Canadian Centre for Cyber Security Releases Advisory on Fileless Malware

The Canadian Centre for Cyber Security (CCCS) has released an advisory on an Astaroth fileless malware campaign affecting Microsoft Windows. Astaroth resides solely in memory, and an attacker can use it and other fileless malware to steal information, such as credentials and keystrokes, and obtain other sensitive data. The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review CCCS’s Fileless Malware Advisory for potential infection vectors and recommended mitigations and…

July 19, 2019
Read More >>

WaterISAC Releases Cybersecurity Fundamentals

The Water Information Sharing and Analysis Center (WaterISAC) recently released an updated cybersecurity fundamentals guide for water and wastewater utilities. The guide includes cybersecurity best practices, grouped into 15 categories, to help sector utilities reduce exploitable weaknesses and attacks. WaterISAC is a CISA partner focused on protecting Water and Wastewater Systems Sector utilities from all hazards. The Cybersecurity and Infrastructure Security Agency (CISA) encourages sector utilities and critical infrastructure owners…

July 18, 2019
Read More >>

NCSC Releases 2019 Active Cyber Defence Report

The United Kingdom’s National Cyber Security Centre (NCSC) has released their 2019 Active Cyber Defence (ACD) report, which provides an analysis of program outcomes throughout 2018. NCSC’s ACD program—stood up in 2016—seeks to reduce harm from commodity cyberattacks against the United Kingdom. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review NCSC’s report for more information. Source: https://www.us-cert.gov

July 17, 2019
Read More >>

Microsoft Releases Security Updates for PowerShell Core

Microsoft has released updates to address a vulnerability in PowerShell Core versions 6.1 and 6.2. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Microsoft Security Advisory and apply the necessary updates. Source: https://www.us-cert.gov

July 17, 2019
Read More >>

Oracle Releases July 2019 Security Bulletin

Oracle has released its Critical Patch Update for July 2019 to address 319 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Oracle July 2019 Critical Patch Update and apply the necessary updates. Source: https://www.us-cert.gov

July 17, 2019
Read More >>

DHS Webinar: Cybersecurity Threats to the Healthcare Sector

The Department of Homeland Security (DHS) and the American Hospital Association (AHA) are conducting a webinar focused on current cybersecurity threats to the healthcare sector. The webinar will be held on Wednesday, July 17, 2019, at 1 p.m. ET. The Cybersecurity and Infrastructure Security Agency (CISA) encourages healthcare professionals and their customers to register for the webinar to learn more about ransomware and best practices for securing medical devices. Source:…

July 17, 2019
Read More >>

IRS Releases Six Cybersecurity Safeguards

The Internal Revenue Service (IRS) has issued a news release outlining six cybersecurity safeguards to protect computers, email, and sensitive data. The recommendations are part of the Taxes. Security. Together. Checklist, which the IRS created to help tax professionals protect sensitive taxpayer data. The Cybersecurity and Infrastructure Security Agency (CISA) encourages tax professionals and taxpayers to review the IRS news release and CISA’s Tip on Safeguarding Your Data for more…

July 16, 2019
Read More >>

NCSC Releases Advisory on Ongoing DNS Hijacking Campaign

The United Kingdom’s National Cyber Security Centre (NCSC) has released an advisory about an ongoing Domain Name System (DNS) hijacking campaign. The advisory details risks and mitigations for organizations to defend against this campaign, in which attackers use compromised credentials to modify the location to which an organization’s domain name resources resolve to redirect users, obtain sensitive information, and cause man-in-the-middle attacks. The Cybersecurity and Infrastructure Security Agency (CISA) encourages…

July 13, 2019
Read More >>

Atlassian Releases Security Updates for Jira

Atlassian has released security updates to address a vulnerability affecting Jira Server and Jira Data Center. A remote attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Atlassian Security Advisory 2019-07-10 and Canadian Centre for Cyber Security Advisory AV19-143 and apply the necessary updates or mitigations. Source: https://www.us-cert.gov

July 12, 2019
Read More >>

Microsoft Releases July 2019 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s July 2019 Security Update Summary and Deployment Information and apply the necessary updates. Source: https://www.us-cert.gov

July 9, 2019
Read More >>