Aug 24, 2024Ravie LakshmananVulnerability / Government Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed a security flaw impacting Versa Director to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation. The medium-severity vulnerability, tracked as CVE-2024-39717 (CVSS score: 6.6), is case of file upload … [Read more...] about CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September
Agencies
Russian Power Companies, IT Firms, and Govt Agencies Hit by Decoy Dog Trojan
Jun 04, 2024NewsroomCyber Attack / Malware Russian organizations are at the receiving end of cyber attacks that have been found to deliver a Windows version of a malware called Decoy Dog. Cybersecurity company Positive Technologies is tracking the activity cluster under the name Operation Lahat, attributing it to an advanced persistent threat (APT) group called … [Read more...] about Russian Power Companies, IT Firms, and Govt Agencies Hit by Decoy Dog Trojan
Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies
Feb 24, 2024NewsroomActive Directory / Data Protection Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light. "Microsoft will automatically enable the logs in customer … [Read more...] about Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies
CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits
Jan 20, 2024NewsroomNetwork Security / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch (FCEB) agencies to implement mitigations against two actively exploited zero-day flaws in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) products. The … [Read more...] about CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits
US federal agencies and AI: The race is on
The AI revolution in federal agencies has begun,Federal agencies are ramping up their use of artificial intelligence significantly, according to a US Government Accountability Office (GAO) audit. The report noted that there were 228 different AI use cases in operation, with over 500 more in planning and approximately another 500 in research or exploration phases. These numbers … [Read more...] about US federal agencies and AI: The race is on
German and South Korean Agencies Warn of Kimsuky’s Expanding Cyber Attack Tactics
Mar 23, 2023Ravie LakshmananCyber Attack / Browser Security German and South Korean government agencies have warned about cyber attacks mounted by a threat actor tracked as Kimsuky using rogue browser extensions to steal users' Gmail inboxes. The joint advisory comes from Germany's domestic intelligence apparatus, the Federal Office for the Protection of the Constitution … [Read more...] about German and South Korean Agencies Warn of Kimsuky’s Expanding Cyber Attack Tactics
Researchers Warn of ReverseRAT Backdoor Targeting Indian Government Agencies
Feb 21, 2023Ravie LakshmananCyber Threat / Cyber Attack A spear-phishing campaign targeting Indian government entities aims to deploy an updated version of a backdoor called ReverseRAT. Cybersecurity firm ThreatMon attributed the activity to a threat actor tracked as SideCopy. SideCopy is a threat group of Pakistani origin that shares overlaps with another actor called … [Read more...] about Researchers Warn of ReverseRAT Backdoor Targeting Indian Government Agencies
Falcon Spotlight ExPRT.AI Helps Federal Agencies Meet CISA Mandate
The Cybersecurity and Infrastructure Security Agency (CISA) issued a mandate on November 2, 2021, for all U.S. federal agencies to fix hundreds of known vulnerabilities. Binding Operational Directive 22-01 (BOD 22-01) compels all federal departments and agencies to specifically address the vulnerabilities in the published catalog to protect and safeguard valuable federal data … [Read more...] about Falcon Spotlight ExPRT.AI Helps Federal Agencies Meet CISA Mandate
U.S. Federal Agencies Ordered to Patch Hundreds of Actively Exploited Flaws
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a catalog of vulnerabilities, including from Apple, Cisco, Microsoft, and Google, that have known exploits and are being actively exploited by malicious cyber actors, in addition to requiring federal agencies to prioritize applying patches for those security flaws within "aggressive" … [Read more...] about U.S. Federal Agencies Ordered to Patch Hundreds of Actively Exploited Flaws
Russian Federal Agencies Were Attacked With Chinese Webdav-O Virus
An amalgam of multiple state-sponsored threat groups from China may have been behind a string of targeted attacks against Russian federal executive authorities in 2020. The latest research, published by Singapore-headquartered company Group-IB, delves into a piece of computer virus called "Webdav-O" that was detected in the intrusions, with the cybersecurity firm observing … [Read more...] about Russian Federal Agencies Were Attacked With Chinese Webdav-O Virus