Today, the Federal Bureau of Investigation (FBI)—in partnership with CISA, the National Security Agency (NSA), and other U.S. and international partners—released a joint Cybersecurity Advisory Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure. This
Continue ReadingCategory: Dynamic Threat Feeds
Russian Military Cyber Actors Target US and Global Critical Infrastructure
Summary The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center
Continue ReadingHughes Network Systems WL3000 Fusion Software
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Low attack complexity Vendor: Hughes Network Systems Equipment: WL3000 Fusion Software Vulnerabilities: Insufficiently Protected Credentials, Missing Encryption of Sensitive Data 2. RISK EVALUATION Successful exploitation of these
Continue ReadingBaxter Connex Health Portal
View CSAF 1. EXECUTIVE SUMMARY CVSS v3.1 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Baxter Equipment: Connex Health Portal Vulnerabilities: SQL Injection, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to
Continue ReadingCISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems (ICS) advisory on September 5, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-249-01 Hughes Network Systems WL3000 Fusion Software ICSMA-24-249-01 Baxter Connex
Continue ReadingPredator Spyware Infrastructure Returns Following Exposure and Sanctions
Following exposure and sanctions by the US government, Intellexas Predator spyware activity appeared to decline. However, recent findings by Insikt Group reveal that Predator's infrastructure is back with modifications to evade detection and anonymize users. This
Continue ReadingISC Stormcast For Thursday, September 5th, 2024 https://isc.sans.edu/podcastdetail/9126, (Thu, Sep 5th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingAttack Surface [Guest Diary], (Wed, Sep 4th)
[This is a Guest Diary by Joshua Tyrrell, an ISC intern as part of the SANS.edu BACS program] Managing the Attack Surface You’ve begun the journey of reviewing your IT infrastructure and attempting to figure out
Continue ReadingScans for Moodle Learning Platform Following Recent Update, (Wed, Sep 4th)
On August 10th, the popular learning platform "Moodle" released an update fixing %%cve:2024-43425%%. RedTeam Pentesting found the vulnerability and published a detailed blog post late last week. The blog post demonstrates in detail how a user with
Continue ReadingISC Stormcast For Wednesday, September 4th, 2024 https://isc.sans.edu/podcastdetail/9124, (Wed, Sep 4th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue Reading