Tag Archives: phishing

Lookout Report: Phishing, Credential Theft Attacks Increased for Federal Agencies in 2020

Cyber Diplomacy

Information technology security company Lookout released a report stating that over 70 percent of phishing-based threats to agencies last year used tactics to obtain sensitive information through login credentials. The report also found that credential harvesting techniques significantly increased for federal agencies compared to state and local entities. Credential theft tactics that impacted federal agencies rose by 90 percent.

Read More »

CISA, Treasury, FBI Issue Advisory on North Korea’s Cryptocurrency Malware ‘AppleJeus’

NSA-CISA-FBI-UK NCSC

The Cybersecurity and Infrastructure Security Agency (CISA), Department of the Treasury (DOT) and the FBI have released a joint advisory about the AppleJeus malware and other indicators of compromise that North Korea-backed threat actors use to perform cryptocurrency theft. The joint advisory released Wednesday provides technical details about seven versions of AppleJeus malware that Hidden Cobra actors have been using since 2018. 

Read More »

CISA Warns Organizations of Techniques Used by Hackers to Compromise Cloud Services

AWS Secret Region IL-6

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an analysis report in response to cyber attacks on cloud services of various organizations. The agency also found that hackers take advantage of email forwarding rules created by users to gain access to sensitive data. CISA has recommended several measures to help organizations protect cloud environments.

Read More »

DOE’s Greg Sisson Warns Public on Social Engineering Scams

Department of Energy

Greg Sisson, acting deputy chief information officer for cybersecurity and chief information security officer at the Department of Energy (DOE), said the public must be wary of scams that use social engineering tactics amid the pandemic. Sisson explained that social engineering scams use human interaction through texts, phone calls, emails and online platforms to obtain personal information.

Read More »

NASA Sees Uptick in Cyber Threats as Employees Shift to Remote Work; Jeff Seaton, Paul Martin Quoted

Cyber Threats

NASA officials told the House Space Subcommittee o n Friday that the transition to telework due to the COVID-19 pandemic has led to new cybersecurity challenges. Paul Martin, NASA inspector general, told the House subpanel during the hearing that the space agency has seen an increase in cyber threats including phishing attempts during the period.

Read More »

NIST Introduces New Method to Assess Phishing Cases

NSA-CISA-FBI-UK NCSC

The National Institute of Standards and Technology (NIST)  has created a new method that organizations may use to protect themselves from phishing, a cyber attack that uses emails with malicious links potentially containing malware. The method, known as The Phish Scale, is designed to inform explanations behind the click rates of links found in phishing emails.

Read More »

Maria Roat, Deputy Federal CIO, Discusses Federal IT Modernization

Maria Roat

Maria Roat, deputy federal chief information officer (CIO) and 2020 Wash100 Award recipient, recently discussed how developing emerging technologies, such as quantum computing, could invalidate encryption methodologies in the future. She added that federal systems must evolve to support innovation. Roat noted that investing in modern zero-trust security architectures and flexible, scalable cloud-solutions is essential to agencies. 

Read More »

Energy Dept Asks Gov’t, Industry Partners to Maintain Cyber Awareness Amid COVID-19

energy-dept-asks-govt-industry-partners-to-maintain-cyber-awareness-amid-covid-19

The Department of Energy’s office of cybersecurity, energy security and emergency response has advised partners in the government and energy industry to be vigilant to phishing attacks, malicious emails and other cyber threats amid the new coronavirus pandemic. CESER is calling on corporate leaders to advise their employees to be aware of risks associated with phishing, external emails and social engineering, DOE said Thursday.

Read More »