New capacity building tool to combat ransomware

Building capacity across the world is an essential aspect in the war on ransomware The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the U.S. Department of State and the Spanish Ministry of the Interior, announced a joint project last week to develop a capacity-building tool to help countries…

Read More

Securing 5G open RAN architecture

Security considerations always emerge in new open system The Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA), through the Enduring Security Framework (ESF), have published a paper titled, Open Radio Access Network Security Considerations which assesses the benefits and security considerations with implementing Open RAN architecture. The ESF’s Open…

Read More

Preparing critical infrastructure for post-quantum cryptography

Quantum risk to digital communications by CISA Quantum Risk to Digital Communications Nation-states and private companies are actively pursuing the capabilities of quantum computers. Quantum computing opens exciting new possibilities; however, the consequences of this new technology include threats to the current cryptographic standards. These standards ensure data confidentiality and…

Read More

US and Ukraine expand cooperation of cybersecurity

An agreement was signed to deepen cybersecurity operational collaboration The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Ukrainian State Service of Special Communications and Information Protection of Ukraine (SSSCIP) signed a Memorandum of Cooperation (MOC) this week to strengthen collaboration on shared cybersecurity priorities. The MOC expands upon…

Read More

CISA, FBI and Treasury release advisory on North Korea

North Korean state-sponsored actors were observed using Maui ransomware The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of the Treasury (Treasury) today released a joint Cybersecurity Advisory (CSA) that provides information on Maui ransomware, which has been used by North Korean…

Read More

Securing migration to the cloud

Cybersecurity and Infrastructure Security Agency published the second version of cloud guidance. The Cybersecurity and Infrastructure Security Agency (CISA) published the second version of “Cloud Security Technical Reference Architecture (TRA)” today, which strengthens guidance to fulfill a key mandate under President Biden’s Executive Order (EO) 14028 – “Improving the Nation’s Cybersecurity.” The…

Read More

APT cyber actors exploiting Microsoft Exchange and Fortinet vulnerabilities

Advisory issued by FBI, CISA, ACSC and NCSC. A joint cybersecurity advisory is the result of an analytic effort among the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) to highlight…

Read More

US Security agencies release guidance for 5G

Key cybersecurity guidance to configure 5G cloud infrastructure. The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published cybersecurity guidance to securely build and configure cloud infrastructures in support of 5G. Security Guidance for 5G Cloud Infrastructures: Prevent and Detect Lateral Movement is the first of a…

Read More

Global cyber agencies share top routinely exploited vulnerabilities

Four of the most targeted vulnerabilities in 2020 involved remote work. The US Cybersecurity and Infrastructure Security Agency (CISA), Australian Cyber Security Centre (ACSC), United Kingdom’s National Cyber Security Centre (NCSC) and Federal Bureau of Investigation (FBI) released a joint cybersecurity advisory highlighting the top Common Vulnerabilities and Exposures (CVEs) routinely…

Read More

Kaseya faces cyber security attack

Customers include Indonesian Government. The Cybersecurity Infrastructure Security Agency (CISA) of the United States and the Federal Bureau of Investigation (FBI) have stated both agencies have responded to the recent supply-chain ransomware attack leveraging a vulnerability in Kaseya VSA software against multiple managed service providers (MSPs) and their customers. The…

Read More