Collaborate Disseminate
Just days after the two countries signed a joint agreement at their unprecedented talks, the US Department of Homeland Security has issued a warning about more malware being used by the North Korean government against US organisations.
Read more in my … Continue reading US Government warns of more North Korean malware attacks
US-CERT has released a new technical alert on malware used by Hidden Cobra, a threat actor whose activities they believe to be directed by the North Korean government. The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (F… Continue reading DHS, FBI warn about malware tied to North Korean threat actor
The North Korean-sponsored actors are targeting sensitive and proprietary information, and the malware could disrupt regular operations and disable systems and files. Continue reading Hidden Cobra Strikes Again with Custom RAT, SMB Malware
A new flaw that can allow an attacker to obtain access to sensitive information on affected systems has been discovered in modern CPUs. CVE-2018-3639, discovered by independently by Google Project Zero and Microsoft Security Response Center researchers… Continue reading New Spectre-like flaw found in CPUs using speculative execution
The U.S. Cyber Emergency Response Team (US-CERT) issued an alert March 15, “Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors” – Alert TA18-074A. It wasn’t necessarily an ah-ha moment for those in the i… Continue reading U.S. Infrastructure Vulnerable to Russia (and Others)?
A US-CERT warning about Russian government activity targeting energy companies and other organizations has elevated concerns about the vulnerability of U.S. critical infrastructure sectors to damaging cyber attacks. Many see the alert as validating, a… Continue reading The Implications of US-CERT’s Concerns of Russia Targeting Critical Infrastructure
The House approved a bill on Monday that would make the Department of Homeland Security’s cyber incident response teams a permanent fixture within the agency. The DHS Cyber Incident Response Teams Act would codify the agency’s “cyber hunt and incident response teams,” which provide support to organizations running critical infrastructure. The teams often respond to cyber incidents and help organizations mitigate cybersecurity risks. “Everyone is a target,” said Rep. Michael McCaul, R-Texas, the bill’s sponsor, on the House floor. “Our enemies don’t just attack individuals and their devices. They also put America’s critical infrastructure sectors in their crosshairs, endangering all aspects of civilian life.” The teams referenced by the bill currently operate in DHS’s National Cybersecurity and Communications Integration Center (NCCIC). The bill also would authorize the secretary of Homeland Security to include cybersecurity specialists from the private sector in those response teams. “By fostering this new collaboration between government and private sector, […]
The post DHS cyber incident response teams closer to becoming permanently codified appeared first on Cyberscoop.
Continue reading DHS cyber incident response teams closer to becoming permanently codified
Last time, I had the honor of speaking with Tiffany Gerstmar. Her work with the US Navy led to her become a cybersecurity policy professional. In this final interview of the current series, I got to speak with Roselle Safran. Not unlike Tiffany, work i… Continue reading Women in Information Security: Roselle Safran
Weak cryptography in the IEEE P1735 electronics standard allow attackers to recover valuable intellectual property in plaintext from SoCs and integrated circuits. Continue reading US-CERT Warns of Crypto Bugs in IEEE Standard
US-CERT doesn’t often go public with warnings about cyber threats to critical infrastructure. So, why now?
Continue reading US-CERT: hackers are targeting our critical infrastructure