Yesterday, the NJCCIC released an advisory, Increase in Compromised NJ Public Sector Accounts. Common threads observed in these incidents are a lack of or misconfigured Sender Policy Framework, and Domain-based Message Authentication, Reporting, and Conformance records.
The Cybersecurity and Infrastructure Security Agency (CISA) and US Coast Guard (USCG) are issuing this Joint Cybersecurity Advisory to present findings from a recent CISA and USCG hunt engagement. The purpose of this advisory is to highlight identified cybersecurity issues, thereby...
Credential harvesting remains a constant threat to digital security. As more services find their way online, a deluge of passwords is needed to keep up with different services used daily, leading to insecure password practices, including password reuse, simple passwords...
This Multi-State Information Sharing & Analysis Center (MS-ISAC) and Public Safety Threat Alliance (PSTA) Joint Report is being provided to assist agencies and organizations in guarding against the persistent malicious actions of cyber threat actors.
Attached is a joint White Paper, Applications of Cyber Threat Intelligence – TLP:CLEAR, authored by the Virginia Fusion Center (VFC) and the Multi-State Information Sharing & Analysis Center (MS-ISAC). This paper provides guidance for SLTT government entities...
The education sector is a primary focus for threat actors, ranking among the most vulnerable sectors globally. This susceptibility stems from the vast collection of valuable data, a general deficit in cybersecurity awareness, and extensive, prevalent vulnerabilities.
As students, staff, and caregivers prepare for the new school year, so do cybercriminals. Schools often have limited resources, face persistent cyber threats, and are susceptible to physical hazards. These cyber threats can disrupt essential services and potentially compromise safety.
The Cybersecurity and Infrastructure Security Agency (CISA) published a blog post on agency efforts to reduce ransomware threat and encourage participation in cyber hygiene vulnerability scanning. Click to learn more about ransomware-related vulnerabilities.
According to the FBI IC3 Internet Crime Report 2023, business email compromise (BEC) scams are the second most expensive type of cybercrime. Over the past three years, the number of US victims increased from 19,954 (2021) to 21,832 (2022) but decreased slightly to 21,489.
Over one hundred malicious artificial intelligence (AI) machine learning (ML) models have been discovered on the Hugging Face platform, a popular public AI model repository allowing users to create interactive in-browser demonstrations. Click to learn more about malware concerns.
