Critical Infrastructure Security, Vulnerability Management, Privacy

Over 100K possibly impacted by Ivanti-related CISA compromise

(Adobe Stock)

(Adobe Stock)

More than 100,000 individuals were noted by the Cybersecurity and Infrastructure Security Agency to possibly have been affected by a cyberattack against its Chemical Security Assessment Tool involving the exploitation of security vulnerabilities in Ivanti appliances, reports CyberScoop.

CSAT was targeted with a webshell that resulted in the loss of system control, allowing threat actors to evade not only Ivanti's mitigations but also its integrity checker tool, according to CISA Executive Director Brandon Wales, who noted that the agency's critical infrastructure security tool portal had also been subjected to "limited" compromise.

Additional technological upgrades will be implemented in CSAT before it returns online, Wales said.

Such an intrusion against CISA has shown the importance of an incident response plan that enabled the agency to quickly address the situation, as well as more robust information sharing efforts, said Wales, who added that the incident has also provided insight into the system security updates needed by the agency.

Related

Details on 2021 Chemonics hack remain scant

International development firm Chemonics, which mainly caters to the United States Agency of International Development, has not yet provided more extensive information regarding a cyberattack that compromised more than 6,000 individuals initially reported in July 2021, reports FedScoop.

Media, think tank, service spoofing conducted in APT42 cyberespionage operations

Iranian state-backed hacking operation APT42 — also known as Mint Sandstorm, Mint Phosphorous, Charming Kitten, and TA453 — has spoofed major news organizations, including The Washington Post, think tanks, such as the McCain Institute, and internet services, such as Gmail, YouTube, and Google Drive, as part of cyberespionage campaigns against journalists and human rights activists, reports CyberScoop.

Feds warn of new Kimsuky phishing attack techniques

The U.S. State Department, National Security Agency, and the FBI have issued a joint advisory warning organizations across the country, especially educational entities, non-profits, and think tanks, regarding the increasingly advanced phishing techniques leveraged by North Korean state-backed hacking group Kimsuky, also known as APT43, Emerald Sleet, and Velvet Chollima, Nextgov reports.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.