Original release date: August 31, 2020 | Last revised: September 1, 2020September is National Insider Threat Awareness Month (NIATM), which is a collaborative effort between the National Counterintelligence and Security Center (NCSC), National Insider Threat Task Force (NITTF), Office of the Under Secretary of Defense Intelligence and Security (USD(I&S)), Department of Homeland Security (DHS), and […]

Original release date: September 1, 2020The Cybersecurity and Infrastructure Security Agency (CISA)—in collaboration with the cybersecurity authorities of Australia, Canada, New Zealand, and the United Kingdom—has released a joint Cybersecurity Advisory that highlights technical approaches to uncovering malicious activity. This Advisory includes steps to enhance incident response among partners and network administrators. CISA encourages users

Original release date: September 1, 2020This joint advisory is the result of a collaborative research effort by the cybersecurity authorities of five nations: Australia,[1] Canada,[2] New Zealand,[3][4] the United Kingdom,[5] and the United States.[6] It highlights technical approaches to uncovering malicious activity and includes mitigation steps according to best practices. The purpose of this report

Original release date: August 26, 2020The Cybersecurity Security and Infrastructure Security Agency (CISA), the Department of the Treasury, the Federal Bureau of Investigation, and U.S. Cyber Command have released a joint Technical Alert and three Malware Analysis Reports (MARs) on the North Korean government’s ATM cash-out scheme—referred to by the U.S. Government as “FASTCash.” The

Original release date: August 26, 2020Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisories for Firefox 80, Firefox ESR

Original release date: August 26, 2020Notification This report is provided “as is” for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in this bulletin or otherwise. This document is marked

Original release date: August 26, 2020Notification This report is provided “as is” for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in this bulletin or otherwise. This document is marked

Original release date: August 26, 2020 Notification This report is provided “as is” for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in this bulletin or otherwise. This document is

Original release date: August 26, 2020This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. This joint advisory is the result of analytic efforts among the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury (Treasury), the Federal

Original release date: August 26, 2020Google has released Chrome version 85.0.4183.83 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates. This product