Security News

DHS Among Those Hit in Sophisticated Cyberattack by Foreign Adversaries – Report
2020-12-14 19:08

The U.S. Department of Homeland Security, plus the Treasury and Commerce departments, have been hacked in an attack related to the FireEye compromise last week, according to reports. SolarWinds acknowledged the bug in an advisory over the weekend, saying that exploitation of the issue must be done in a "Narrow, extremely targeted, and manually executed attack," and was likely the work of a nation-state.

DHS-CISA urges admins to patch OpenSSL DoS vulnerability
2020-12-09 12:25

U.S. DHS Cybersecurity and Infrastructure Security Agency has warned admins to upgrade their vulnerable OpenSSL instances immediately. OpenSSL advisory states, one place where the GENERAL NAME cmp function is used is when OpenSSL validates a certificate's CRL distribution point field.

Trump Fires Head of DHS Election Security Agency
2020-11-18 00:44

President Donald Trump on Tuesday fired the director of the federal agency that vouched for the reliability of the 2020 election. Trump fired Christopher Krebs in a tweet, saying his recent statement defending the security of the election was "Highly inaccurate."

Trump fires DHS cybersecurity director Chris Krebs
2020-11-17 22:51

President Trump has fired Chris Krebs, Director of the Cybersecurity and Infrastructure Security Agency, after Krebs disputed claims that the U.S. 2020 Presidential Election was insecure and fraudulent. Trump appointed Krebs as the first director of CISA after it was established on November 16, 2018, as part of the Cybersecurity and Infrastructure Security Agency Act of 2018.

DHS Says Voting Systems Not Compromised, Amid Departures at CISA
2020-11-13 12:06

Two election committees of the U.S. Department of Homeland Security issued a joint statement on Thursday saying there was no evidence of voting systems being compromised, noting that the recent election "Was the most secure in American history." "Other security measures like pre-election testing, state certification of voting equipment, and the U.S. Election Assistance Commission's certification of voting equipment help to build additional confidence in the voting systems used in 2020.".

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals
2020-10-29 00:43

Today, officials from the FBI and the U.S. Department of Homeland Security hastily assembled a conference call with healthcare industry executives warning about an "Imminent cybercrime threat to U.S. hospitals and healthcare providers." The agencies on the conference call, which included the U.S. Department of Health and Human Services, warned participants about "Credible information of an increased and imminent cybercrime threat to US hospitals and healthcare providers."

FBI, DHS Warn Of Possible Major Ransomware Attacks On Healthcare Systems
2020-10-28 22:59

The US Federal Bureau of Investigation, Departments of Homeland Security, and Health and Human Services issued a joint alert Wednesday warning of an "Imminent" increase in ransomware and other cyberattacks against hospitals and healthcare providers. "Malicious cyber actors are targeting the Sector with TrickBot malware, often leading to ransomware attacks, data theft, and the disruption of healthcare services," the Cybersecurity and Infrastructure Security Agency said in its advisory.

DHS: Unknown hackers targeted the US Census Bureau network
2020-10-09 12:31

The US Department of Homeland Security said that unknown threat actors have targeted the US Census network during the last year in its first-ever Homeland Threat Assessment report released earlier this week. The US Census Bureau is the largest US federal government statistical agency responsible for collecting statistical data about the US economy and population.

DoD, DHS Warn of Attacks Involving SLOTHFULMEDIA Malware
2020-10-05 08:44

The U.S. Department of Defense's Cyber National Mission Force and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency last week published a malware analysis report for what they described as a new malware variant named SLOTHFULMEDIA. SLOTHFULMEDIA is described as a dropper that deploys two files when executed, including a RAT designed to allow hackers to control compromised devices, and a component that removes the dropper once the RAT achieves persistence on the targeted computer. The U.S. government's malware analysis report includes technical details about how the malware works, indicators of compromise and recommendations for securing systems against such threats.

DHS Issues Dire Patch Warning for ‘Zerologon’
2020-09-21 19:29

With only hours until the deadline for the directive, issued on Friday, to be executed, what is at stake is a "Vulnerability [that] poses an unacceptable risk to the Federal Civilian Executive Branch and requires an immediate and emergency action," according to the Cybersecurity and Infrastructure Security Agency. Microsoft released a patch for the vulnerability as part of its August 11, 2020 Patch Tuesday security updates.