On January 13 the Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about several recent successful cyberattacks on various organizations’ cloud services. What methods did the attackers use? In the initial phase, the victims were targeted by phishing emails trying to capture the credentials of a cloud service account. Once the at

In light of successful cyberattacks targeting organizations’ cloud services, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a series of recommendations on how businesses can improve their cloud security.The attacks observed by CISA exploit poor cyber hygiene practices within cloud services configurations, and the agency says t

A US cybersecurity agency is urging organizations to improve their cyber-hygiene after warning of multiple successful attacks targeting cloud services used by remote workers.The Cybersecurity and Infrastructure Security Agency (CISA) revealed in a report yesterday that attackers are increasingly targeting corporate and personal laptops with phishing, br

The US CISA revealed that several recent successful cyberattacks against various organizations’ cloud services.  The Cybersecurity and Infrastructure Security Agency (CISA) announced that several recent successful cyberattacks hit various organizations’ cloud services. According to the agency, the attackers conducted phishing campaigns and exploited p

The US Cybersecurity and Infrastructure Security Agency (CISA) said today that threat actors bypassed multi-factor authentication (MFA) authentication protocols to compromise cloud service accounts."CISA is aware of several recent successful cyberattacks against various organizations’ cloud services," the cybersecurity agency said on Wednesday."The cyb

CISA revealed that threat actors behind the SolarWinds hack also used password guessing and password spraying in its attacks. Cybersecurity and Infrastructure Security Agency (CISA) revealed that threat actors behind the SolarWinds supply chain attack also employed common hacker techniques to compromise the networks of the targeted organizations, includin

SolarWinds Hires New Cybersecurity Firm Founded by Former CISA Director Chris Krebs and Alex Stamos, Former Security Chief at Yahoo and FacebookFollowing a significant security incident that sent shockwaves through the global cybersecurity community, SolarWinds has hired a newly formed cybersecurity consulting firm founded by Chris Krebs, former director of

A joint statement issued by US security agencies confirmed that Russia was likely the origin of the SolarWinds supply chain attack. The US agencies FBI, CISA, ODNI, and the NSA released a joint statement that blames Russia for the SolarWinds supply chain attack. On behalf of President Trump, the four agencies were part of the task force Cyber Unified C

US Cybersecurity and Infrastructure Security Agency (CISA) urges US federal agencies to update the SolarWinds Orion software by the end of the year. The US Cybersecurity and Infrastructure Security Agency (CISA) has updated its official guidance to order US federal agencies to update the SolarWinds Orion platforms by the end of the year. According to

Cybersecurity and Infrastructure Security Agency (CISA) released a tool for detecting potentially malicious activities in Azure/Microsoft 365 environments. The Cybersecurity and Infrastructure Security Agency (CISA)’s Cloud Forensics team has released a PowerShell-based tool, dubbed Sparrow, that can that helps administrators to detect anomalies and

The Cybersecurity and Infrastructure Security Agency (CISA) has released a PowerShell-based tool that helps detect potentially compromised applications and accounts in Azure/Microsoft 365 environments.This comes after Microsoft disclosed how stolen credentials and access tokens are actively being used by threat actors to target Azure customers.Azure administ

Security updates available for the Treck TCP/IP stack address two critical vulnerabilities leading to remote code execution or denial-of-service. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory to warn organizations using industrial control systems (ICS) about the risks posed by these flaws.A low-level TCP/IP software

While incident responders focus on attacks using SolarWinds Orion, government cyber defenders highlight other methods likely being used as well.An attacker-modified update to the SolarWinds Orion network management product that compromised thousands of companies and government agencies is likely not the only way Russian attackers infiltrated networks, accord

The FBI, the DHS’s Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI) have issued a joint statement outlining each of their roles in investigating and responding to the recently disclosed SolarWinds breach, which they described as a “significant and ongoing cybersecurity campaign.”The organ

U.S. Agency Says SolarWinds Orion Supply Chain Compromise is Not the Only Initial Infection Vector Leveraged by APT Actor The U.S. government on Thursday added a new wrinkle to the global emergency response to the SolarWinds software supply chain attack, warning there are “additional initial access vectors” that have not yet been documented.As the incid