Tux Machines
Posted by Roy Schestowitz on Mar 04, 2023,
updated Mar 04, 2023
=> Proprietary Software Leftovers | Ways to Enhance the Security of Your Linux Server
=> ↺ White House Cybersecurity Strategy Stresses Software Safety
Some say the White House cybersecurity strategy is largely aspirational. Its boldest initiatives — including stricter rules on breach reporting and software liability — are apt to meet resistance from business and Republicans in Congress.
=> ↺ Industry Experts Analyze US National Cybersecurity Strategy
Feedback Friday: Industry professionals commented on various aspects of the new national cybersecurity strategy, its impact, and implications.
=> ↺ CISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems (ICS) advisories on February 28, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
=> ↺ CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks
Today, CISA released a Cybersecurity Advisory, CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks. This advisory describes a red team assessment of a large critical infrastructure organization with a mature cyber posture. CISA is releasing this Cybersecurity Advisory (CSA) detailing the red team’s tactics, techniques, and procedures (TTPs) and key findings to provide network defenders proactive steps to reduce the threat of similar activity from malicious cyber actors. As detailed in the advisory, the CISA red team obtained persistent access to the organization’s network, moved laterally across multiple geographically separated sites, and gained access to systems adjacent to the organization’s sensitive business systems. This cybersecurity advisory highlights the importance of early detection and continual monitoring of cyber assets.
=> ↺ CISA Releases Decider Tool to Help with MITRE ATT&CK Mapping
=> ↺ Cisco Releases Security Advisory for Cisco IP Phones | CISA
Cisco has released a security advisory for vulnerabilities affecting the 6800, 7800, 7900, and 8800 Series of Cisco IP Phones. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.
=> ↺ FBI and CISA Release #StopRansomware: Royal Ransomware
Today, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released joint Cybersecurity Advisory (CSA) #StopRansomware: Royal Ransomware to provide network defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Royal ransomware variants. FBI investigations identified these TTPs and IOCs as recently as January 2023.
=> ↺ Organizations Warned of Royal Ransomware Attacks
FBI and CISA have issued an alert to warn organizations of the risks associated with Royal ransomware attacks.
[...]
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued an alert to warn organizations of the increasing threat posed by the Royal ransomware.
=> ↺ CISA Releases Five Industrial Control Systems Advisories
CISA released five Industrial Control Systems (ICS) advisories on March 2, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
Editor’s note: An earlier version of this post mistakenly contained the text of an older canary. This has been corrected below.
=> ↺ Thousands of Websites Hijacked Using Compromised FTP Credentials
Cybersecurity startup Wiz warns of a widespread redirection campaign in which thousands of websites have been compromised using legitimate FTP credentials.
[...]
=> gemini.tuxmachines.org This content has been proxied by September (ba2dc).Proxy Information
text/gemini;lang=en-GB