Blog
- Update on SVR Cyber Operations and Vulnerability Exploitation October 11, 2024The Federal Bureau of Investigation (FBI), the National Security Agency (NSA), Cyber National Mission Force (CNMF), and the United Kingdom’s National Cyber Security Centre (NCSC-UK) released this Joint Cybersecurity Advisory to highlight the tactics, techniques, and procedures (TTPs) employed by the Russian Federation’s Foreign Intelligence Service (SVR) in recent cyber operations and provide network defenders with […]blogmirnet
- CISA: Avoid Scams After Disaster Strikes October 10, 2024As hurricanes and other natural disasters occur, CISA urges individuals to remain on alert for potential malicious cyber activity. Fraudulent emails and social media messages—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with hurricane-related subject lines, attachments, or hyperlinks. In addition, be wary of social media pleas, […]blogmirnet
- GorillaBot Pounds Its Chest After Unleashing Over 300,000 DDOS Attacks October 10, 2024Image Source: NSFOCUS The newest threat to emerge from Mirai’s leaked source code has made itself known in a big way. The botnet, dubbed GorillaBot , issued over 300,000 attack commands across 113 countries from September 4 to September 27, with China (20 percent), the United States (19 percent), and Canada (16 percent) as the […]blogmirnet
- DPRK Delivers Updated BeaverTail Malware to Job Seekers October 10, 2024Analysts recently identified a new iteration of BeaverTail malware associated with the CL-STA-240 Contagious Interview campaign , first discovered in November 2023. The threat actors, associated with the Democratic People’s Republic of Korea (DPRK), pose as prospective employers and target individuals seeking employment within the Information Technology sector through popular job search platforms such as […]blogmirnet
- Free Training: Defend Against Threats with Extended Detection and Response training day October 10, 2024Build the skills you need to create new opportunities and accelerate your understanding of Microsoft Cloud technologies at a free Microsoft Security Virtual Training Day from Microsoft Learn. Join us at Defend Against Threats with Extended Detection and Response to learn how to better protect apps and data in Microsoft 365 Defender, Microsoft Defender for […]blogmirnet
- NIST small business cybersecurity webinar October 9, 2024Event Date: October 23, 2024 Event Time: 2:00PM – 3:00PM EDT Event Location: Virtual Description: Identity and Access Management is a fundamental and critical cybersecurity capability for businesses of all sizes. To protect your business from fraud and unauthorized system and data access, you want to take steps to ensure that only the right people […]blogmirnet
- Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution – PATCH NOW October 9, 2024Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install […]blogmirnet
- Protecting Against Iranian Targeting of Accounts Associated with National Political Organizations October 9, 2024The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released this Fact Sheet, which provides information about threat actors affiliated with the Iranian Government’s Islamic Revolutionary Guard Corps (IRGC) targeting and compromising accounts of Americans to stoke discord and undermine confidence in US democratic institutions. IRGC actors have previously gained and […]blogmirnet
- Security Property Verification by Transition Model | NIST Invites Public Comments on IR 8539 October 9, 2024The initial public draft of NIST Internal Report (IR) 8539, Security Property Verification by Transition Model, is now available for public comment. Verifying the security properties of access control policies is a complex and critical task. The policies and their implementation often do not explicitly express their underlying semantics, which may be implicitly embedded in […]blogmirnet
- Critical Patches Issued for Microsoft Products, October 8, 2024 – PATCH NOW October 9, 2024Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose […]blogmirnet