The Microsoft Threat Intelligence Center (MSTIC) has released a blog post describing an increase in malicious cyber activity from the Iranian group known as Phosphorus. These threat actors are exploiting password reset or account recovery features to take control of targeted email accounts.
The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
The United Kingdom (UK) National Cyber Security Centre (NCSC) has released an alert on advanced persistent threat (APT) actors exploiting vulnerabilities in Virtual Private Network (VPN) applications. A remote attacker could exploit these vulnerabilities to take control of an affected system.
The Dutch National Cyber Security Centre (NCSC) has released a fact sheet on the increasing difficulty of Domain Name System (DNS) monitoring. NCSC warns that although modernization of transport protocols is helpful, it also makes it more difficult to monitor or modify DNS requests. These changes could render an organization’s security controls ineffective.
The Internet Crime Complaint Center (IC3) has released an alert on ransomware threats to U.S. businesses and organizations. Ransomware is a type of malware designed to deny access to a computer system or data until a ransom is paid. Cyber criminals often infect organizations with ransomware through email phishing campaigns or exploiting vulnerabilities in software or Remote Desktop Protocol (RDP).
Microsoft has re-released security updates to address a vulnerability in Microsoft software. A remote attacker could exploit this vulnerability to take control of an affected system. Updates are now available automatically via Windows Update or Windows Server Update Services.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft Security Advisory for CVE-2019-1367 and apply the necessary updates.
Cisco has released security updates to address vulnerabilities affecting multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Event Response page and apply the necessary updates.
Describes what cloud computing is, discusses how it can help, and outlines possible security concerns.
Recommendations for best practices to achieve system integrity through software authenticity and...
Introduces emerging threats likely to have a significant impact on mobile devices and their users.
These reports summarize general activity, including updates to the National Cyber Awareness System, for past months in addition to other newsworthy events or highlights.
Web browsers are a common method attackers use to compromise systems. Learn how to secure your web browser and better protect against exploits.
This document provides guidance and resources for recovering a computer after it has been infected with a Trojan Horse or virus including steps to prevent it from happening again.