Our news
-
Update to CISA-FBI Joint Cybersecurity Advisory on DarkSide Ransomware
Original release date: May 19, 2021 CISA and the Federal Bureau of Investigation (FBI) have updated Joint Cybersecurity Advisory AA21-131A: DarkSide Ransomware: Best Practices for Preventing Disruption from Ransomware Attacks, originally released May 11, 2021. This update provides a downloadable STIX file of indicators of compromise (IOCs) to help network defenders find and mitigate activity…
-
Can Nanotech Secure IoT Devices From the Inside-Out?
Work’s being done with uber-lightweight nanoagents on every IoT device to stop malicious behavior, such as a scourge of botnet attacks, among other threats.
-
Keksec Cybergang Debuts Simps Botnet for Gaming DDoS
The newly discovered malware infects IoT devices in tandem with the prolific Gafgyt botnet, using known security vulnerabilities.
-
Windows PoC Exploit Released for Wormable RCE
The exploit pries open CVE-2021-31166, a bug with a CVSS score of 9.8 that was the baddest of the bad in Microsoft’s Patch Tuesday release last week.
-
Microsoft, Adobe Exploits Top List of Crooks’ Wish List
You can’t possibly patch all CVEs, so focus on the exploits crooks are willing to pay for, as tracked in a study of the underground exploit market.
-
Magecart Goes Server-Side in Latest Tactics Changeup
The latest Magecart iteration is finding success with a new PHP web shell skimmer.
-
Vulnerability Summary for the Week of May 10, 2021
Original release date: May 17, 2021 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available. High Vulnerabilities Primary Vendor…
-
CISOs Struggle to Cope with Mounting Job Stress
Pandemic and evolving IT demands are having a major, negative impact on CISO’s mental health, a survey found.
-
Implications for new Cyber Security Executive Order
In the wake of the Colonial pipeline breach, there are big changes coming to our industry. As many of you many know, this week the White House released a comprehensive Executive Order (EO) that charts a new path forward with regard to standardization of cyber security best practices across government and private industry in the…
-
Verizon: Pandemic Ushers in ⅓ More Cyber-Misery
The DBRI – Verizon’s 2021 data breach report – shows spikes in sophisticated phishing, financially motivated cyberattacks and a criminal focus on web-application servers.