NSA releases guidance on securing wireless devices in public settings

The National Security Agency (NSA) has released guidance on securing wireless devices in public settings for government national defense entities and the general public. The new 8-page guidance infosheet summarizes…

Continue ReadingNSA releases guidance on securing wireless devices in public settings

U.S. government releases advisories and indictments related to “sophisticated Chinese state-sponsored activity”

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have observed "sophisticated Chinese state-sponsored activity" targeting multiple public and private sectors in the United States.

Continue ReadingU.S. government releases advisories and indictments related to “sophisticated Chinese state-sponsored activity”

CHIRP tool scans for signs of APT compromise associated with SolarWinds and Azure/M365 cyberattacks

The DHS CISA cybersecurity team just released a new tool dubbed CHIRP, a forensics collection tool designed to help network defenders scan for indicators of compromise (IOCs) associated with the SolarWinds Orion and Active Directory/M365 compromise and cyberattacks.

Continue ReadingCHIRP tool scans for signs of APT compromise associated with SolarWinds and Azure/M365 cyberattacks

3 good examples of how to apply the Zero Trust Security Model

The National Security Agency (NSA) has released new guidelines on the Zero Trust Security Model, a coordinated system management strategy that removes implicit trust in any one system or service and assumes breaches will or have already occurred.

Continue Reading3 good examples of how to apply the Zero Trust Security Model

CISA: Threat actors behind SolarWinds hack pose ‘grave risk’ (updated)

The Cybersecurity and Infrastructure Security Agency (CISA) has warned the recent compromise by threat actors of SolarWinds poses a 'grave risk' to critical infrastructure, government and private sector organizations.

Continue ReadingCISA: Threat actors behind SolarWinds hack pose ‘grave risk’ (updated)