DHS Archives - Securezoo

CISA releases new malware analysis on Supernova

Cybersecurity Attacks, Malware / By Frank Crast / January 28, 2021 / CISA, CVE-2020-10148, DHS, malware, SolarWinds, Supernova

The Cybersecurity and Infrastructure Security Agency (CISA) has released new malware analysis on Supernova that affects unpatched SolarWinds Orion software.

FBI: Cyber criminals target employee credentials via voice phishing attacks

Cybercrime, Cybersecurity Attacks, Phishing / By Frank Crast / January 18, 2021 / COVID-19, DHS, FBI, phishing, vishing, VPN

The FBI issued a private industry notification of cyber criminals targeting employee credentials via voice phishing or “vishing” attacks.

DHS issues new emergency guidance on SolarWinds Orion Code compromise

Cybersecurity Articles, Cybersecurity Attacks, Data Breach, Security Updates & Patches, Third-Party Security / By Frank Crast / December 30, 2020 / CISA, CVE-2020-10148, DHS, malware, SolarWinds, Sunburst, Supernova, Zero-day

The Department of Homeland Security (DHS) has issued new emergency guidance on the SolarWinds Orion Code compromise and supply chain vulnerability.

DHS warns businesses of risks using Chinese tech and data services

Cybersecurity Articles, Data Breach, Data Privacy, Insider Threats, Regulations & Laws, Security Monitoring, Third-Party Security / By Frank Crast / December 24, 2020 / Data Security, DHS, DOJ, EO 13913, EO 13942, EO 13943, Executive Order, Harvard, Huawei, NIST, PLA, PRC, USTR, WTO, ZTE

The United States Department of Homeland Security (DHS) has published a new advisory warning businesses of the risks using tech and data services linked to the People’s Republic of China (PRC).

Russian threat actors use new ComRAT and Zebrocy malware in recent attacks

Cybersecurity Attacks, Malware / By Frank Crast / November 2, 2020 / CNMF, ComRAT, DHS, Fancy Bear, FBI, Pawn Storm, Sofacy, STRONTIUM, Zebrocy

U.S. government cybersecurity experts warned that “sophisticated threat actors” have been using new Russian malware variants, ComRAT and Zebrocy, in recent cyberattacks.

Chinese threat actors targeting U.S. government agencies and these 4 CVEs

Cybersecurity Articles, Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / September 15, 2020 / BIG-IP, Citrix, CVE-2019-11510, CVE-2019-19781, CVE-2020-0688, CVE-2020-5902, DHS, Exchange, F5, Microsoft, MSS, Pulse Secure, VPN

Chinese Ministry of State Security (MSS)-affiliated cyber threat actors are targeting U.S. government agencies, as well as exploiting four popular vulnerabilities over the past 12 months.

FBI and CISA warning of Chinese targeting COVID-19 research organizations

Cybersecurity Attacks, Password Management, Vulnerabilities & Exploits / By Frank Crast / May 15, 2020 / CISA, Coronavirus, COVID-19, DHS, FBI, healthcare, Medical

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued a warning of likely targeting and compromise of U.S. COVID-19 research organizations by the People’s Republic of China (PRC).

Alert: Threat actors continue to exploit patched Pulse Secure VPN devices

Identity & Access Management, Network Security, Password Management, Vulnerabilities & Exploits / By Frank Crast / April 17, 2020 / Active Directory, CISA, CVE-2019-11510, DHS, Juniper, passwords, Pulse Secure, VPN

Organizations that are running Pulse Security VPN devices may still be at risk of being exploited, even if previously patched, according to a new Department of Homeland Security (DHS) advisory. The risk is elevated if an actor previously exploited CVE-2019-11510 and stole AD credentials from the victim organization.

DHS reissues National Terrorism Advisory System (NTAS) Bulletin

Cybersecurity Attacks, Security Monitoring / By Frank Crast / January 6, 2020 / DHS, Iran, Iraq, NTAS, Terrorism

The Department of Homeland Security (DHS) has reissued a National Terrorism Advisory System (NTAS) bulletin after a lethal U.S. strike killed Iranian IRGC-Quds Force commander Qassem Soleimani on January 2, 2020 while Soleimani was in Iraq.

DHS warns of Iranian cybersecurity threats, issues guidance

Cybersecurity Attacks, Data Privacy, Malware, Mobile Security, Password Management, Phishing / By Frank Crast / June 26, 2019 / CISA, DHS

The Director of the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about recent Iranian cybersecurity threats. The statement also included suggested tips and best practices to stay safe online.