Tag Archives: CISA

FBI Links Colonial Pipeline Ransomware Attack to ‘Darkside’ Group

Ransomware Attack

The FBI issued a statement on Monday attributing the cyberattack on Colonial Pipeline’s networks to the ransomware group called Darkside. The bureau said it was notified of a network disruption at Colonial Pipeline on Friday and that it continues to work with government partners and the company on the investigation with regard to the breach.

Read More »

NSA, CISA, ODNI Issue ‘Potential Threat Vectors to 5G Infrastructure’ Analysis Paper

NSA-ODNI-CISA Analysis

The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA) and the Office of the Director of National Intelligence (DNI) have released an analysis paper that assesses vulnerabilities associated with the adoption of 5G technology. The document analyzes the major threat vectors across 5G domains and those are policy and standards, supply chain and 5G systems architecture.

Read More »

Joint Advisory Outlines Russian Intell Agency’s Additional Cyber Exploitation Techniques

NSA-CISA-FBI-UK NCSC

The FBI, National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA) and the U.K. government’s national cybersecurity center have issued a joint advisory to outline additional cyber tactics, techniques and procedures used by Russian foreign intelligence service actors to compromise networks. The document came nearly a month after CISA, FBI and NSA issued an advisory listing five network vulnerabilities. 

Read More »

Bob Kolasky: CISA Gains Insight Into 2020’s SolarWinds Cyber Attack

Bob Kolasky

Bob Kolasky, assistant director of the Cybersecurity and Infrastructure Security Agency's (CISA) National Risk Management Center (NRMC), said his team has studied the software risks associated with last year's SolarWinds hack. SolarWinds was a Russian malware attack that affected Orion software in multiple federal agencies. Kolasky said NRMC assessed SolarWinds-related software risks over a span of four months.

Read More »

CISA Seeks Visibility Capabilities Via Cloud Log Aggregation Pilots; Brian Gattoni Quoted

Cybersecurity and

The Cybersecurity and Infrastructure Security Agency (CISA) is working with several agencies and departments on pilot programs to determine whether it is feasible to aggregate cloud logs into a system that could help CISA analyze data and identify cyber threats. 

Read More »

FBI, DHS Provide Information on Russian Intell Agency’s Cyber Exploitation Techniques

NSA-CISA-FBI-UK NCSC

The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) have released a joint advisory to provide information on cyber tools and techniques used by Russian Foreign Intelligence Service actors to compromise government networks, information technology companies and think tanks. FBI also observed that SVR actors have transitioned from using malware to homing in on cloud-based platforms. 

Read More »

CISA Issues Analysis Report on ‘Supernova’ Malware

Cybersecurity and

The Cybersecurity and Infrastructure Security Agency (CISA) has identified a malware dubbed Supernova used by advanced persistent threat actors to compromise an organization’s enterprise network through a Pulse Secure virtual private network device. Hackers use Supernova to conduct reconnaissance and domain mapping and steal credentials and sensitive data.

Read More »

DOE Unveils 100-Day Power Infrastructure Cybersecurity Plan; Jennifer Granholm Quoted

Jennifer Granholm

The Department of Energy (DOE) will coordinate with electric utility companies and the Cybersecurity and Infrastructure Security Agency (CISA) on a 100-day plan to beef up defenses against threat actors that target U.S. power systems. DOE said Tuesday its cybersecurity, energy security and emergency response office will aim to develop tools intended to help industrial control system operators monitor, detect and respond to malicious cyber activity.

Read More »

CISA Issues Advisory on Pulse Connect Secure VPN Vulnerabilities

Cybersecurity and

The Cybersecurity and Infrastructure Security Agency (CISA) has released an alert stating that a cyber threat actor has compromised a number of government agencies, critical infrastructure and organizations in the private sector since “June 2020 or earlier” using vulnerabilities in Ivanti’s Pulse Connect Secure virtual private network products.

Read More »

Anne Neuberger Offers Update on Government’s Response to Recent Cyber Incidents

Anne Neuberger

Anne Neuberger, deputy national security adviser for Cyber and Emerging Technology and a 2021 Wash100 Award winner, said that due to an increase in patching efforts, the Biden administration is “standing down” the two unified coordination groups that were established in response to cyber breaches involving SolarWinds and Microsoft Exchange.

Read More »