Researchers from the Counter Threat Unit (CTU) at Secureworks have discovered a possible link to China while examining how SolarWinds servers were used to deploy malware. According to Secureworks' new report, the authentication bypass vulnerability in SolarWinds Orion API, tracked as CVE-2020-10148, that can lead to remote execution of API commands, has been actively exploited by Spiral. When vulnerable servers are detected and exploited, a script capable of writing the SUPERNOVA web shell to disk is deployed using a PowerShell command.
The National Basketball Association (NBA) announced that Leon Newsome, the Deputy Director of the U.S. Secret Service, has been named Senior Vice President, Chief Security Officer. Newsome will oversee all aspects of security operations for the NBA, WNBA, NBA G League, NBA 2K League and soon-to-launch Basketball Africa League as well as the NBA’s 15 offices worldwide. He will join the NBA on March 15 and report to President, Administration Bob Criqui.
In order to combat cybersecurity threats, the Biden administration and state governors across the country should immediately work to foster deeper relationships with the private sector. Tech and government certainly don’t always get along, but the threats we face now require a national effort that would rival the Space Race of the 1960s. This can be done through state and federal governments offering financial incentives to businesses that prioritize the development and integration of cybersecurity measures, amplified communication from the government concerning the importance of cybersecurity, as well as the potential bolstering of compliance standards to minimize threats and the negative impact of breaches.
The National Security Agency (NSA) published a cybersecurity guidance, “Embracing a Zero Trust Security Model.” This guidance shows how deploying Zero Trust security principles can better position cybersecurity professionals to secure enterprise networks and sensitive data.
In the spring of 2020, the second New York Cyber Task Force (NYCTF) was formed under the direction of its Executive Director Greg Rattray, gathering key high-profile members and leading experts to analyze the degree to which the U.S. was ready for future cyber challenges, including political, economic, and technological developments; changing cyber conflict dynamics; and the COVID-19 pandemic. Now, the NYCTF released its new report, “Enhancing Readiness for National Cyber Defense through Operational Collaboration” with Columbia University’s School of International and Public Affairs (SIPA), revealing U.S. cyber response readiness against national security challenges in cyberspace.
Director of National Intelligence Avril Haines yesterday took the oath of office to serve as the seventh DNI in the U.S.'s history. Haines is the first woman to lead the U.S. Intelligence Community, and will oversee the nation's 18 intelligence agencies
The National Security Agency (NSA) has released an information sheet with guidance on adopting encrypted Domain Name System (DNS) over Hypertext Transfer Protocol over Transport Layer Security (HTTPS), referred to as DNS over HTTPS (DoH). When configured appropriately, strong enterprise DNS controls can help prevent many initial access, command and control, and exfiltration techniques used by threat actors.
The National Security Agency released a cybersecurity product detailing how to detect and fix out-of-date encryption protocol implementations. Networks and systems that use deprecated forms of Transport Layer Security (TLS) or Secure Sockets Layer (SSL) for traffic sessions are at risk of sensitive data exposure and decryption.
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have observed persistent continued cyber intrusions by advanced persistent threat (APT) actors targeting U.S. think tanks. This malicious activity is often, but not exclusively, directed at individuals and organizations that focus on international affairs or national security policy. The following guidance may assist U.S. think tanks in developing network defense procedures to prevent or rapidly detect these attacks.