HackDig : Dig high-quality web security articles

Patch now! NSA, CISA, and FBI warn of Russian intelligence exploiting 5 vulnerabilities

The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) have jointly released a Cybersecurity Advisory called Russian SVR Targets U.S. and Allied Networks,  to expose ongoing Russian Foreign Intelligence Service (SVR) exploitation of five publicly known vulnerabilities. Th
Publish At:2021-04-16 12:15 | Read:144 | Comments:0 | Tags:Malwarebytes news apt29 cisa cozy bear cve-2018-13379 cve-20

CISA Urges Caution for Security Researchers Targeted in Attack Campaign

The agency urges researchers to take precautions amid an ongoing targeted threat campaign.The Cybersecurity and Infrastructure Security Agency (CISA) is cautioning cybersecurity researchers to keep their guard up amid a wave of attacks targeting this particular group.Related Content:Google Updates on Campaign Targeting Security ResearchersSpecial Report: How
Publish At:2021-04-14 20:12 | Read:75 | Comments:0 | Tags: CISA security

CISA gives federal agencies until Friday to patch Exchange servers

The US Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to install newly released Microsoft Exchange security updates by Friday.Today, Microsoft released security updates for four Microsoft Exchange vulnerabilities discovered by the NSA.These Exchange vulnerabilities are capable of remote code execution, with two 
Publish At:2021-04-13 18:29 | Read:195 | Comments:0 | Tags:Security CISA

CISA Details Malware Found on Hacked Exchange Servers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week published details on additional malware identified on compromised Microsoft Exchange servers, namely China Chopper webshells and DearCry ransomware.The malware operators target Exchange servers through a series of vulnerabilities that were made public on March 3, the same day Microsof
Publish At:2021-04-13 12:55 | Read:81 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

CISA Launches New Threat Detection Dashboard

Aviary is a new dashboard that works with CISA's Sparrow threat detection tool.The US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) is launching another security tool to help organizations mitigate threats like those posed by the recent SolarWinds supply chain attack discovered in December.Related Content:Attackers
Publish At:2021-04-09 18:49 | Read:217 | Comments:0 | Tags: CISA

CISA Releases Tool to Detect Microsoft 365 Compromise

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has released a new tool to help with the detection of potential compromise within Microsoft Azure and Microsoft 365 environments.Dubbed Aviary, the new tool is a dashboard that makes it easy to visualize and analyze output from Sparrow, the compromise detection
Publish At:2021-04-09 14:58 | Read:70 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

CISA releases post-compromise tool Aviary to review Microsoft 365

CISA released a Splunk-based dashboard for post-compromise activity in Microsoft Azure Active Directory (AD), Office 365, and MS 365 environments. The Cybersecurity and Infrastructure Security Agency (CISA) has released a Splunk-based dashboard, dubbed Aviary, that could be used by administrators in the post-compromise analysis of Microsoft Azure Active D
Publish At:2021-04-09 09:00 | Read:193 | Comments:0 | Tags:Breaking News Security CISA

CISA releases tool to review Microsoft 365 post-compromise activity

Image: CISAThe Cybersecurity and Infrastructure Security Agency (CISA) has released a companion Splunk-based dashboard that helps review post-compromise activity in Microsoft Azure Active Directory (AD), Office 365 (O365), and Microsoft 365 (M365) environments.CISA's new tool, dubbed Aviary, helps security teams visualize and analyze data outputs g
Publish At:2021-04-08 21:06 | Read:195 | Comments:0 | Tags:Security CISA

CISA: Patch Legacy SAP Vulnerabilities Urgently

The US government is urging SAP owners to urgently patch and fix their application environments after a new report warned of mass exploitation.The Cybersecurity and Infrastructure Security Agency (CISA) urged SAP businesses to prioritize reviewing the Onapsis report. It said affected customers could be exposed to data theft, financial fraud, ransomware and d
Publish At:2021-04-07 07:19 | Read:169 | Comments:0 | Tags: CISA

SAP systems are targeted within 72 hours after updates are released

On-premises SAP systems are targeted by threat actors within 72 hours after security patches are released, security SAP security firm Onapsis warns. According to a joint study published by Onapsis and SAP, on-premises SAP systems are targeted by threat actors within 72 hours after security patches are released. Threat actors perform reverse-engineering
Publish At:2021-04-06 14:11 | Read:179 | Comments:0 | Tags:Breaking News Hacking Reports CISA information security news

CISA: Patch These Three Fortinet Bugs Now to Avoid Compromise

The US authorities are urging Fortinet customers to patch three legacy vulnerabilities being exploited in the wild to compromise government, commercial and technology service provider networks.A joint cybersecurity advisory from the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) on Friday warned that threat actors are actively scann
Publish At:2021-04-06 07:55 | Read:120 | Comments:0 | Tags: CISA

CISA, FBI Warn of Attacks Targeting Fortinet FortiOS

The U.S. government is warning that Advanced Persistent Threat (APT) actors are exploiting vulnerabilities in Fortinet FortiOS in ongoing attacks targeting commercial, government, and technology services networks.The warning, issued in a joint advisory by FBI and the Cybersecurity and Infrastructure Security Agency (CISA), follows the recent release of
Publish At:2021-04-05 13:28 | Read:243 | Comments:0 | Tags:Endpoint Security Network Security NEWS & INDUSTRY Appli

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

FBI and CISA published a joint alert to warn of advanced persistent threat (APT) groups targeting Fortinet FortiOS to access networks of multiple organizations. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) published a joint alert to warn of attacks carried out by APT groups targeting Fortinet Fo
Publish At:2021-04-02 20:27 | Read:338 | Comments:0 | Tags:APT Breaking News Hacking CISA FBI Fortinet FortiOS hacking

FBI and CISA warn of state hackers attacking Fortinet FortiOS servers

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) warn of advanced persistent threat (APT) actors targeting Fortinet FortiOS servers using multiple exploits.In the Joint Cybersecurity Advisory (CSA) published today, the agencies warn admins and users that the state-sponsored hacking
Publish At:2021-04-02 16:52 | Read:243 | Comments:0 | Tags:Security IOS FBI CISA hack

FBI & CISA Warn of Active Attacks on FortiOS Vulnerabilities

A joint advisory warns admins of the likelihood of APT groups exploiting three vulnerabilities in the Fortinet FortiOS.The FBI and Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) today issued a joint advisory warning admins of active exploits targeting three vulnerabilities in Fortinet FortiOS.Related Content:Microso
Publish At:2021-04-02 15:10 | Read:248 | Comments:0 | Tags: IOS FBI CISA