Advisory issued by FBI, CISA, ACSC and NCSC. A joint cybersecurity advisory is the result of an analytic effort among the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) to highlight…
Read More
Key cybersecurity guidance to configure 5G cloud infrastructure. The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published cybersecurity guidance to securely build and configure cloud infrastructures in support of 5G. Security Guidance for 5G Cloud Infrastructures: Prevent and Detect Lateral Movement is the first of a…
Read More
Four of the most targeted vulnerabilities in 2020 involved remote work. The US Cybersecurity and Infrastructure Security Agency (CISA), Australian Cyber Security Centre (ACSC), United Kingdom’s National Cyber Security Centre (NCSC) and Federal Bureau of Investigation (FBI) released a joint cybersecurity advisory highlighting the top Common Vulnerabilities and Exposures (CVEs) routinely…
Read More
Customers include Indonesian Government. The Cybersecurity Infrastructure Security Agency (CISA) of the United States and the Federal Bureau of Investigation (FBI) have stated both agencies have responded to the recent supply-chain ransomware attack leveraging a vulnerability in Kaseya VSA software against multiple managed service providers (MSPs) and their customers. The…
Read More
US and Australian government agencies issue warnings and advice. The Cybersecurity and Infrastructure Security Agency (CISA) of the United States, is aware of compromises affecting government agencies, critical infrastructure entities, and other private sector organisations by a cyber threat actor—or actors—beginning in June 2020 or earlier related to vulnerabilities in…
Read More
APT actors exploit vulnerabilities to gain initial access for future attacks. The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) advises organisations using Fortinet devices that Advanced Persistent Actors (APT’s) have been observed exploiting the following vulnerabilities: CVE-2018-13379 – Fortinet Path Traversal CVE-2020-12812 – Fortinet 2 Factor Authentication bypass CVE-2019-5591 – Fortinet Man-in-the-middle…
Read More
No reason given despite securing the 2020 elections. Media outlets have reported US President Donald Trump has fired one of the most senior cybersecurity officials in the U.S. government, Chris Krebs. He served as the director of the Cybersecurity and Infrastructure Security Agency (CISA) since its November 2018. It’s unclear…
Read More
Pandemic highlighted heavy reliance on ICT, while global supply chains were weakened. The US Cybersecurity and Infrastructure Security Agency (CISA), US government and industry members of the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force released an analysis report on the impact of COVID-19 on global supply…
Read More