This synopsis overviews four critical takeaways from the recent executive order from President Joe Biden. The Colonial Pipeline attack has prompted the White House to issue a sweeping cybersecurity executive order requiring government agencies adhere to stricter policies around buying software, authentication, endpoint detection and encryption.
President Joe Biden issues comprehensive executive order on improving the nation’s cybersecurity. Read the full scope here.
The Russian group dubbed “DarkSide” deployed a ransomware attack to the major pipeline supporting the US fuel supply this week, cutting off the entire fuel supply to the US East coast. The attack, dubbed one of the most disruptive digital ransom operations ever, is prompting a wake-up call across the country about the vulnerability of critical infrastructure to cyber warfare.
After Elasticsearch left a server exposed without a password, a malware group infected the server with a strain that stole hundreds of thousands of passwords and millions of authentication cookies, then leaked this same data online for more than a month. During this time thieves had access to login credentials, credit card information, cryptocurrency wallets and browser data.
Users of Australian software company Passwordstate emailed customers last week warning them to ‘reset all passwords’ after attackers compromised the system to steal passwords from users connecting to networked devices such as VPNs, internal databases and more.
CISA is aware of ongoing exploitation of Ivanti Pulse Connect Secure vulnerabilities compromising U.S. government agencies, critical infrastructure entities, and private sector organizations.
Russian hackers exploited gaps in U.S. defenses and spent months in government and corporate networks in one of the most effective cyber espionage campaigns of all time. This is how they did it.
According to Microsoft, more than 80% of enterprises have experienced at least one firmware attack in the past two years, but only 29% of security budgets are allocated to protect firmware
Krebs reports on how hackers infiltrated devices at IoT vendor Ubiquiti, gaining backdoor access to Ubiquiti’s AWS cloud service servers. Access could have allowed intruders to authenticate on countless Ubiquiti devices globally but the company responded quickly to avoid disaster. But not without lessons…