Tag Archives: CISA

DOGE software engineer’s computer infected by info-stealing malware

Login credentials belonging to an employee at both the Cybersecurity and Infrastructure Security Agency and the Department of Government Efficiency have appeared in multiple public leaks from info-stealer malware, a strong indication that devices belonging to him have been hacked in recent years. Kyle Schutt is a 30-something-year-old software engineer who, according to Dropsite News,… Read More »

Black Basta ransomware group is imperiling critical infrastructure, groups warn

Getty Images reader comments 22 Federal agencies, health care associations, and security researchers are warning that a ransomware group tracked under the name Black Basta is ravaging critical infrastructure sectors in attacks that have targeted more than 500 organizations in the past two years. One of the latest casualties of the native Russian-speaking group, according… Read More »

Microsoft blamed for “a cascade of security failures” in Exchange breach report

Getty Images reader comments 14 A federal Cyber Safety Review Board has issued its report on what led to last summer’s capture of hundreds of thousands of emails by Chinese hackers from cloud customers, including federal agencies. It cites “a cascade of security failures at Microsoft” and finds that “Microsoft’s security culture was inadequate” and… Read More »

Agencies using vulnerable Ivanti products have until Saturday to disconnect them

Getty Images reader comments 13 Federal civilian agencies have until midnight Saturday morning to sever all network connections to Ivanti VPN software, which is currently under mass exploitation by multiple threat groups. The US Cybersecurity and Infrastructure Security Agency mandated the move on Wednesday after disclosing three critical vulnerabilities in recent weeks. Three weeks ago,… Read More »

Federal agency hacked by 2 groups thanks to flaw that went unpatched for 4 years

Getty Images reader comments 26 with Share this story Multiple threat actors—one working on behalf of a nation-state—gained access to the network of a US federal agency by exploiting a four-year-old vulnerability that remained unpatched, the US government warned. Exploit activities by one group likely began in August 2021 and last August by the other,… Read More »

Advisories: “Brazen” Russian ransomware hackers target hundreds of US hospitals

Getty Images reader comments 51 with 42 posters participating Share this story Russian hackers are targeting hundreds of US hospitals and healthcare providers just as the coronavirus is making a comeback and the US presidential election is in its final stretch, officials from three government agencies and the private sector are warning. The hackers typically… Read More »