Logistics Company Hit with Cyberattack
Expeditors International, a logistics and freight company based in Seattle, has shut down most of its operations due to a cyberattack. The company says it has “limited ability to conduct…
Expeditors International, a logistics and freight company based in Seattle, has shut down most of its operations due to a cyberattack. The company says it has “limited ability to conduct…
The National Institute of Standards and Technology (NIST) is seeking public input to help evaluate and improve its Framework for Improving Critical Infrastructure Cybersecurity and other cybersecurity resources. The Cybersecurity…
The breach we discovered in January 2022 is the second FlexBooker’s Amazon Web Services cloud infrastructure breach suffered in two months. On Dec. 23, 2021, hackers performed a successful DDOS…
Apache has fixed a high-severity vulnerability in its Cassandra distributed NoSQL database. While the issue affects only instances with non-standard configurations, the flaw is easy to exploit. Users are urged…
A joint advisory from the FBI and the US Secret Service warns that BlackByte ransomware has been used against organizations in at least three US critical infrastructure sectors. The advisory…
Ukraine’s Ministry of Defense, its Armed Forces, and two state-run banks are being targeted by distributed denial-of-service (DDoS) attacks. In this case, reports indicate that the attacks took advantage of…
CISA has compiled and published a list of free cybersecurity services and tools to help organizations reduce cybersecurity risk and strengthen resiliency. Ref https://www.cisa.gov/free-cybersecurity-services-and-tools
Ransomware tactics and techniques continued to evolve in 2021, which demonstrates ransomware threat actors’ growing technological sophistication and an increased ransomware threat to organizations globally. More information https://www.cisa.gov/uscert/ncas/alerts/aa22-040a
Historically, Russian state-sponsored cyber actors have used common but effective tactics to gain access to target networks, including spearphishing, credential harvesting, brute force/password spray techniques, and known vulnerability exploitation against…
Apple addressed CVE-2022-22620 with improved memory management in iOS 15.3.1, iPadOS 15.3.1, and macOS Monterey 12.2.1. More information here https://www.bleepingcomputer.com/news/security/apple-patches-new-zero-day-exploited-to-hack-iphones-ipads-macs/