/ Government Security Alerts /

What is website security? Website security refers to the protection of personal and organizational public-facing websites from cyberattacks. Why should I care about website security? Cyberattacks against public-facing websites—regardless of size—are common. An attack to your website could Cause defacement, Cause a denial-of-service (DoS) condition, Enable the attacker to obtain sensitive information, or Enable the …

/ Government Security Alerts /

Why is it important to dispose of electronic devices safely? In addition to effectively securing sensitive information on electronic devices, it is important to follow best practices for electronic device disposal. Computers, smartphones, and cameras allow you to keep a great deal of information at your fingertips, but when you dispose of, donate, or recycle …

/ Government Security Alerts /

Remote Access Trojan: JBiFrost  First observed in May 2015, the JBiFrost RAT is a variant of the Adwind RAT, with roots stretching back to the Frutas RAT from 2012. A RAT is a program that, once installed on a victim’s machine, allows remote administrative control. In a malicious context, it can—among many other functions—be used …

Detection Organizations should configure system logs to detect incidents and to identify the type and scope of malicious activity. Properly configured logs enable rapid containment and appropriate response. Response An organization’s ability to rapidly respond to and recover from an incident begins with the development of an incident response capability. An organization’s response capability should …

Recommended best practices for mitigating this threat include rigorous credential and privileged-access management, as well as remote-access control, and audits of legitimate remote-access logs. While these measures aim to prevent the initial attack vectors and the spread of malicious activity, there is no single proven threat response. Using a defense-in-depth strategy is likely to increase …

/ Government Security Alerts /

Since at least late 2016, HIDDEN COBRA actors have used FASTCash tactics to target banks in Africa and Asia. At the time of this TA’s publication, the U.S. Government has not confirmed any FASTCash incidents affecting institutions within the United States. FASTCash schemes remotely compromise payment switch application servers within banks to facilitate fraudulent transactions. …

/ Government Security Alerts /

What is malicious code? Malicious code is unwanted files or programs that can cause harm to a computer or compromise data stored on a computer. Various classifications of malicious code include viruses, worms, and Trojan horses. Viruses have the ability to damage or destroy files on a computer system and are spread by sharing an …

/ Government Security Alerts /

What is enterprise network security? Enterprise network security is the protection of a network that connects systems, mainframes, and devices―like smartphones and tablets―within an enterprise. Companies, universities, governments, and other entities use enterprise networks to help connect their users to information and people. As networks grow in size and complexity, security concerns also increase. What …

/ Government Security Alerts /

Emotet continues to be among the most costly and destructive malware affecting SLTT governments. Its worm-like features result in rapidly spreading network-wide infection, which are difficult to combat. Emotet infections have cost SLTT governments up to $1 million per incident to remediate. Emotet is an advanced, modular banking Trojan that primarily functions as a downloader …

The popularity of cryptocurrency, a form of digital currency, is rising; Bitcoin, Litecoin, Monero, Ethereum, and Ripple are just a few types of the cryptocurrencies available. Though cryptocurrency is a common topic of conversation, many people lack a basic understanding of cryptocurrency and the risks associated with it. This lack of awareness is contributing to …