Security News

NSA and CISA Alert Highlights Urgency for OT Security
2020-08-18 12:13

The indiscriminate use of destructive exploits in NotPetya networks and halted operations) revealed to security professionals just how poor the cyber risk posture of their OT networks is and prompted swift actions in many of the largest companies. For years now, the government has been warning openly and clearly that: "Since at least March 2016, Russian government cyber actors-hereafter referred to as 'threat actors'-targeted government entities and multiple U.S. critical infrastructure sectors, including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors." A new alert, issued by the U.S. National Security Agency and Cybersecurity and Infrastructure Security Agency, couldn't be more clear: "We are in a state of heightened tensions and additional risk and exposure."

FBI, NSA Share Details on New 'Drovorub' Linux Malware Used by Russia
2020-08-14 10:05

The United States on Thursday published information on Drovorub, a previously undisclosed piece of malware that Russia-linked cyber-spies are using in attacks targeting Linux systems. Drovorub, a joint advisory from the NSA and the FBI reveals, is being employed by the Russian General Staff Main Intelligence Directorate 85th Main Special Service Center military unit 26165, which is better known as the cyber-espionage group APT 28.

This NSA, FBI security advisory has four words you never want to see together: Fancy Bear Linux rootkit
2020-08-13 23:48

The NSA and FBI are sounding the alarm over a dangerous new strain of Linux malware being employed by Russian government hackers often dubbed the Fancy Bear crew. Uncle Sam explicitly said on Thursday the miscreants - formally known as the 85th Main Special Service Center - operate within the Russian intelligence directorate, aka the GRU. The software nasty in question is Drovorub, a rootkit designed to infect Linux systems, take control of them, and siphon off files.

NSA, FBI Warn of Linux Malware Used in Espionage Attacks
2020-08-13 22:03

According to a Thursday advisory by the National Security Agency and the Federal Bureau of Investigation, the malware especially represents a threat to national security systems such as the Department of Defense and Defense Industrial Base customers that use Linux systems. "Drovorub is a Linux malware toolset consisting of an implant coupled with a kernel module rootkit, a file transfer and port forwarding tool, and a Command and Control server," according to a 45-page deep-dive analysis of the malware published Thursday [PDF] by the FBI and NSA. "When deployed on a victim machine, the Drovorub implant provides the capability for direct communications with actor controlled C2 infrastructure; file download and upload capabilities; execution of arbitrary commands as 'root'; and port forwarding of network traffic to other hosts on the network."

The NSA on the Risks of Exposing Location Data
2020-08-06 17:15

Thus how do you get meetings when you need them, well using "Lunchtime" as an excuse to go into "Meeting mode" is acceptable to most, but a trend in more recent times has been to put a meeting with yourself in your calander etc so you can get undisturbed time for concentration etc. Always make a note of your purchases in your diary often but not always putting the recipts in as well till the end of the week etc when you more formally write up expenditure as personal finances / expenses then sling most but not all personal recipts "In a shoe box".

NSA Warns Smartphones Leak Location Data
2020-08-05 15:43

The NSA released the advisory this week informing people of the various ways mobile phones, by design, give up location information-which go beyond the well-known Location Services feature that people use on a regular basis. Most people are aware that location services on devices can pinpoint where they are so people can have access to services in the area, as well as share their location with friends via mobile apps such as WhatsApp, among other useful activities.

NSA warns that mobile device location services constantly compromise snoops and soldiers
2020-08-05 07:29

The United States National Security Agency has issued new advice on securing mobile devices that says location services create a security risk for staff who work in defence or national security. The new guide [PDF], titled "Limiting Location Data Exposure", notes that smartphones, tablets and fitness trackers "Store and share device geolocation data by design."

NSA Urgently Warns on Industrial Cyberattacks, Triconex Critical Bug
2020-07-24 16:32

The U.S. National Security Agency and the Cybersecurity and Infrastructure Security Agency have issued an alert warning that adversaries could be targeting critical infrastructure across the U.S. Separately, ICS-CERT issued an advisory on a critical security bug in the Schneider Electric Triconex TriStation and Tricon Communication Module. Corresponding with the NSA/CISA alert is an ICS-CERT advisory about a handful of bugs, one critical and ranking 10 out of 10 on the CvSS vulnerability-severity scale, in Triconex SIS equipment from Schneider.

NSA, CISA Urge Critical Infrastructure Operators to Secure OT Assets
2020-07-24 14:04

The U.S. National Security Agency and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency have issued a joint alert urging critical infrastructure operators to take immediate measures to reduce the exposure of operational technology systems to cyberattacks. The NSA and CISA say it's imperative that critical infrastructure asset owners and operators secure industrial control systems and other OT systems due to the high risk of cyberattacks launched by foreign threat actors.

NSA on Securing VPNs
2020-07-15 14:29

The NSA's Cybersecurity Directorate - that's the part that's supposed to work on defense - has released two documents on securing virtual private networks. Some of it is basic, but it contains good information.