#IncidentResponse – Page 15

Mandiant Shines Spotlight on APT45 Behind North Korea’s Digital Military Machine

July 25, 2024 by Xynik

July 25, 2024 at 07:09AM SecurityWeek Network provides cybersecurity news, webcasts, and virtual events. Their offerings cover a wide range of topics including malware, cyberwarfare, data breaches, ransomware, and security operations. They also focus on areas such as risk management, privacy compliance, and CISO strategy, with specific emphasis on industrial cybersecurity and related financial activities. … Read more

Safety Equipment Giant Cadre Holdings Hit by Cyberattack

July 22, 2024 by Xynik

July 22, 2024 at 11:36AM Florida-based safety equipment company Cadre Holdings disclosed a cyberattack that impacted its operations and technology systems. The company has shut down some systems and initiated a response protocol including an investigation, notifying law enforcement, and taking systems offline. The incident, in its early stages, seems consistent with a ransomware attack, … Read more

CISA Publishes Resiliency Playbook for Critical Infrastructure

July 19, 2024 by Xynik

July 19, 2024 at 08:43AM The Cybersecurity and Infrastructure Security Agency released a supplemental manual for infrastructure resilience planning, offering guidance on enhancing security and resiliency for critical infrastructure. It includes processes, table top exercises, and key actions for resilience planning, outlined by CISA’s executive assistant director for infrastructure security, David Mussington. The manual is … Read more

Chinese Hacking Group APT41 Infiltrates Global Shipping and Tech Sectors, Mandiant Warns

July 18, 2024 by Xynik

July 18, 2024 at 03:03PM SecurityWeek Network offers cybersecurity news, webcasts, virtual events, and covers a wide range of topics including malware, cyberwarfare, data breaches, ransomware, and more. It also features specific tracks on ICS cybersecurity, industrial cybersecurity, and information on cybersecurity funding and M&A activity. Based on the meeting notes, it seems like the … Read more

Defending OT Requires Agility, Proactive Controls

July 17, 2024 by Xynik

July 17, 2024 at 04:35AM Hackers with ties to the Chinese government have gained access to US critical infrastructure, transitioning from espionage to potentially compromising or destroying infrastructure via operational technology. Recent attacks on maritime and water systems signal the need for increased OT security. Three key steps include converging IT and OT security, developing … Read more

Cytactic Focuses on Stakeholder Communication to Boost Incident Response

July 16, 2024 by Xynik

July 16, 2024 at 08:23AM Organizations are prioritizing resiliency, aiming to operate during attacks and recover swiftly. Poor communication between stakeholders hinders response and recovery. Cytactic, a new cybersecurity startup, offers a software-as-a-service platform to consolidate crisis readiness, response, and recovery, streamlining information sharing and decision-making. Gartner emphasizes the importance of synchronized incident response preparation … Read more

June Windows Server updates break Microsoft 365 Defender features

July 15, 2024 by Xynik

July 15, 2024 at 10:16AM Microsoft has confirmed that recent Windows Server updates have caused issues with some Microsoft 365 Defender features, specifically affecting the Network Detection and Response (NDR) service and other Defender components. The problem only impacts Windows Server 2022 systems and related services, with Microsoft working on a fix and providing updates … Read more

How Manufacturers Can Secure Themselves Against Cyber Threats

July 15, 2024 by Xynik

July 15, 2024 at 10:15AM Manufacturers face a pressing need to address cybersecurity, particularly as they are the primary target for ransomware threats. There’s a shortage of cybersecurity professionals, but manufacturers can enhance their defenses with adequate training and tools. Recognizing and responding to early warning signs of ransomware attacks is crucial, along with taking … Read more

CISA broke into a US federal agency, and no one noticed for a full 5 months

July 12, 2024 by Xynik

July 12, 2024 at 02:10PM CISA’s SILENTSHIELD exercise detected major security lapses at a federal agency in 2023. A red team exploited an Oracle Solaris vulnerability, leading to a full compromise. Despite timely alerts, the patch was delayed, and the agency ignored crucial investigation procedures. CISA’s report revealed poor network safeguards and a lack of … Read more

Bloom Health Centers Provides Notice of Data Security Incident

July 2, 2024 by Xynik

July 2, 2024 at 01:55PM Bloom Health Centers, a mental health service provider, reported a data security incident involving potential exposure of personal and health information. Patient data such as name, address, health insurance, and medical details may have been affected, with some individuals’ Social Security, payment card, or driver’s license numbers possibly involved. Bloom … Read more