Researchers have discovered a Critical 0-day vulnerability (CVE-2021-44228) in Apache Log4j logging utility that can result in remote code execution (RCE). In addition, CISA and Microsoft also issue new guidance for log4j vulnerability remediation.
The National Security Agency (NSA) has released guidance on securing wireless devices in public settings for government national defense entities and the general public. The new 8-page guidance infosheet summarizes ways bad actors target wireless devices as well as good safeguards to protect against such cyberattacks. The NSA warns that although connecting to public Wi-Fi …
NSA releases guidance on securing wireless devices in public settings Read More »
Security researchers from Microsoft have discovered a collection of vulnerabilities dubbed “BadAlloc” that affect a broad range of IoT and OT devices in industrial, medical and consumer sectors.
The DHS CISA cybersecurity team just released a new tool dubbed CHIRP, a forensics collection tool designed to help network defenders scan for indicators of compromise (IOCs) associated with the SolarWinds Orion and Active Directory/M365 compromise and cyberattacks.
The National Security Agency (NSA) has released new guidelines on the Zero Trust Security Model, a coordinated system management strategy that removes implicit trust in any one system or service and assumes breaches will or have already occurred.
Cybersecurity criminals are continuing to change threat tactics by leveraging more fileless malware and duel-use tools to attack organizations.
North Korea’s BeagleBoyz cybercriminals have launched an automated teller machine (ATM) cash-out scheme, known as FASTCash 2.0. Cyber experts from the U.S. government have detected the cyber activity over the past five years that led to nearly $2B loss to financial institutions around the world.
The National Institute of Standards and Technology (NIST) has issued new Security-Focused Configuration Management of Information Systems guidelines (SP 800-128).
The National Institute of Standards and Technology (NIST) has issued new Security-Focused Configuration Management of Information Systems guidelines (SP 800-128).
Cloud security experts from Palo Alto Networks have warned about three critical misconfigurations that are most common in most organizations and have contributed to the majority of cloud attacks.
