Department of Homeland Security
Teenage Hackers Must be Stopped: US DHS’s CSRB Report
Richi Jennings | | 2 factor auth, 2-factor authentication, 2fa, 2FA bypass, 2FA Flaws, 2FA phishing, 2FA policies, 2FA/MFA, cellphone fraud, CSRB, Cyber Safety Review Board, Department of Homeland Security, DHS, DUAL FACTOR AUTHENTICATION, factor auth, homeland security, Homeland Security Presidential Directive, homelandsecurity, Lapsus$, Multi-Factor Authentication, Multi-Factor Authentication (MFA), Multifactor Authentication, SB Blogwatch, SIM swap, sim swap fraud, SIM swap scams, SIM swapping, two factor authentication, U.S. Department of Homeland Security, United States Department of Homeland Security, US Homeland Security
2FA SMS FAIL: Lapsus$ social engineers exploited weak two-factor authentication. Something must be done! (Well, this is something.) ...
Security Boulevard
Sounding the Alarm on Emergency Alert System Flaws
BrianKrebs | | A Little Sunshine, comcast, Cybir, David McGuire, defcon, Department of Homeland Security, Digital Alert Systems, Emergency Alert System, Ken Pyle, Latest Warnings, Monroe Electronics, The Coming Storm
The Department of Homeland Security (DHS) is urging states and localities to beef up security around proprietary devices that connect to the Emergency Alert System -- a national public warning system used ...
New Cyber Safety Review Board Will Tackle Log4j Debacle First
Teri Robinson | | 0-day vulnerability, Apache Log4j (CVE-2021-44228), Cyber Safety Review Board, Department of Homeland Security
DHS has launched the long-awaited Cyber Safety Review Board (CSRB) to assess major cybersecurity incidents and make recommendations for improvements. After a year in the making, the CSRB is first setting its ...
Security Boulevard
FBI Raids Chinese Point-of-Sale Giant PAX Technology
BrianKrebs | | A Little Sunshine, Department of Customs and Border Protection, Department of Homeland Security, Federal Bureau of Investigation, Naval Criminal Investigative Services, PAX Technology, WOKV.com
U.S. federal investigators today raided the U.S. offices of PAX Technology, a Chinese provider of point-of-sale devices used by millions of businesses and retailers globally. KrebsOnSecurity has learned the raid is tied ...
How Pipeline Owners and Operators Can Fulfill the TSA’s Second Security Directive
Alex Bagwell | | Compliance, Department of Homeland Security, DHS, ICS Security, industrial control systems, operational technology
Back in June, I wrote about the Transportation Security Agency’s (TSA) new security directive concerning pipeline owners and operators. The order mandated those entities to disclose security incidents such as the ransomware ...
On the Importance of Protecting U.S. Pipeline Owners and Operators
Alex Bagwell | | Department of Homeland Security, DHS, ICS Security, Monitoring, operational technology, pipeline
In the beginning of May, a U.S. pipeline company suffered a ransomware attack. The company decided to respond by halting operations while it investigated the incident. This delayed tens of millions of ...
Task Force Seeks to Disrupt Ransomware Payments
BrianKrebs | | amazon, cisco, Department of Homeland Security, disrupting ransomware payments, Emsisoft, Europol, FBI, fireeye, Institute for Security and Technology, mcafee, Microsoft, Philip Reiner, Ransomware, The Coming Storm, The Wall Street Journal, U.K. National Crime Agency, U.S. Justice Department, U.S. Treasury Department
Some of the world's top tech firms are backing a new industry task force focused on disrupting cybercriminal ransomware gangs by limiting their ability to get paid, and targeting the individuals and ...
Christopher Krebs to Keynote in Live Fireside Chat/Q&A Session at DevOps Connect: DevSecOps at RSA Conference 2021
Charlene O’Hanlon | | Christopher Krebs, cisa, Cybersecurity and Infrastructure Security Agency, Department of Homeland Security, DevOps Connect, DevOps Connect: DevSecOps, DevSecOps, RSA Conference 2021
Former Director of Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) to headline free one-day event Boca Raton, FL, April 26, 2021 — MediaOps, the place to tell your story in ...
Security Boulevard
SolarWinds Hack: U.S. Govt Failure is Deeply Worrying
The U.S. government is doing a piss-poor job of protecting Americans from foreign hackers ...
Security Boulevard
U.S. Indicts North Korean Hackers in Theft of $200 Million
BrianKrebs | | AppleJeus, APT 38, Cybersecurity and Infrastructure Agency, Department of Homeland Security, FBI, Ghaleb Alaumary, hidden cobra, Jon Chang Hyok, Kim Il, Lazarus Group, Marine Chain Token, Ne'er-Do-Well News, Park Jin Hyok, Sony Pictures, WannaCry
The U.S. Justice Department today unsealed indictments against three men accused of working with the North Korean regime to carry out some of the most damaging cybercrime attacks over the past decade, ...