Security News

"Given recent intelligence indicating that the Russian government is exploring options for potential cyberattacks against U.S. critical infrastructure, CISA along with our interagency and international partners are putting out this advisory to highlight the demonstrated threat and capability of Russian state-sponsored and Russian aligned cybercrime groups," added CISA Director Jen Easterly. The Five Eyes cybersecurity agencies recommends measures critical infrastructure orgs should take to harden their defenses and protect their information technology and operational technology networks against Russian state-sponsored and criminal cyber threats, including ransomware, destructive malware, DDoS attacks, and cyber espionage.

On overwhelming number of security teams believe their email security systems to be ineffective against the most serious inbound threats, including ransomware. "Security team managers are most concerned that current email security solutions do not block serious inbound threats, which requires time for response and remediation by the security team before dangerous threats are triggered by users," according to the report, released Wednesday.

In his blog post for Government Technology, he pointed out the significant rise of criminal copycats that deliver malware through software updates, the increase in mobile malware attacks, the packaging of malware with other threats that target specific organizations, and the weaponization of malicious software. Malware weaponization is particularly alarming in light of the geopolitical conflict the world is facing right now.

Hackers have created custom tools to control a range of industrial control system and supervisory control and data acquisition devices, marking the latest threat to a range of critical infrastructure in the United States, according to several government agencies. The tools enable threat groups to scan for, compromise, and eventually control affected device after gaining initial access to an organization's operational technology networks.

Splunk and Enterprise Strategy Group have released a research report examining the security issues facing modern enterprises. More than 1,200 security leaders participated in the survey and revealed that they've seen an increase in cyberattacks at the same time as their teams face widening talent gaps.

More than 1,200 security leaders participated in the survey, revealing they've seen an increase in cyberattacks while their teams are facing widening talent gaps. 64% of security professionals have stated that it's challenging to keep up with new security requirements, up from 49% a year ago.

Last December's Log4j crisis brought the danger of zero day vulnerabilities to the front pages. There is no way of knowing how many other open-source apps have zero day vulns, not to mention enterprise apps and APIs.

In this video for Help Net Security, Chris Westphal, Cybersecurity Evangelist at Ordr, talks about an alert that came out recently from CISA and the Department of Energy, about potential threats to uninterruptible power supply devices that are connected to the internet. UPS devices are used to provide emergency power, they're usually connected to critical infrastructure.

The CIS Controls are a set of 18 prioritized actions and 153 defensive measures known as Safeguards. The CIS Community Defense Model v2.0 was created to help answer that and other questions about the value of the Controls based on threat data from leading industry reports.

Imperva has published data showing that organizations are failing to address the issue of?insider threats?during a time when the risk is at its greatest. New research, conducted by Forrester, found that 59% of incidents in EMEA organizations that negatively impacted sensitive data in the last 12 months were caused by insider threats, yet 59% do not prioritize insider threats the way they prioritize external threats.