A web server hosting the domain for a local government in the United States was recently breached by advanced hackers taking advantage of old vulnerabilities in firewalls sold by Fortinet, according to an FBI Flash Alert issued. After gaining access to the local government organization's server, the advanced persistent threat (APT) actors moved laterally through the network and created new domain controller, server, and workstation user accounts mimicking already existing ones.

The Department of Homeland Security (DHS) will issue a directive later this week requiring all pipeline companies to report cybersecurity incidents to federal authorities. The directive comes two weeks after Colonial Pipeline, which operates the biggest gasoline conduit to the East Coast, was forced to shut down its 5,500-mile pipeline after a devastating ransomware attack.

Recent national events, such as the health crisis and geopolitical tensions, have caused budget reductions across the public safety community. To help state, local, tribal, and territorial government agencies maintain or adjust their budgets in a time of constrained funding, SAFECOM and the National Council of Statewide Interoperability Coordinators (NCSWIC) developed Contingency Considerations When Facing Reductions in Emergency Communications Budgets fact sheet to provide a series of contingency considerations to justify investment in four mission-critical resource categories: personnel, operating costs, equipment, and software.

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), Indianapolis Motor Speedway, state and local first responders, law enforcement officials, and local businesses held a tabletop exercise to test response plans around hypothetical public safety incidents on the day of the Indianapolis 500, scheduled for Sunday, May 30.  Representatives from multiple government agencies and the community discussed their roles, shared best practices, and improved coordination mechanisms to help keep the public safe.  The exercise is part of an ongoing public safety efforts surrounding the Indianapolis 500 and was not in response to any specific threat.

In recognition of National Supply Chain Integrity Month, the Cybersecurity and Infrastructure Security Agency (CISA) is partnering with the Office of the Director of National Intelligence (ODNI), the Department of Defense, and other government and industry partners to promote a call to action for a unified effort by organizations across the country to strengthen global supply chains.

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), NASCAR, the Talladega Superspeedway, state and local first responders, law enforcement officials, and local businesses recently held a tabletop exercise to test response plans around hypothetical public safety incidents on the day of the GEICO 500. 

CISA has issued supplemental direction to Emergency Directive (ED) 21-02: Mitigate Microsoft Exchange On-Premises Product Vulnerabilities providing additional forensic triage and server hardening, requirements for federal agencies. Specifically, this update directs federal departments and agencies to run newly developed tools —Microsoft’s Test-ProxyLogon.ps1 script and Safety Scanner MSER—to investigate whether their Microsoft Exchange Servers have been compromised.  

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a Joint Cybersecurity Advisory (CSA) to address recently disclosed vulnerabilities in Microsoft Exchange Server. The CSA is meant to highlight the cyber threat associated with active exploitation of vulnerabilities in Microsoft Exchange on-premises products. 

The Cybersecurity and Infrastructure Security Agency (CISA) has awarded the University of Texas at San Antonio Center for Infrastructure Assurance and Security (CIAS) a $1.2 million grant to conduct a pilot program to help state, local, tribal and territorial governments identify high value assets (HVA) to prioritize resources and planning.

The National Security Agency and Cybersecurity and Infrastructure Security Agency (CISA) released a cybersecurity information sheet, “Selecting a Protective DNS Service." This publication details the benefits of using a Protective Domain Name System (PDNS), which criteria to consider when selecting a PDNS provider, and how to effectively implement PDNS.