October 3, 2024 at 04:39AM In this series, we’ve explored Rogue AI and its mitigations, aiming to shape the debate around cybersecurity threats. The piece delves into community efforts to assess AI risk and highlights different perspectives on Rogue AI within the security community, particularly focusing on the related risks highlighted by OWASP and the … Read more
October 2, 2024 at 09:54AM MITRE expanded the EMB3D Threat Model, providing crucial mitigations to combat threats to embedded devices. This update aims to assist organizations in addressing security challenges. The development was featured in SecurityWeek. Based on the meeting notes, it seems that MITRE has enhanced its EMB3D Threat Model by including crucial mitigations … Read more
August 29, 2024 at 01:53PM Summary: The FBI, CISA, MS-ISAC, and HHS have released a joint Cybersecurity Advisory to disseminate information about RansomHub ransomware, including its tactics, techniques, and procedures. The advisory includes details on the ransomware’s impact, mitigation recommendations for network defenders, technical details, and further resources to protect against ransomware threats. Based on … Read more
July 11, 2024 at 10:36AM The Cybersecurity and Infrastructure Security Agency (CISA) conducted a SILENTSHIELD red team assessment against a Federal Civilian Executive Branch organization in early 2023. The red team mimicked the techniques, tradecraft, and behaviors of sophisticated threat actors to assess the organization’s security posture. The assessment revealed findings related to initial access, … Read more
May 10, 2024 at 04:13PM The joint Cybersecurity Advisory (CSA) pertains to Black Basta, a ransomware variant targeting critical infrastructure, particularly the Healthcare and Public Health (HPH) Sector. Affiliates use phishing and exploiting vulnerabilities for initial access, employ a double-extortion model, and conduct data exfiltration prior to encryption. The CSA provides TTPs, IOCs, and mitigations … Read more
February 29, 2024 at 10:42AM The joint Cybersecurity Advisory (CSA) highlights the Phobos ransomware threat, observed as recently as February 2024. It describes the ransomware’s tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), and provides recommendations from the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information … Read more
December 19, 2023 at 01:22PM The FBI and CISA released a joint Cybersecurity Advisory (CSA) to share known IOCs and TTPs linked to the ALPHV Blackcat ransomware. The advisory warns organizations of evolving tactics used by the threat actors, including advanced social engineering and remote access software deployment. It also provides mitigations and incident response … Read more
December 15, 2023 at 11:49AM In January 2023, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a Risk and Vulnerability Assessment (RVA) for a Healthcare and Public Health (HPH) organization. The RVA included web application, phishing, penetration, database, and wireless assessments. While no significant external vulnerabilities were identified, the internal testing revealed multiple misconfigurations and … Read more
November 17, 2023 at 03:56PM The cybercrime group known as Scattered Spider has been able to successfully attack US organizations without being disrupted or arrested, despite federal law enforcement being aware of their identities for over six months. The FBI and CISA have released an advisory to help organizations defend against Scattered Spider, but it … Read more
November 14, 2023 at 01:33AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has set a November 17 deadline for federal agencies and organizations to address security flaws in Juniper Junos OS. CISA added five vulnerabilities to the Known Exploited Vulnerabilities catalog, with potential for remote code execution. CISA also warned about the Royal ransomware … Read more