State-backed advanced persistent threat (APT) groups are likely among those exploiting a critical flaw in a Zoho single sign-on and password management solution since early August 2021
CISA and FBI urge organizations to remain vigilant to ransomware threats on holidays, including this Labor Day
September 1, 2021
The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency have observed an increase in highly impactful ransomware attacks occurring on holidays and weekends—when offices are customarily closed—in the United States, as recently as the Fourth of July holiday in 2021.
Organizations should ready a comprehensive ransomware preparedness strategy ahead of time that is adapted depending upon the severity of an attack. Here are four steps leadership should follow in developing a ransomware response strategy.
The Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the National Association of Secretaries of State (NASS) and the National Association of State Election Directors (NASED), hosted the nation’s annual election security exercise last week, bringing together federal, state, local, and private sector partners for the fourth annual Tabletop the Vote. More than 1,000 participants ran through hypothetical scenarios affecting election operations to share practices around cyber and physical incident planning, preparedness, identification, response, and recovery.
CISA has published a new Malware Analysis Report (MAR) on DarkSide Ransomware and updated Alert AA21-131A: DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks, originally released May 11, 2021.
Secretary of Homeland Security Alejandro N. Mayorkas announced the Department’s largest cybersecurity hiring initiative in its history with the onboarding of nearly 300 cybersecurity professionals and the extension of an additional 500 tentative job offers.
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Justice’s Federal Bureau of Investigation (FBI) announced a new pilot program called “Operation Flashpoint” to build awareness in communities across the U.S. about how to prevent bomb attacks.
The Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) says the 2020 SolarWinds supply chain cybersecurity compromise could have been prevented with a decade-old security recommendation.
A web server hosting the domain for a local government in the United States was recently breached by advanced hackers taking advantage of old vulnerabilities in firewalls sold by Fortinet, according to an FBI Flash Alert issued. After gaining access to the local government organization's server, the advanced persistent threat (APT) actors moved laterally through the network and created new domain controller, server, and workstation user accounts mimicking already existing ones.
