Hacking News CISA warns of trojanized versions of JavaScript library's NPM package October 23rd, 2021 0 The warning comes days after three rogue packages, okhsa, klow, and klown discovered by DevSecOps firm Sonatype, were removed from the NPM...
Cyber Events CISA - Ransomware targeted SCADA systems of 3 US water facilities October 15th, 2021 0 US has warned of more ransomware attacks on IT and OT networks of country's Water and Wastewater Systems (WWS) Sector facilities.
Security NSA, CISA Release Guidelines to Secure VPNs September 29th, 2021 0 The NSA and CISA have published guidelines to secure virtual private networks (VPNs) as threat actors have been exploiting VPN vulnerabilities.
Technology News Unpatched Microsoft Exchange servers hit with ProxyShell attack August 26th, 2021 0 Researchers have identified 140+ webshells launched against 1,900 unpatched Microsoft Exchange servers.
Security Prominent defibrillator management tool exposed to remote attacks June 21st, 2021 0 High-Risk security flaws found and patched in ZOLL defibrillator management software. Here's what happened and what was vulnerable.
Hacking News Hackers exploiting critical vulnerabilities in Fortinet VPN - FBI-CISA April 5th, 2021 0 According to CISA and the FBI, advanced persistent threat (APT) nation-state actors are exploiting known vulnerabilities in the Fortinet FortiOS.
Cyber Events Warning as hackers breach MFA to target cloud services January 14th, 2021 0 According to CISA, it has verified one of the users had their account breached even though they were using "proper multi-factor authentication...
Security CISA's Sparrow.ps1 tool detects malicious activity on Azure, Microsoft 365 December 29th, 2020 1 The new free tool called Sparrow.ps1 is intended for use by incident responders. Here's what this tool can do and how.
Technology News Hackers exploit VPN, Windows flaws to influence US elections October 13th, 2020 0 According to CISA, these Windows flaws are centered around Fortinet FortiOS Secure Socket Layer (SSL) VPN and MobileIron platform.
Security Federal agency compromised leveraging compromised credentials September 26th, 2020 0 a Federal agency's computer network by gaining access to Microsoft Office 365 login credentials and domain administrator accounts.
