CHIRP tool scans for signs of APT compromise associated with SolarWinds and Azure/M365 cyberattacks

The DHS CISA cybersecurity team just released a new tool dubbed CHIRP, a forensics collection tool designed to help network defenders scan for indicators of compromise (IOCs) associated with the SolarWinds Orion and Active Directory/M365 compromise and cyberattacks.

Continue Reading CHIRP tool scans for signs of APT compromise associated with SolarWinds and Azure/M365 cyberattacks

3 good examples of how to apply the Zero Trust Security Model

The National Security Agency (NSA) has released new guidelines on the Zero Trust Security Model, a coordinated system management strategy that removes implicit trust in any one system or service and assumes breaches will or have already occurred.

Continue Reading 3 good examples of how to apply the Zero Trust Security Model

BeagleBoyz cybercriminals launch “FASTCash 2.0” to rob banks

North Korea's BeagleBoyz cybercriminals have launched an automated teller machine (ATM) cash-out scheme, known as FASTCash 2.0. Cyber experts from the U.S. government have detected the cyber activity over the past five years that led to nearly $2B loss to financial institutions around the world.

Continue Reading BeagleBoyz cybercriminals launch “FASTCash 2.0” to rob banks

NIST SP 800-128: Security-Focused Configuration Management of Information Systems Guidelines

The National Institute of Standards and Technology (NIST) has issued new Security-Focused Configuration Management of Information Systems guidelines (SP 800-128).

Continue Reading NIST SP 800-128: Security-Focused Configuration Management of Information Systems Guidelines

Xwo botnet scans for exposed web services and default passwords

A newly discovered botnet dubbed Xwo has been scanning the internet for exposed web services and default passwords. The malware was discovered by AT&T's Alien Labs back in March and is related to malware families MongoLock and Xbash.

Continue Reading Xwo botnet scans for exposed web services and default passwords