The Cybersecurity & Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the Department of Defense Cyber Crime Center (DC3) issued a joint alert on August 28, 2024, warning U.S.-based organizations that cyber actors, “known in the private sector as Pioneer Kitten, UNC757, Parisite, Rubidium, and Lemon Sandstorm,” are targeting and exploiting U.S. organizations
Passwords Used by Iranian-Backed Hackers Against Defense Contractors
When you are educating your employees about the importance of maintaining a complex password or passphrase, share this story to show why it is so important and to emphasize not to use same or similar passphrases across multiple platforms. It is not just a matter of getting into the company’s systems, but also one of…
Executive Order on Drones Expands to North Korea, Iran, and Russia
Last week, the Executive Order on Protecting the United States from Certain Unmanned Aircraft Systems (UAS) expanded the U.S.-China drone controversy to North Korea, Iran, and Russia.
The Order also provides the Secretary of Commerce with the authority to designate “any other foreign nation, foreign area, or foreign non-government entity engaging in long-term patterns or…
Chinese and Russian Hackers Targeting COVID-19 Vaccine Makers in U.S. Crosshairs
Last week, authorities from the United States, United Kingdom and Canada accused a well-known hacker group tied to the Russian government, APT29 a/k/a Cozy Bear of using malware to exploit security vulnerabilities to enable it to steal COVID-19 vaccine research from companies located in these countries working to develop a vaccine. This was after a…
FBI Warns of Retaliatory Cyber-Attack from Iran
The Federal Bureau of Investigation (FBI) is warning of a heightened likelihood of Iranian cyber-attacks following the escalation of tension between the U.S. and Iran. This follows the warning last week by the Department of Homeland Security (DHS). The FBI and DHS issued a bulletin to law enforcement groups warning of potential physical and cyber-attacks…
States and Municipalities on High Alert for Iranian Originated Cyber-Attacks
The Department of Homeland Security (DHS) is warning critical infrastructure operators to be on high alert for Iranian backed cyber-attacks because of the vulnerability of state and municipal computer systems, they are at high risk for attack from Iranian-based hackers.
We have seen states and municipalities get hammered with ransomware in the past year. Now…
Privacy Tip #221 – How Do We Personally Prepare for a Cyber-Attack on Critical Infrastructure?
Pretty much the only time I don’t feel like I am Chicken Little predicting a massive cyber-attack is when I am with my colleagues at the FBI, Secret Service, NSA and my students in the Brown Executive Masters of Cybersecurity who are members of the military. They don’t respond to my thoughts and fears of…
Department of Homeland Security Warns of Cyber-Attacks by Iran
The Department of Homeland Security (DHS) issued a grave warning to U.S. businesses and critical infrastructure operators on January 6, 2020, alerting the public that Iran poses a cyber terrorism threat to the United States following the death of Iranian Quds Force commander Gen. Qassem Soleimani.
The bulletin explains that Iran’s previous plots against the…
Privacy Tip #200 – Iranian Backed Hacking Group Using LinkedIn To Deliver Malicious Documents
Fireeye published research last week that it has identified a phishing campaign by APT34, which is known to be a hacking group out of Iran, that all LinkedIn users should be aware of when considering adding a LinkedIn contact. In particular, if you receive a LinkedIn request from someone named Rebecca Watts from Cambridge University,…
U.S. Cyber Command Issues Warning About Microsoft Outlook Vulnerability
Hackers are targeting U.S. government networks, according to U.S. Cyber Command, which says there is a vulnerability of CVE-2017-1174, which is a two year old flaw in Microsoft Outlook that is being used by attackers to install remote access Trojans and other malware.
U.S. Cyber Command recommends that the vulnerability be patched to prevent exploitation.…