FBI and CISA warning of Chinese targeting COVID-19 research organizations

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued a warning of likely targeting and compromise of U.S. COVID-19 research organizations by the People’s Republic of China (PRC).

Continue Reading FBI and CISA warning of Chinese targeting COVID-19 research organizations

Alert: Threat actors continue to exploit patched Pulse Secure VPN devices

Organizations that are running Pulse Security VPN devices may still be at risk of being exploited, even if previously patched, according to a new Department of Homeland Security (DHS) advisory. The risk is elevated if an actor previously exploited CVE-2019-11510 and stole AD credentials from the victim organization.

Continue Reading Alert: Threat actors continue to exploit patched Pulse Secure VPN devices

Cisco Webex and Zoom issue password security guidance to prevent enumeration attacks

Researchers have discovered attackers can take advantage of Webex Meetings API calls to enumerate Webex meeting numbers. Attackers can also launch similar "enumeration attacks" against Zoom platform for ongoing or future meetings .

Continue Reading Cisco Webex and Zoom issue password security guidance to prevent enumeration attacks

DHS warns of Iranian cybersecurity threats, issues guidance

The Director of the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about recent Iranian cybersecurity threats. The statement also included suggested tips and best practices to stay safe online.

Continue Reading DHS warns of Iranian cybersecurity threats, issues guidance