Security

OODA Loop – CISA tells Federal Agencies to Immediately Patch or ‘Disconnect’ Microsoft Exchange Servers

ByPR 24 March 4, 2021

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has posted a new emergency directive calling on federal agencies to immediately patch or disconnect Microsoft Exchange servers. The alert follows a recent warning from Microsoft about major zero-day attacks on email servers, according to a recent posting by the tech giant. The zero-day is allegedly being exploited in the wild, posing a serious cybersecurity threat to US federal agencies.

The emergency directive states that civilian federal agencies hosting on-premises Microsoft Exchange servers must update their software with the newly released patches or take the services offline until they are able to do so to mitigate any risks posed by the vulnerabilities. It also calls for agencies to gather forensic images and to search networks for known indicators of compromise. The vulnerability is also allegedly being leveraged by a nation-state group suspected to be operating out of China.

Security

Attackers Stole 8.6 Million Customers’ Details

ByPR 24 August 20, 2021

Breach Notification , Cybercrime , Cybercrime as-a-service 40 Million Credit Applications Also Stolen; Social Security Numbers Exposed Mathew J. Schwartz (euroinfosec) • August 18, 2021 T-Mobile’s store in Times Square, New York (Photo: T-Mobile) T-Mobile USA has confirmed that its systems were breached and that investigators have found that details for 8.6 million…

Security

Apple-backed ride-hailing service Didi Chuxing removed from App Store over privacy concerns

ByPR 24 July 4, 2021

Back in 2016, Apple announced a $1 billion investment in the Chinese Uber competitor Didi Global, with Tim Cook saying the investment presented a variety of strategic opportunities for Apple. The investment also earned Apple a seat on Didi’s board. Now, just days after going public with a US IPO, Didi Chuxing is under fire…

Security

Months after hack, U.S. poised to announce sanctions on Russia

ByPR 24 April 15, 2021

The sanctions would represent the first retaliatory action announced against the Kremlin for last year’s hack, familiarly known as the SolarWinds breach. The Joe Biden administration is preparing to announce sanctions in response to a massive Russian hacking campaign that breached vital federal agencies, as well as for election interference, a senior administration official said….

Security

Biden budget sets aside $750 mln for SolarWinds response

ByPR 24 May 31, 2021

The SolarWinds logo is seen outside its headquarters in Austin, Texas, U.S., December 18, 2020. REUTERS/Sergio Flores/File Photo U.S. President Joe Biden’s proposed budget includes $750 million for the government agencies hit by the SolarWinds hack to pay for cybersecurity improvements to prevent another attack. The money comes on top of a $500 million fund…

Security

White House Puts Russia on Notice Over JBS Ransomware Hit

ByPR 24 June 2, 2021

Endpoint Security , Fraud Management & Cybercrime , Ransomware In Wake of Colonial Pipeline Attack, Ransomware as Unrestrained as Ever, Experts Say Jeremy Kirk (jeremy_kirk) • June 2, 2021 JBS’s facility in Greeley, Colorado. (Photo: Mizzou CAFNR via Flickr/CC) The White House says it has put Russia on notice over the ransomware attack…

Security

Cyberattack on U.S. pipeline is linked to criminal gang

ByPR 24 May 10, 2021

WASHINGTON — The federal government is working with the Georgia-based company that shut down a major pipeline transporting fuel across the East Coast after a ransomware attack, the White House says. The government is planning for various scenarios and working with state and local authorities on measures to mitigate any potential supply issues, officials said…

Similar Posts