CISA
-
North Korea’s Lazarus Group Shifts Tactics; Canadian City Faces Major Security Costs
North Korea’s Lazarus Group has reportedly transitioned to tactics involving the distribution of malware-laden open-source software, raising concerns over cybersecurity. Meanwhile, the city of Hamilton has incurred major costs due to a significant ransomware attack amid a slow rollout of security measures, while ethical hackers eye substantial rewards in the upcoming Pwn2Own competition. Additionally, CISA…
-
Critical Infrastructure Monitoring Program Halted Due to Lapsed Funding
The expiration of government funding for the CyberSentry Program has raised alarms over cybersecurity vulnerabilities in U.S. critical infrastructure. Program director Nate Gleason highlighted concerns about halted monitoring and an evolving threat landscape during a congressional hearing, as calls for renewed funding grow amidst fears of potential cyberattacks.
-
CISA and FBI Warn of Rising Interlock Ransomware Threats Targeting Businesses
CISA and the FBI have alerted businesses about a significant increase in Interlock ransomware attacks, which primarily target the healthcare sector. The advisory includes strategies for network defense against these sophisticated double extortion threats.
-
TeleMessage SGNL Exposes Sensitive Data Due to Endpoint Misconfiguration
TeleMessage SGNL, a messaging application used by U.S. agencies, has been found exposing sensitive data due to outdated configurations. Cybersecurity experts are urging immediate action to address the vulnerabilities.
-
Major Security Flaw in Train Brake Systems Exposes US Rail Network to Risks
A critical security vulnerability in the US freight rail system, reported by researcher Neil Smith, has raised alarms about the potential for malicious actors to control train braking systems remotely, with no immediate solution in sight.
-
CISA Identifies Four Critical Vulnerabilities Under Active Exploitation
CISA has identified four critical vulnerabilities under active exploitation, urging organizations to take immediate action to update their systems to protect against potential threats.
-
CISA Warns of Critical Vulnerability in TP-Link Routers Amid Active Exploitation
CISA has identified a critical vulnerability in TP-Link routers, urging users to take immediate action as evidence of active exploitation emerges. The agency’s guidelines are designed to mitigate the risks associated with this command injection vulnerability, affecting multiple router models.
-
SinoTrack GPS Vulnerabilities Expose Vehicles to Potential Attacks
Vulnerabilities in the SinoTrack GPS tracking platform may allow attackers to track vehicle locations and control vehicle functions. CISA warns users to change default passwords and protect device identifiers.
-
CISA Warns of Ransomware Threats Exploiting SimpleHelp Vulnerabilities
CISA warns that ransomware actors are exploiting unpatched SimpleHelp vulnerabilities to target utility billing software providers, urging organizations to update their systems and implement security measures to prevent attacks.
-
CISA Highlights Security Flaws in SinoTrack GPS Devices
CISA warns SinoTrack GPS device users about critical vulnerabilities allowing unauthorized access. Affected devices could be remotely controlled, including tracking vehicles and cutting off fuel. Users are urged to change default passwords immediately.
