dark reading threat intel and cybersecurity news

The US Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) today published a bulletin for senior leaders of US organizations to “immediately implement” a list of specific security steps.

The CISA Insights bulletin comes on the heels of a joint advisory it issued along with the FBI and NSA on Jan. 11 on how to detect, respond to, and mitigate cyberattacks from Russian state-sponsored hacking groups. Today’s guidance comes amid rising diplomatic tensions between the US and Russia, and Russia’s saber-rattling toward Ukraine. 

CISA said US organizations of all sizes should “take urgent, near-term steps to reduce the likelihood and impact of a potentially damaging
compromise.” Specifically, they should deploy multifactor authentication for all privileged or administrative accounts; update software and prioritize patches that fix exploited flaws CISA has identified; disable all unneeded ports and protocols; employ strong cloud controls per CISA’s guidance; and other security best practices.

And in a nod to the stark geopolitical threat at hand, CISA said: “If working with Ukrainian organizations, take extra care to monitor, inspect, and isolate traffic from those
organizations; closely review access controls for that traffic.” 

Microsoft recently detailed a destructive malware operation against multiple organizations in Ukraine aimed at leaving targeted systems inoperable.

Read more here

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.