South Africa’s Rail, Port and Pipeline Hit by Cyber Attack
Transnet, a state-owned South African rail, port and pipeline company, appears to be in crisis mode after a cyberattack hit the company last week. Keep Reading
Hackers Used Never Seen Before Wiper in Iranian Train System Attack
Researchers with cybersecurity company SentinelOne reconstructed the recent cyberattack on Iran's train system in a new report, uncovering a new threat actor -- which they named 'MeteorExpresss' -- and a never-before-seen wiper. Keep Reading
You might be interested in
Supply Chain Cyber Attacks Expected to Quadruple, Says EU Agency
The European Union Agency for Cybersecurity (ENISA) has found that 66 percent of supply chain attacks focus on the supplier’s code. Keep Reading
Homeland Security Committee Passes Legislation to Improve TSA’s Frontline Workforce, Along with Nine More Bills
Additionally, the Committee favorable reported legislation that will enhance supply chain security, encourage made in America DHS uniforms, prevent acts of terrorism committed using rental vehicles, and improve cybersecurity in K-12 schools. Keep Reading
Shifting the Cyber Mindset from ‘Assume Breach’ to ‘Breach Prevention’ Is Critical in Next Three Years, Say 91 Percent of Government Cyber Leaders
The study – which surveyed more than 300 cybersecurity leaders across Federal, state, and local government – found that 83 percent of public sector organizations operate on an ‘assume breach’ model today. Keep Reading
CISA, FBI, NCSC and ACSC Release Joint Advisory on Top Routinely Exploited Vulnerabilities
Entities worldwide can mitigate the vulnerabilities listed in this report by applying the available patches to their systems and implementing a centralized patch management system. Keep Reading
Latest from HS Today
CISA, NIST to Develop Cybersecurity Goals for Critical Infrastructure Control Systems
Biden also formally established the voluntary public-private partnership Industrial Control System Cybersecurity Initiative. Keep Reading
CISA Releases Security Advisory for Geutebruck Devices
CISA has released an Industrial Control Systems (ICS) advisory detailing multiple vulnerabilities in multiple Geutebruck G-CAM E2 series devices and Encoder G-Code versions. Keep Reading
Malware Targeting Pulse Secure Devices
As part of CISA’s ongoing response to Pulse Secure compromises, CISA has analyzed 13 malware samples related to exploited Pulse Secure devices. Keep Reading
Artificial Intelligence: Next Frontier Is Cybersecurity
NSA’s Jason Wang, technical director for the Computer and Analytic Sciences Research Group, forecasted a future in which AI will support the Intelligence Community’s (IC) efforts to secure and defend our Nation’s networks. Keep Reading
2021 CWE Top 25 Most Dangerous Software Weaknesses
These weaknesses are dangerous because they are often easy to find, exploit, and can allow adversaries to completely take over a system, steal data, or prevent an application from working. Keep Reading
Virgina Receives $1.5 Million in Federal Funding for Cybersecurity and Maritime Skills and Modernization
Virginia Governor Ralph Northam has announced that the state has been awarded $1.5 million in federal funding to provide Virginia small businesses in the defense industry with required cybersecurity skills and certifications and help modernize the maritime industrial workforce. Keep Reading
Irish Businesses See Bigger Increases in Cyber Attacks Than Their European Counterparts.
A European survey from CWSI reveals that 54% of Irish companies have seen a rise in cybersecurity breach attempts in the last year, the highest in Europe and compared to 42% on average for European firms. Keep Reading
Trustwave Joins CISA’s Cyber Information Sharing and Collaboration Program
The overall mission of the program is to build cybersecurity resiliency and to harden the defenses of the U.S. and its strategic partners. The program enables actionable, relevant, and timely unclassified information exchange through trusted public-private partnerships across all critical infrastructure sectors. Keep Reading
Sophos Acquires Braintrace
Braintrace’s Network Detection and Response provides deep visibility into network traffic patterns, including encrypted traffic, without the need for Man-in-the-Middle decryption. Keep Reading
President Macron Changes Phone, Reinforces Security in Wake of Spyware Allegations
The president held an emergency cybersecurity meeting Thursday to weigh possible government action after reports that his mobile phone and those of government ministers may have been targeted by spyware. Keep Reading
Kaseya Obtains Decryptor Key for REvil Ransomware Victims
In a statement, the firm said it had “obtained the tool from a third party and have teams actively helping customers affected by the ransomware to restore their environments, with no reports of any problem or issues associated with the decryptor”. Keep Reading
ODNI’s Critical Role in Cybersecurity: Facilitating Collaboration, Sharing, and a Combined Response to Foreign Threats
The United States — its public and private sectors — finds itself at a crossroads: we must improve our understanding of elusive, ever-changing threats, while simultaneously remaining agile in our capability to identify and respond to them. Keep Reading
CIO-SP4 Amendments Clear Out Most Early Protests, Extend Due Date
The procurement shop at the National Institutes of Health has apparently satisfied several early complaints over the solicitation for the $50 billion CIO-SP4 IT services contract. Keep Reading
OIG Says CBP Has Placed Travelers’ PII at Risk of Exploitation
The Office of Inspector General (OIG) has found that U.S. Customs and Border Protection (CBP) did not always protect traveler data from cybersecurity risks, despite a responsibility to do so. Keep Reading