Hot Topics

government

Response to CISA Advisory (AA24-241A): Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations

| | adversary emulation, CISA Alert, Defense Industrial Base, education, Financial Services, Fox Kitten, government, Healthcare & Life Sciences, Iran, Lemon Sandstorm, Parisite, Pioneer Kitten, RUBIDIUM, UNC757
AttackIQ has released a new assessment template in response to the CISA Advisory (AA24-241A) published on August 28, 2024. The advisory outlines espionage activity associated with a specific group of Iranian cyber ...
AttackIQ
Alarming Intrusion: Chinese Government Hackers Target US Internet Providers

Alarming Intrusion: Chinese Government Hackers Target US Internet Providers

| | Blog, government, Infrastructure, nation-state attacks, Nation-State Bad Actors, Nation-State Threat Actors, national cybersecurity, National Cybersecurity Strategy, Uncategorized, Zero Day Attacks, zero-day, zero-day attack, zero-day attack identification, Zero-day threats
A recent Washington Post report sent shockwaves through the cybersecurity landscape, revealing that Chinese government-backed hackers have infiltrated at least two major US internet service providers (ISPs) and several smaller ones ...
MixMode

Emulating the Sabotage-Focused Russian Adversary Sandworm– Part 2

| | adversary emulation, Defense Industrial Base, Financial Services, government, Invasion, Malware, Russia, Sandworm, technology, transportation, Ukraine
AttackIQ has released two new attack graphs that emulate the behaviors exhibited by the highly sophisticated Russian adversary Sandworm during various destructive activities against targets in Ukraine and other countries in the ...
AttackIQ

Emulating the Notorious Chinese State-Sponsored Winnti Group

| | adversary emulation, government, manufacturing, technology, TTPs, Winnti
AttackIQ has released three new attack graphs that seek to emulate the Tactics, Techniques and Procedures (TTPs) associated with and exhibited by the stealthy and notorious Winnti Group during its activities in ...
AttackIQ
healthcare voice scams

Cybersecurity Automation in Healthcare Program Launched by HHS Agency

| | arpa-h, Automation, DIGIHEALS, government, healthcare, HHS, legislation, Upgrade
The UPGRADE program seeks to enhance and automate cybersecurity for healthcare facilities, focused on protecting operations and ensuring continuity of patient care ...
Security Boulevard
filling out a job resume

White House Cybersecurity Workforce Initiative Backed by Tech Titans

| | Biden administration, Careers, certification, college degree, cybersecurity salaries, cybersecurity workforce, government, government IT, hiring, jobs, standards
No degree? No problem. The federal government and private industry leaders are coordinating to prioritize skills-based hiring to shore up the nation's cybersecurity workforce ...
Security Boulevard
Zero-Day Nightmare: Palo Alto, Cisco, and MITRE Under Attack

Zero-Day Nightmare: Palo Alto, Cisco, and MITRE Under Attack

| | Blog, government, MITRE ATT&CK, national cybersecurity, National Cybersecurity Strategy, Palo Alto Network, Palo Alto Networks, Zero Day Attacks, zero-day, zero-day attack, Zero-day threats
Zero-day threats continue to wreak havoc on organizations worldwide, with recent attacks targeting corporate and government networks. In the last few weeks, government-sponsored threat actors have targeted Palo Alto Networks and Cisco ...
MixMode
electric wires

Oak Ridge, McCrary Institute Establish Cybersecurity Center Focused on Electrical Grid

| | Critical Infrastructure, cybersecurity research, Cybersecurity Research Center, electric grid, funding, government, university, workforce training
In addition to supporting research centers, the $12.5 million project focuses on training the next generation of cybersecurity pros to safeguard the nation's critical infrastructure.  ...
Security Boulevard

Linux Backdoor Infection Scare, Massive Social Security Number Heist

| | backdoor, Cyber Security, Cybersecurity, Data breach, Data Privacy, Digital Privacy, Episodes, government, Government Contractor, Hacking, Information Security, Infosec, Linux, open source, pii, Podcast, Podcasts, Privacy, security, sensitive data, Social Security Numbers, technology, Weekly Edition, XZ Utils
In episode 325, Tom and Kevin discuss a significant backdoor threat that nearly compromised Linux systems globally, stemming from an infiltration into an open-source project called XZ Utils by attackers who gained ...
Shared Security Podcast
FCC connected cars domestic abuse

FCC Mulls Rules to Protect Abuse Survivors from Stalking Through Cars

| | automobile, automobiles, Car, connected car security, domestic abuse, fcc, government, MVNO, telematics
To protect domestic violence survivors from abusers, the FCC wants to include internet-connected vehicles under the Safe Communication Act ...
Security Boulevard
Load more

Application Security Check Up