ICS/OT
Agencies say the attacks leverage basic intrusion techniques, but poor cyber hygiene within critical infrastructure organizations could lead to disruptions and damage.
Hi, what are you looking for?
SecurityWeek
All posts tagged "guidance"
Identity & Access
CISA is making recommendations for organizations and users in light of the recent Oracle legacy cloud environment hack.
Malware & Threats
US and allied countries warn of threat actors using the “fast flux” technique to change DNS records and hide malicious servers’ locations.
Security Architecture
A new GAO report assesses that the Coast Guard needs to improve Maritime Transportation System (MTS) cybersecurity.
Network Security
Five Eyes cybersecurity agencies have released guidance on securing edge devices against increasing threats.
Application Security
CISA and the FBI have updated their guidance regarding risky software security bad practices based on feedback received from the public.
Application Security
CISA and other agencies call to action for the US government to take steps to close the software understanding gap.
ICS/OT
CISA and other Western security agencies have shared guidance for OT owners and operators when procuring products.
Mobile & Wireless
In light of recent Chinese hacking into US telecom infrastructure, CISA has released guidance on protecting mobile communications.
ICS/OT
EPA and CISA urge organizations in the water and wastewater systems sector to harden remote access to internet-exposed human-machine interfaces (HMIs).
Network Security
Government agencies issue guidance on Chinese telecoms hacking as US officials say threat actors may have yet to be expelled.
Application Security
CISA, FBI, and ACSC have published guidance to help software manufacturers establish secure deployment processes.
Application Security
CISA and the FBI are requesting public comment on new guidance regarding risky software security bad practices.
ICS/OT
New guidance provides information on how to create and maintain a secure operational technology (OT) environment.
Identity & Access
Five Eyes cybersecurity agencies have released joint guidance on identifying Active Directory compromises.
Government
Government agencies in the US and allied countries have released guidance on how organizations can define a baseline for event logging best practices.
Application Security
Most critical open source software contains code written in a memory unsafe language, US, Australian, and Canadian government agencies warn.
Network Security
Government agencies in the US, New Zealand, and Canada have published new guidance on improving network security.
Government
The EPA has issued an enforcement alert, outlining the steps needed to comply with the Safe Drinking Water Act.
Vulnerabilities
CISA and the FBI warn of threat actors abusing path traversal software vulnerabilities in attacks targeting critical infrastructure.
Threat Intelligence
Enterprises running SharePoint servers should not wait for a fix for CVE-2025-53770 and should commence threat hunting to search for compromise immediately.
Fraud & Identity Theft
Malware & Threats
Vulnerabilities
Nation-State
Management & Strategy
Noteworthy stories that might have slipped under the radar: powerful US law firm hacked by China, Symantec product flaw, $10,000 Meta AI hack, cryptocurrency...
Fraud & Identity Theft