BLOG

Cybercriminals Exploit Assassination Attempt to Steal Cryptocurrency

Example of deepfake video with QR code. Image Source: Bitdefender. The NJCCIC recently received reports of cryptocurrency scams exploiting current events, similar to open-source reporting. Opportunistic cybercriminals are using the recent assassination attempt that targeted former President Donald Trump to lure unsuspecting victims into a new pig-butchering cryptocurrency investment scam. The scam involves hijacked YouTube … Continue reading Cybercriminals Exploit Assassination Attempt to Steal Cryptocurrency
Thu, 25 Jul 2024 18:05:54 +0000

Play Ransomware Targets VMWare ESXi Environments

A new Linux variant of Play ransomware has been targeting VMWare ESXi environments. Businesses often use ESXi environments to run multiple virtual machines (VMs), typically hosting backup solutions, critical applications, and data storage. This new variant of Play ransomware still utilizes many of the same tactics, techniques, and procedures (TTPs) as prior Windows versions. Play’s … Continue reading Play Ransomware Targets VMWare ESXi Environments
Thu, 25 Jul 2024 18:04:39 +0000

FBI, CISA, and Partners Release Advisory Highlighting North Korean Cyber Espionage Activity

Today, CISA—in partnership with the Federal Bureau of Investigation (FBI)—released a joint Cybersecurity Advisory, North Korea State-Sponsored Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs. The advisory was coauthored with the following organizations: This advisory was crafted to highlight cyber espionage activity associated with the Democratic People’s Republic of Korea (DPRK)’s … Continue reading FBI, CISA, and Partners Release Advisory Highlighting North Korean Cyber Espionage Activity
Thu, 25 Jul 2024 17:53:22 +0000

NIST Releases RMF Small Enterprise Quick Start Guide

Introducing the RMF Small Enterprise Quick Start Guide Today, NIST released the RMF Small Enterprise Quick Start Guide. The new guide is designed to help small, under-resourced entities understand the value and core components of the RMF and provides a starting point for designing and implementing an information security and privacy risk management program. Within … Continue reading NIST Releases RMF Small Enterprise Quick Start Guide
Wed, 24 Jul 2024 15:54:39 +0000

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution – PATCH NOW

OVERVIEW:Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install … Continue reading Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution – PATCH NOW
Wed, 24 Jul 2024 12:37:28 +0000

Microsoft 365 Fundamentals training day

Microsoft 365 Virtual Training Day:Fundamentals   Build the skills you need to create new opportunities and accelerate your understanding of Microsoft Cloud technologies at a free Microsoft 365 Virtual Training Day from Microsoft Learn. Join us at Microsoft 365 Fundamentals to learn how to simplify the adoption of cloud services while supporting strong security, compliance, … Continue reading Microsoft 365 Fundamentals training day
Tue, 23 Jul 2024 16:42:07 +0000

Personal Identity Verification (PIV) Interfaces, Cryptographic Algorithms, and Key Sizes: NIST Revises SP 800-73 and SP 800-78

In January 2022, NIST revised Federal Information Processing Standard (FIPS) 201, which establishes standards for the use of Personal Identity Verification (PIV) credentials, including those on PIV Cards. NIST Special Publication (SP) 800-73-5: Parts 1–3 and SP 800-78-5 have subsequently been revised to align with FIPS 201. SP 800-73-5: Parts 1–3 SP 800-73-5: Parts 1–3, … Continue reading Personal Identity Verification (PIV) Interfaces, Cryptographic Algorithms, and Key Sizes: NIST Revises SP 800-73 and SP 800-78
Mon, 22 Jul 2024 17:19:43 +0000

Service Mesh Proxy Models for Cloud-Native Applications: Draft SP 800-233 Available for Public Comment

The initial public draft of NIST Special Publication (SP) 800-233, Service Mesh Proxy Models for Cloud-Native Applications, is now available for public comment. The service mesh has become the de facto application services infrastructure for cloud-native applications. It enables an application’s runtime functions (e.g., network connectivity, access control, etc.) through proxies that form the data … Continue reading Service Mesh Proxy Models for Cloud-Native Applications: Draft SP 800-233 Available for Public Comment
Mon, 22 Jul 2024 17:18:31 +0000

A Vulnerability in Cisco Secure Email Gateway Could Allow for Remote Code Execution – PATCH: NOW

MS-ISAC ADVISORY NUMBER:2024-083 DATE(S) ISSUED:07/22/2024 SUBJECT:A Vulnerability in Cisco Secure Email Gateway Could Allow for Remote Code Execution OVERVIEW:A vulnerability has been discovered in Cisco Secure Email Gateway that could allow for remote code execution. Cisco Secure Email Gateway is an email security product that uses signature analysis and machine learning to identify and block … Continue reading A Vulnerability in Cisco Secure Email Gateway Could Allow for Remote Code Execution – PATCH: NOW
Mon, 22 Jul 2024 14:46:13 +0000

Azure Network Security | Unlock the Power of Azure Firewall Governance with Azure Policies

Register now > Azure Network Security | Unlock the Power of Azure Firewall Governance with Azure Policies Tuesday July 23, 2024 | 8:00AM – 9:00AM (PST, Redmond Time) Description: Join us for an insightful webinar on Azure Policies for Azure Firewall, where we will delve into the governance aspects to ensure your Azure Firewall is … Continue reading Azure Network Security | Unlock the Power of Azure Firewall Governance with Azure Policies
Mon, 22 Jul 2024 14:41:31 +0000

© 2000 Interactive Security Training, LLC - All Rights Reserved.