Home / Security / US-Cert

US-Cert

The United States Computer Emergency Readiness Team (US-CERT) is an organization within the Department of Homeland Security’s (DHS) National Protection and Programs Directorate (NPPD). Specifically, US-CERT is a branch of the Office of Cybersecurity and Communications’ (CS&C) National Cybersecurity and Communications Integration Center (NCCIC). US-CERT is responsible for analyzing and reducing cyber threats, vulnerabilities, disseminating cyber threat warning information, and coordinating incident response activities. The division brings advanced network and digital media analysis expertise to bear on malicious activity targeting the networks within the United States and abroad.

New Exploits for Unsecure SAP Systems

New Exploits for Unsecure SAP Systems - blackMORE Ops

A presentation at the April 2019 Operation for Community Development and Empowerment (OPCDE) cybersecurity conference describes SAP systems with unsecure configurations exposed to the internet. Typically, SAP systems are not intended to be exposed to the internet, as it is an untrusted network. Malicious cyber actors can attack and compromise these unsecure systems with publicly available exploit tools, termed “10KBLAZE.” The presentation detailed the new exploit tools and reports on systems exposed to the internet.

Read More »

Microsoft Operating Systems BlueKeep Vulnerability

Unicornscan

The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this Activity Alert to provide information on a vulnerability, known as “BlueKeep,” that exists in the following Microsoft Windows Operating Systems (OSs), including both 32- and 64-bit versions, as well as all Service Pack versions:

Read More »

Side-Channel Vulnerability Variants 3a and 4 – Spectre and Meltdown

Advanced Persistent Threat Activity Exploiting Managed Service Providers

On May 21, 2018, new variants of the side-channel central processing unit (CPU) hardware vulnerabilities known as Spectre and Meltdown were publicly disclosed. These variants—known as 3A and 4—can allow an attacker to obtain access to sensitive information on affected systems. Systems Affected CPU hardware implementations Description Common CPU hardware …

Read More »

Brute Force Attacks Conducted by Cyber Actors

Advanced Persistent Threat Activity Exploiting Managed Service Providers

In a traditional brute-force attack, a malicious actor attempts to gain unauthorized access to a single account by guessing the password. This can quickly result in a targeted account getting locked-out, as commonly used account-lockout policies allow three to five bad attempts during a set period of time. During a …

Read More »

Cyber Actors Target Home and Office Routers and Networked Devices Worldwide

Cyber Actors Target Home and Office Routers and Networked Devices Worldwide - blackMORE Ops

DHS and FBI recommend that all SOHO router owners power cycle (reboot) their devices to temporarily disrupt the malware. Network device management interfaces—such as Telnet, SSH, Winbox, and HTTP—should be turned off for wide-area network (WAN) interfaces, and, when enabled, secured with strong passwords and encryption. Network devices should be upgraded …

Read More »

Privacy Policy on Cookies Usage

Some services used in this site uses cookies to tailor user experience or to show ads.