Equifictitious sites popped up within days of Equifax agreeing to pay up to $700m to settle claims over the 2017 data breach.
Original release date: July 18, 2019
The Canadian Centre for Cyber Security (CCCS) has released an advisory on an Astaroth fileless malware campaign affecting Microsoft Windows. Astaroth resides solely in memory, and an attacker can use it and other fileless malware to steal information, such as credentials and keystrokes, and obtain other sensitive data. The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review CCCS’s Fileless Malware Advisory for potential infection vectors and recommended mitigations and refer to CISA’s Tip on Protecting Against Malicious Code.
Two years after promising to report all HTTP-based web pages as insecure, Mozilla is about to deliver.
Original release date: July 8, 2019
The U.S. Coast Guard has released a Safety Alert with recommended cybersecurity best practices for commercial vessels. With a dynamic cybersecurity threat landscape and growing reliance on technology to support vessels, the maritime community can help strengthen their defenses by implementing the following basic cybersecurity measures:
- Implement network segmentation.
- Create network profiles for each employee, require unique login credentials, and limit privileges to only those necessary.
- Be wary of external media.
- Install anti-virus software.
- Keep software updated.
Original release date: July 30, 2019
The Cybersecurity and Infrastructure Security Agency (CISA), Multi-State Information Sharing & Analysis Center (MS-ISAC), National Governors Association (NGA), and the National Association of State Chief Information Officers (NASCIO) have released a Joint Ransomware Statement with recommendations for state and local governments to build resilience against ransomware:
Original release date: July 31, 2019
The Center for Internet Security (CIS) July Newsletter reminds users to properly dispose of old or unused data and devices. Without careful management of online accounts, cloud storage, physical storage, and electronic devices, users could inadvertently disclose sensitive information that can be exploited by cyber criminals. CIS is home to the Multi-State Information Sharing & Analysis Center (MS-ISAC), a Cybersecurity and Infrastructure Security Agency (CISA) partner focused on cyber threat prevention, protection, response, and recovery for U.S. state, local, tribal, and territorial government entities.Share