January 2020

DHS, federal agencies urge vigilance from infrastructure operators, facilities

Then last week, the CISA published another Insights bulletin – Enhancing Chemical Security During Heightened Geopolitical Tensions – which “urges facilities with chemicals of interest (COI)…to consider enhanced security measures to decrease the likelihood of a successful attack.” COI is a term used for a list of more than 300 hazardous chemicals that if misused could cause harm to individuals, facilities or society in general, such as if they were stolen and converted into weapons. Utilities should report any physical security incidents or threats to WaterISAC (analyst@waterisac.org or 866-H2O-ISAC), their local police department, and the FBI (via a local field office). Malicious cyber activity should be reported to WaterISAC as well as to the FBI …

DHS, federal agencies urge vigilance from infrastructure operators, facilities Read More »

DHS, federal agencies urge vigilance from infrastructure operators, facilities

Recommendations for IoT Device Manufacturers

Foundational Activities and Core Device Cybersecurity Capability Baseline (2nd Draft)   Date Published: January 2020 Comments Due: February 7, 2020 Email Comments to: iotsecurity@nist.gov Author(s) Michael Fagan (NIST), Katerina Megas (NIST), Karen Scarfone (Scarfone Cybersecurity), Matthew Smith (G2) Abstract Internet of Things (IoT) devices often lack device cybersecurity capabilities their customers—organizations and individuals—can use to help mitigate their cybersecurity risks. Manufacturers can help their customers by improving how securable the IoT devices they make are, meaning the devices provide functionality that their customers need to secure them within their systems and environments, and manufacturers can also help their customers by providing them with the cybersecurity-related information they need. This publication describes voluntary, recommended activities related to …

Recommendations for IoT Device Manufacturers Read More »

Recommendations for IoT Device Manufacturers

Mitre Adds ICS-Specific Techniques To ATT&CK Framework

#MITRE has released a version of its ATT&CK knowledgebase covering tactics and techniques used in attacks against industrial control systems. MITRE’s ATT&CK, which stands for Adversarial Tactics, Techniques and Common Knowledge, is a framework widely used by cybersecurity professionals to check whether their defenses are enough to detect and block attacks. The first ATT&CK model was released in 2013 with a focus on Microsoft Windows. Since then, it has expanded to include Linux, Mac OS, and cloud platforms. The matrix of tactics and techniques describe how attackers break into and move within systems, from initial access and exfiltration. By breaking out different tactics into specific categories, defenders can detect and …

Mitre Adds ICS-Specific Techniques To ATT&CK Framework Read More »

MITRE ATT&CK FRAMEWORK

DHS Issues Rare Warning to Firefox Users: Update Your Browser Immediately

DHS Issues Rare Warning to Firefox Users: Update Your Browser Immediately The Cybersecurity and Infrastructure Security Agency (#CISA) encourages users and administrators to review the Mozilla Security #Advisory for Firefox 72.0.1 and Firefox ESR 68.4.1 and apply the necessary updates. By default, Firefox will update automatically, but you can always do a manual update. Manual updates will still let Firefox download an update, but it won’t install it until you restart Firefox. Here’s how to set it up: On the menu bar click the Firefox menu and select About Firefox. The About Firefox window will open. Firefox will begin checking for updates and downloading them automatically. When the download is …

DHS Issues Rare Warning to Firefox Users: Update Your Browser Immediately Read More »

DHS Issues Rare Warning to Firefox Users to Update Your Browser Immediately

XBAND Enterprises Launches Portal to Help Businesses with Cyber Defense

Welcome to the new XBAND Enterprises Active Cyber Defense portal, where we defend our clients and work to prevent cyber attacks while disrupting and neutralizing our adversaries. We have assembled an industry leading portfolio of solutions that is designed to assist the smallest of businesses to the largest global organizations attain the protection and assurance required to continuously conduct business online. We have the experience and experts available which can conduct a Cyber Security Risk Assessment, Information Technology Assessment, or perform a Cloud Security Audit to initiate the process. XBAND delivers a rigorous program aimed to help protect our clients from unknown and advanced cyber attacks.   PLAN DESIGN INTEGRATE …

XBAND Enterprises Launches Portal to Help Businesses with Cyber Defense Read More »

Advanced Network Security for Active Cyber Defense
Scroll to Top
error: Alert: Content selection is disabled!!