CISA Archives - Help Net Security

CISA

Attackers are exploiting zero-day in Pulse Secure VPNs to breach orgs (CVE-2021-22893)

April 21, 2021

Attackers have been exploiting several old and one zero-day vulnerability (CVE-2021-22893) affecting Pulse Connect Secure (PCS) VPN devices to breach a variety of defense, …

FBI removes web shells from hacked Microsoft Exchange servers

April 14, 2021

Authorities have executed a court-authorized operation to copy and remove malicious web shells from hundreds of vulnerable on-premises versions of Microsoft Exchange Server …

4 things you can do to minimize cyberattacks on supply and value chains

April 8, 2021

Supply chain attacks target the weakest spot in most every enterprise’s security program: third-party access. The SolarWinds hack was a classic supply chain attack, …

SAP partners with Onapsis to mitigate active threats against unprotected SAP applications

April 8, 2021

SAP and Onapsis jointly released a cyber threat intelligence report providing actionable information on how malicious threat actors are targeting and potentially exploiting …

Vulnerabilities in ICS-specific backup solution open industrial facilities to attack

April 7, 2021

Claroty researchers have found and privately disclosed nine vulnerabilities affecting Rockwell Automation’s FactoryTalk AssetCentre, an ICS-specific backup solution. All of …

CMMC Accreditation Body appoints Matthew Travis as CEO

March 31, 2021

The CMMC Accreditation Body (CMMC-AB) Board of Directors announced the appointment of Matthew Travis as the CMMC-AB’s first CEO effective April 1, 2021. In this role, Mr. …

Automatically mitigate ProxyLogon, detect IoCs associated with SolarWinds attackers’ activities

March 19, 2021

Microsoft has updated its Defender Antivirus to mitigate the ProxyLogon flaw on vulnerable Exchange Servers automatically, while the Cybersecurity and Infrastructure Security …

Ransomware provides the perfect cover

January 21, 2021

Look at any list of security challenges that CISOs are most concerned about and you’ll consistently find ransomware on them. It’s no wonder: ransomware attacks cripple …

Malwarebytes was breached by the SolarWinds attackers

January 20, 2021

A fourth malware strain wielded by the SolarWinds attackers has been detailed by Symantec researchers, followed by the disclosure of the attackers’ ingenous lateral …

Microsoft was also a victim of the SolarWinds supply chain hack

December 18, 2020

Microsoft has confirmed that it, too, is among the companies who have downloaded the compromised SolarWinds Orion updates, but that they have isolated and removed them. …

25 vulnerabilities exploited by Chinese state-sponsored hackers

October 21, 2020

The US Cybersecurity and Infrastructure Security Agency (CISA) has released a list of 25 vulnerabilities Chinese state-sponsored hackers have been recently scanning for or …

CISA orders federal agencies to implement Zerologon fix by Monday

September 21, 2020

If you had any doubts about the criticality of the Zerologon vulnerability (CVE-2020-1472) affecting Windows Server, here is a confirmation: the US Cybersecurity and …

CISA

Attackers are exploiting zero-day in Pulse Secure VPNs to breach orgs (CVE-2021-22893)

FBI removes web shells from hacked Microsoft Exchange servers

4 things you can do to minimize cyberattacks on supply and value chains

SAP partners with Onapsis to mitigate active threats against unprotected SAP applications

Vulnerabilities in ICS-specific backup solution open industrial facilities to attack

CMMC Accreditation Body appoints Matthew Travis as CEO

Automatically mitigate ProxyLogon, detect IoCs associated with SolarWinds attackers’ activities

Ransomware provides the perfect cover

Malwarebytes was breached by the SolarWinds attackers

Microsoft was also a victim of the SolarWinds supply chain hack

25 vulnerabilities exploited by Chinese state-sponsored hackers

CISA orders federal agencies to implement Zerologon fix by Monday

Don't miss

Critical infrastructure implications of the Pulse Secure multi-factor authentication bypass

Monero-mining botnet targets orgs through recent MS Exchange vulnerabilities

Cloud Sniper: Manage and automate cloud security operations

How micro-segmentation creates an uphill battle for intruders

Hackers found leveraging three SonicWall zero-day vulnerabilities