CISA Updates National Cybersecurity Response Framework, Seeks Public Input
CISA has released a major draft update to the National Cyber Incident Response Plan, the first since 2016, incorporating modern threat responses and cross-sector collaboration frameworks. The updated plan, developed with over 150 experts from 66 organizations, is open for public comment through January 2025.
U.S. Urges Encrypted Messaging as Chinese Hackers Breach Telecom Networks
Chinese state-sponsored hackers have infiltrated major U.S. telecommunications networks, potentially compromising surveillance systems since October 2023. Government officials strongly recommend encrypted messaging services while multiple agencies investigate the extensive breach and release security guidelines.
FBI Alerts Telecom Industry to Major Chinese State-Sponsored Hacking Operation
FBI and CISA issue urgent warning about 'Salt Typhoon', a sophisticated Chinese hacking campaign targeting U.S. telecom networks to collect private communications data. The operation compromised call metadata and recordings, particularly from government and political targets, prompting international intelligence agencies to respond.
FBI and CISA Urge Switch to Encrypted Messaging Apps Amid Chinese Hacking Concerns
Federal agencies warn Americans to stop using standard SMS messaging between iPhones and Android devices due to security vulnerabilities. The advisory comes as Chinese hackers target US communication networks, prompting recommendations to use fully encrypted messaging apps like Signal and WhatsApp instead.
Healthcare Under Siege: The Rising Tide of Ransomware Attacks and Data Protection Strategies
Ransomware attacks on healthcare organizations have doubled in the past year, with LockBit responsible for 25% of incidents. Learn how institutions are fighting back through robust backup strategies, employee training, and comprehensive security measures to protect critical patient data.
D-Link Leaves Critical VPN Router Vulnerability Unpatched, Offers Hardware Discount Instead
D-Link announces it won't patch a severe remote code execution vulnerability affecting multiple older VPN router models, citing end-of-life status. The company offers affected customers a 20% discount on newer hardware while security researchers warn of potential network risks.
CISA Mandates Critical Security Patches for LoadMaster and PAN-OS Vulnerabilities
CISA has added critical security flaws in Progress Kemp LoadMaster and Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities catalog. Federal agencies must patch these authentication bypass and privilege escalation vulnerabilities by December 2024 to prevent unauthorized system access.
Zero-Day Vulnerabilities Dominated Cyber Attacks in 2023, Five Eyes Report Reveals
A new intelligence report shows zero-day exploits became the primary attack vector for cybercriminals in 2023, marking a significant shift from previous years. The findings highlight the growing sophistication of threat actors targeting enterprise networks and emphasize the critical need for rapid vulnerability patching.
Chinese Hackers Infiltrate US Law Enforcement Wiretap Systems in Major Security Breach
Chinese state-sponsored hackers gained unauthorized access to sensitive US law enforcement surveillance infrastructure for months, compromising major telecom providers and exposing millions of Americans' data. The FBI and CISA identified the threat actors as 'Salt Typhoon' and are working with affected companies to strengthen defenses.
Five Eyes Intelligence Agencies Expose 2023's Most Dangerous Cybersecurity Vulnerabilities
FBI, CISA, NSA and international partners reveal alarming rise in zero-day attacks among 2023's most exploited vulnerabilities. The joint report highlights critical flaws in major systems, with Citrix and Cisco vulnerabilities topping the list of threats to global infrastructure.