Security Monitoring Archives

FBI warns of increasing ransomware attacks against the Food and Agriculture sector

Malware, Phishing, Security Monitoring / By Frank Crast / September 4, 2021 / FBI, JBS, meat producer, OnePercent, Ransomware, REvil, Sodinokibi

The Federal Bureau of Investigation (FBI) has issued a cybersecurity alert warning of increasing ransomware attacks against the Food and Agriculture sector.

Microsoft: New analysis of Exchange Server vulnerabilities and cyberattacks

Cybersecurity Articles, Cybersecurity Attacks, Security Monitoring, Vulnerabilities & Exploits / By Frank Crast / March 30, 2021 / Cyberattack, DoejoCrypt, Egregor, Exchange, HAFNIUM, Lemon Duck, Maze, Microsoft, Pydomer

Microsoft has published new detailed analysis of Exchange Server vulnerabilities, cybercriminal groups and post-compromise second stage attack malware. In addition, the tech giant offered sound mitigation guidance.

CHIRP tool scans for signs of APT compromise associated with SolarWinds and Azure/M365 cyberattacks

Cybersecurity Attacks, Security Monitoring, System Hardening, Third-Party Security / By Frank Crast / March 19, 2021 / Azure, CHIRP, IOC, M365, Microsoft 365, NSA, Orion, SolarWinds, Supply Chain

The DHS CISA cybersecurity team just released a new tool dubbed CHIRP, a forensics collection tool designed to help network defenders scan for indicators of compromise (IOCs) associated with the SolarWinds Orion and Active Directory/M365 compromise and cyberattacks.

3 good examples of how to apply the Zero Trust Security Model

Cybersecurity Articles, Network Security, Security Monitoring, System Hardening / By Frank Crast / March 7, 2021 / DAAS, Firewall, IOT, IPS, MFA, NAC, NSA, Privacy, Supply Chain, Zero Trust

The National Security Agency (NSA) has released new guidelines on the Zero Trust Security Model, a coordinated system management strategy that removes implicit trust in any one system or service and assumes breaches will or have already occurred.

FireEye publishes Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers

Cloud Security, Cybersecurity Attacks, Security Monitoring / By Frank Crast / January 21, 2021 / Active Directory, Microsoft 365, SolarWinds, UNC2452

Security firm FireEye has published new Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers, also known as UNC2452.

DHS warns businesses of risks using Chinese tech and data services

Cybersecurity Articles, Data Breach, Data Privacy, Insider Threats, Regulations & Laws, Security Monitoring, Third-Party Security / By Frank Crast / December 24, 2020 / Data Security, DHS, DOJ, EO 13913, EO 13942, EO 13943, Executive Order, Harvard, Huawei, NIST, PLA, PRC, USTR, WTO, ZTE

The United States Department of Homeland Security (DHS) has published a new advisory warning businesses of the risks using tech and data services linked to the People’s Republic of China (PRC).

Cyberattacks against machine learning systems and the new Adversarial ML Threat Matrix

Cybersecurity Articles, Cybersecurity Attacks, Security Monitoring / By Frank Crast / October 27, 2020 / AI, Artificial Intelligence, ATT&CK, Machine Learning, MITRE, Threat Matrix

In the wake of an increase in cyber attacks against machine learning (ML) systems, Microsoft along with MITRE and contributions from 11 other organizations, have released the Adversarial ML Threat Matrix.

BeagleBoyz cybercriminals launch “FASTCash 2.0” to rob banks

Cybersecurity Articles, Cybersecurity Attacks, Malware, Network Security, Security Monitoring, System Hardening / By Frank Crast / August 29, 2020 / ATM, banking, BeagleBoyz, CISA, CROWDEDFLOUNDER, EccentricBandwagon, ElectricFish, FASTCash, FBI, Finance, HOPLIGHT, IOC, Treasury

North Korea’s BeagleBoyz cybercriminals have launched an automated teller machine (ATM) cash-out scheme, known as FASTCash 2.0. Cyber experts from the U.S. government have detected the cyber activity over the past five years that led to nearly $2B loss to financial institutions around the world.

FTC releases new video to help keep your small business safe from fraud

Cybersecurity Articles, Cybersecurity Attacks, Data Breach, Data Privacy, Regulations & Laws, Security Monitoring, Small Business Security, Third-Party Security / By Frank Crast / July 14, 2020 / Data Breach, FTC, Privacy, Small Business, SMB

The Federal Trade Commission (FTC) has released a new video to help keep your small business safe from fraud. This is another video in a series of videos from the FTC Protecting Small Businesses playlist.

DHS reissues National Terrorism Advisory System (NTAS) Bulletin

Cybersecurity Attacks, Security Monitoring / By Frank Crast / January 6, 2020 / DHS, Iran, Iraq, NTAS, Terrorism

The Department of Homeland Security (DHS) has reissued a National Terrorism Advisory System (NTAS) bulletin after a lethal U.S. strike killed Iranian IRGC-Quds Force commander Qassem Soleimani on January 2, 2020 while Soleimani was in Iraq.