As a valued subscriber, we'd like to better understand your needs and challenges. Complete our 15 minute survey for a chance to win a $100 gift card and to allow us to learn how we can better serve you.
Identifying endless threats and new vulnerabilities exposing your organization to cyber attacks is a never-ending task. The Cyber Daily curates the most important trending technical indicators from across the internet and delivers them right to your inbox – every day. Stay informed about suspicious IP addresses, new exploits and vulnerabilities, relevant cybersecurity news, threat actors, and more. Subscribe to Cyber Daily today.
Supo blames APT31 for cyberespionage. US GAO on power distribution security. CISA CHIRPs. Russia recalls ambassador to the US.
There are three things you can do with risk: accept it, manage it, or transfer it. This week's second session in the Johns Hopkins University's 7th Annual Virtual Cybersecurity Conference took up the latter two, as experts described how to reduce risk, fix liability for it, and arrange insurance that covers that risk. Our account of Wednesday's conference takes you through the presentations.
Helsinki's domestic security service, the Supo, has identified China (and specifically APT31, also known as Zirconium or Judgment Panda) as responsible for cyberespionage that compromised Finland's parliament, the AP reports. The intrusion was detected last October.
The US Government Accountability Office (GAO) yesterday released a study that highlighted vulnerabilities in the US power distribution system. Many of the risks the GAO describes derive from utilities' increased permission of remote access and connection of control systems to business systems. A bill intended to enhance cybersecurity for industrial control systems advanced in the US House this week, the Hill reports. The measure would assign responsibility for ICS security to CISA.
Draft NIST SP 1800-22 Mobile Device Security: Bring Your Own Device (BYOD) is out, and open for comment until May 3rd, 2021.
CISA has released CHIRP, the CISA Hunt and Incident Response Program forensics collection tool the agency developed to help organizations find indicators of compromise CISA has associated with SolarWinds and the Microsoft 365/Azure environments.
CISA has also issued four more ICS Advisories, for Rockwell Automation Logix Controllers, Hitachi ABB Power Grids eSOMS Telerik, Hitachi ABB Power Grids eSOMS, and Johnson Controls Exacq Technologies exacqVision.
In an apparent expression of displeasure with Washington, Russia has recalled its ambassador to the United States for consultations. The Wall Street Journal notes that the move came the day after the US Intelligence Community released its unclassified Assessment accusing Russian President Putin of personal involvement in malign influence operations directed at the 2020 US elections.
Today's issue includes events affecting Australia, China, Finland, India, Mongolia, Russia, Switzerland, and the United States.
In a remote work world, managing and securing endpoints has never been more important. Tanium, provider of endpoint management and security built for the world's most demanding IT environments, published a report with PSB Insights on the new security challenges facing organizations as a result of the COVID-19 pandemic. IT Leads the Way: How the Pandemic Empowered IT features intelligence from 500-senior level IT decision makers. Visit tanium.com/EmpowerIT to download the full report.