APT cyber actors exploiting Microsoft Exchange and Fortinet vulnerabilities

November 19, 2021November 19, 2021 CIO Tech Team

Advisory issued by FBI, CISA, ACSC and NCSC. A joint cybersecurity advisory is the result of an analytic effort among the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) to highlight…

Global cyber agencies share top routinely exploited vulnerabilities

August 10, 2021August 10, 2021 CIO Tech Team

Four of the most targeted vulnerabilities in 2020 involved remote work. The US Cybersecurity and Infrastructure Security Agency (CISA), Australian Cyber Security Centre (ACSC), United Kingdom’s National Cyber Security Centre (NCSC) and Federal Bureau of Investigation (FBI) released a joint cybersecurity advisory highlighting the top Common Vulnerabilities and Exposures (CVEs) routinely…

Kaseya faces cyber security attack

July 5, 2021 Lilia Guan

Customers include Indonesian Government. The Cybersecurity Infrastructure Security Agency (CISA) of the United States and the Federal Bureau of Investigation (FBI) have stated both agencies have responded to the recent supply-chain ransomware attack leveraging a vulnerability in Kaseya VSA software against multiple managed service providers (MSPs) and their customers. The…

Darkside ransomware confirmed for US pipeline attack

May 11, 2021May 11, 2021 Lilia Guan

One the largest attacks on a national infrastructure in 2021. The FBI has confirmed that Darkside ransomware is responsible for the compromise of the Colonial Pipeline networks in Unites States. The federal agency will continue to work with the company and government partners on the investigation. Colonial Pipeline Networks learnt…

Global warning on Fortinet vulnerabilities

April 6, 2021April 6, 2021 Lilia Guan

APT actors exploit vulnerabilities to gain initial access for future attacks. The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) advises organisations using Fortinet devices that Advanced Persistent Actors (APT’s) have been observed exploiting the following vulnerabilities: CVE-2018-13379 – Fortinet Path Traversal CVE-2020-12812 – Fortinet 2 Factor Authentication bypass CVE-2019-5591 – Fortinet Man-in-the-middle…

FBI and Tesla work together to prevent major cyber attack

September 1, 2020 Lilia Guan

Russian hacker attempted to bribe Tesla employee with US$1M to infect the company with malware. A Russian national made his initial appearance in US Federal Court this week for his role in a conspiracy to recruit an employee of a company to introduce malicious software into Tesla’s computer network, extract…

FBI