Security Leftovers

posted by Roy Schestowitz on Mar 04, 2023,
updated Mar 04, 2023

• White House Cybersecurity Strategy Stresses Software Safety [Ed: But they have no intention of banning Microsoft? Because the aim is back doors for the US government?]

  Some say the White House cybersecurity strategy is largely aspirational. Its boldest initiatives — including stricter rules on breach reporting and software liability — are apt to meet resistance from business and Republicans in Congress.

• Industry Experts Analyze US National Cybersecurity Strategy

  Feedback Friday: Industry professionals commented on various aspects of the new national cybersecurity strategy, its impact, and implications.

• CISA Releases Three Industrial Control Systems Advisories

  CISA released three Industrial Control Systems (ICS) advisories on February 28, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks

  Today, CISA released a Cybersecurity Advisory, CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks. This advisory describes a red team assessment of a large critical infrastructure organization with a mature cyber posture. CISA is releasing this Cybersecurity Advisory (CSA) detailing the red team’s tactics, techniques, and procedures (TTPs) and key findings to provide network defenders proactive steps to reduce the threat of similar activity from malicious cyber actors.   As detailed in the advisory, the CISA red team obtained persistent access to the organization’s network, moved laterally across multiple geographically separated sites, and gained access to systems adjacent to the organization’s sensitive business systems. This cybersecurity advisory highlights the importance of early detection and continual monitoring of cyber assets.

• CISA Releases Decider Tool to Help with MITRE ATT&CK Mapping

• Cisco Releases Security Advisory for Cisco IP Phones | CISA

  Cisco has released a security advisory for vulnerabilities affecting the 6800, 7800, 7900, and 8800 Series of Cisco IP Phones. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

• FBI and CISA Release #StopRansomware: Royal Ransomware [Ed: Stop Microsoft Windows]

  Today, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released joint Cybersecurity Advisory (CSA) #StopRansomware: Royal Ransomware to provide network defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Royal ransomware variants. FBI investigations identified these TTPs and IOCs as recently as January 2023.

• Organizations Warned of Royal Ransomware Attacks [iophk: Windows TCO]

  FBI and CISA have issued an alert to warn organizations of the risks associated with Royal ransomware attacks.

  [...]

  The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued an alert to warn organizations of the increasing threat posed by the Royal ransomware.

• CISA Releases Five Industrial Control Systems Advisories

  CISA released five Industrial Control Systems (ICS) advisories on March 2, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• Qubes Canary 034

  Editor’s note: An earlier version of this post mistakenly contained the text of an older canary. This has been corrected below.

• Thousands of Websites Hijacked Using Compromised FTP Credentials

  Cybersecurity startup Wiz warns of a widespread redirection campaign in which thousands of websites have been compromised using legitimate FTP credentials.

  [...]