Tag Archives: Cybersecurity and Infrastructure Security Agency

FBI Links Colonial Pipeline Ransomware Attack to ‘Darkside’ Group

Ransomware Attack

The FBI issued a statement on Monday attributing the cyberattack on Colonial Pipeline’s networks to the ransomware group called Darkside. The bureau said it was notified of a network disruption at Colonial Pipeline on Friday and that it continues to work with government partners and the company on the investigation with regard to the breach.

Read More »

NSA, CISA, ODNI Issue ‘Potential Threat Vectors to 5G Infrastructure’ Analysis Paper

NSA-ODNI-CISA Analysis

The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA) and the Office of the Director of National Intelligence (DNI) have released an analysis paper that assesses vulnerabilities associated with the adoption of 5G technology. The document analyzes the major threat vectors across 5G domains and those are policy and standards, supply chain and 5G systems architecture.

Read More »

Bob Kolasky: CISA Gains Insight Into 2020’s SolarWinds Cyber Attack

Bob Kolasky

Bob Kolasky, assistant director of the Cybersecurity and Infrastructure Security Agency's (CISA) National Risk Management Center (NRMC), said his team has studied the software risks associated with last year's SolarWinds hack. SolarWinds was a Russian malware attack that affected Orion software in multiple federal agencies. Kolasky said NRMC assessed SolarWinds-related software risks over a span of four months.

Read More »

CISA Seeks Visibility Capabilities Via Cloud Log Aggregation Pilots; Brian Gattoni Quoted

Cybersecurity and

The Cybersecurity and Infrastructure Security Agency (CISA) is working with several agencies and departments on pilot programs to determine whether it is feasible to aggregate cloud logs into a system that could help CISA analyze data and identify cyber threats. 

Read More »

CISA, NIST Post Document on Securing Software Supply Chain

Defending Against

The Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute of Standards and Technology (NIST) have released Defending Against Software Supply Chain Attacks, a document containing information on software supply chain risks and providing guidance on the application of frameworks from NIST for cyber supply chain risk management and secure software development.

Read More »

FBI, DHS Provide Information on Russian Intell Agency’s Cyber Exploitation Techniques

NSA-CISA-FBI-UK NCSC

The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) have released a joint advisory to provide information on cyber tools and techniques used by Russian Foreign Intelligence Service actors to compromise government networks, information technology companies and think tanks. FBI also observed that SVR actors have transitioned from using malware to homing in on cloud-based platforms. 

Read More »

CISA Issues Analysis Report on ‘Supernova’ Malware

Cybersecurity and

The Cybersecurity and Infrastructure Security Agency (CISA) has identified a malware dubbed Supernova used by advanced persistent threat actors to compromise an organization’s enterprise network through a Pulse Secure virtual private network device. Hackers use Supernova to conduct reconnaissance and domain mapping and steal credentials and sensitive data.

Read More »

CISA Issues Advisory on Pulse Connect Secure VPN Vulnerabilities

Cybersecurity and

The Cybersecurity and Infrastructure Security Agency (CISA) has released an alert stating that a cyber threat actor has compromised a number of government agencies, critical infrastructure and organizations in the private sector since “June 2020 or earlier” using vulnerabilities in Ivanti’s Pulse Connect Secure virtual private network products.

Read More »

Anne Neuberger Offers Update on Government’s Response to Recent Cyber Incidents

Anne Neuberger

Anne Neuberger, deputy national security adviser for Cyber and Emerging Technology and a 2021 Wash100 Award winner, said that due to an increase in patching efforts, the Biden administration is “standing down” the two unified coordination groups that were established in response to cyber breaches involving SolarWinds and Microsoft Exchange.

Read More »

FedRAMP Issues Updated Guidance Doc on Reporting Information Security Incidents

FedRAMP Incident

The Federal Risk and Authorization Management Program (FedRAMP) has updated a document that details the roles and responsibilities of each stakeholder in the cyber incident communication process. “Additionally, CSPs are responsible for responding to emergency inquiries from FedRAMP, including those that are the result of the issuance of CISA Emergency Directives,” the document reads.

Read More »