CISA Issues Three Advisories for Industrial Control Systems
On May 16, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) released three advisories applicable to Industrial Control Systems (ICS). The Alerts cover vulnerabilities of Snap One OvrC Cloud, Rockwell ArmorStart,...
Ransomware Group Uses Communication System of University
Threat actors never cease to find innovative ways to extort their victims. If only threat actors would use their creativity for good causes. This week, Bluefield University communicated with its students...
The surveys speak: supply chain threats are freaking people out
A bunch of recent surveys of IT and security pros send a clear message: threats and risks from vulnerable software supply chains are real, and they’re starting to freak people out.
The...
FIN7/Carbon Spider Attacks Veeam Backup Servers
Researchers at WithSecure cybersecurity firm have seen two malware attacks against Veeam Backup and Replication servers believed to be initiated by cybercrime group FIN7, also known as Carbon Spider, which has...
FDD Suggests Space Systems be Designated as Critical Infrastructure
The Foundation for Defense of Democracies issued a Report late last week entitled Time to Designate Space Systems as Critical Infrastructure which cogently outlines the risks associated with space systems (which...
Clop Claims Zero-Day Attacks Against 130 Organizations
Russia-linked ransomware gang Clop has claimed that it has attacked over 130 organizations since late January, using a zero-day vulnerability in the GoAnywhere MFT secure file transfer tool, and was successful...
NYAG Issues Fine Against Law Firm for Data Breach
New York Attorney General Letitia James announced on March 27, 2023 that she had levied a fine against law firm Heidell, Pittoni, Murphy & Bach LLP for failing to secure personal...
FBI, CISA + MS-ISAC Warn of LockBit 3.0 Ransomware
The FBI, CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) recently released a joint cybersecurity advisory, warning organizations about indicators of compromise, and tactics, techniques, and procedures that have...
Understanding Managed Detection and Response – and what to look for in an MDR solution
Why your organization should consider an MDR solution and five key things to look for in a service offering The post Understanding Managed Detection and Response – and what to look for in an MDR solution appeared first on WeLiveSecurity
Threat Groups Using Translation Tools in Phishing Attacks
It used to be that one of the sure ways to identify a phishing email was to notice grammatical errors or broken English in the text of the communication. Thanks to...