IRS Warns of New Tax Scams

The Internal Revenue Service (IRS) has issued a reminder urging taxpayers to be vigilant and wary of new of tax-related scams. These include phishing and other fraudulent behaviors. The IRS…

Comments Off on IRS Warns of New Tax Scams

Microsoft Releases Guidance for the BlackLotus Campaign

Microsoft has released Guidance for investigating attacks using CVE-2022-21894: The BlackLotus Campaign. According to Microsoft, “[t]his guide provides steps that organizations can take to assess whether users have been targeted…

Comments Off on Microsoft Releases Guidance for the BlackLotus Campaign

Fortinet Releases April 2023 Vulnerability Advisories

Fortinet has released its April 2023 Vulnerability Advisories to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system. CISA encourages…

Comments Off on Fortinet Releases April 2023 Vulnerability Advisories

Mozilla Releases Security Update for Thunderbird 102.9.1

Mozilla has released a security update to address vulnerabilities in Thunderbird 102.9.1. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users…

Comments Off on Mozilla Releases Security Update for Thunderbird 102.9.1

CISA Adds Ten Known Exploited Vulnerabilities to Catalog

CISA has added ten new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2013-3163 Microsoft Internet Explorer Memory Corruption Vulnerability CVE-2014-1776 Microsoft Internet Explorer Memory Corruption Vulnerability CVE-2017-7494 Samba…

Comments Off on CISA Adds Ten Known Exploited Vulnerabilities to Catalog

Untitled Goose Tool Aids Hunt and Incident Response in Azure, Azure Active Directory, and Microsoft 365 Environments

Today, CISA released the Untitled Goose Tool to help network defenders detect potentially malicious activity in Microsoft Azure, Azure Active Directory (AAD), and Microsoft 365 (M365) environments. The Untitled Goose…

Comments Off on Untitled Goose Tool Aids Hunt and Incident Response in Azure, Azure Active Directory, and Microsoft 365 Environments

JCDC Cultivates Pre-Ransomware Notification Capability

In today’s blog post, Associate Director of the Joint Cyber Defense Collaborative (JCDC) Clayton Romans highlighted recent successes of pre-ransomware notification and its impact in reducing harm from ransomware intrusions. With…

Comments Off on JCDC Cultivates Pre-Ransomware Notification Capability