency Act of 2018.

Two election committees of the U.S. Department of Homeland Security issued a joint statement on Thursday saying there was no evidence of voting systems being compromised, noting that the recent election "Was the most secure in American history." "Other security measures like pre-election testing, state certification of voting equipment, and the U.S. Election Assistance Commission's certification of voting equipment help to build additional confidence in the voting systems used in 2020.".

Today, officials from the FBI and the U.S. Department of Homeland Security hastily assembled a conference call with healthcare industry executives warning about an "Imminent cybercrime threat to U.S. hospitals and healthcare providers." The agencies on the conference call, which included the U.S. Department of Health and Human Services, warned participants about "Credible information of an increased and imminent cybercrime threat to US hospitals and healthcare providers."

The US Federal Bureau of Investigation, Departments of Homeland Security, and Health and Human Services issued a joint alert Wednesday warning of an "Imminent" increase in ransomware and other cyberattacks against hospitals and healthcare providers. "Malicious cyber actors are targeting the Sector with TrickBot malware, often leading to ransomware attacks, data theft, and the disruption of healthcare services," the Cybersecurity and Infrastructure Security Agency said in its advisory.

The US Department of Homeland Security said that unknown threat actors have targeted the US Census network during the last year in its first-ever Homeland Threat Assessment report released earlier this week. The US Census Bureau is the largest US federal government statistical agency responsible for collecting statistical data about the US economy and population.

The U.S. Department of Defense's Cyber National Mission Force and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency last week published a malware analysis report for what they described as a new malware variant named SLOTHFULMEDIA. SLOTHFULMEDIA is described as a dropper that deploys two files when executed, including a RAT designed to allow hackers to control compromised devices, and a component that removes the dropper once the RAT achieves persistence on the targeted computer. The U.S. government's malware analysis report includes technical details about how the malware works, indicators of compromise and recommendations for securing systems against such threats.

With only hours until the deadline for the directive, issued on Friday, to be executed, what is at stake is a "Vulnerability [that] poses an unacceptable risk to the Federal Civilian Executive Branch and requires an immediate and emergency action," according to the Cybersecurity and Infrastructure Security Agency. Microsoft released a patch for the vulnerability as part of its August 11, 2020 Patch Tuesday security updates.