The National Security Agency (NSA), Office of the Director of National Intelligence (ODNI), the Cybersecurity and Infrastructure Security Agency (CISA), and industry partners have released a cybersecurity technical report (CTR), “Securing the Software Supply Chain: Recommended Practices for Software Bill of Materials Consumption.” The guidance in this release aids software developers, suppliers, and customer stakeholders in ensuring the integrity and security of software via contractual agreements, software releases and updates, notifications, and mitigations of vulnerabilities.
DHS Launches New Critical Infrastructure Security and Resilience Campaign
The DHS and two of its agencies, CISA and FEMA, on Tuesday announced the launch of a new campaign whose goal is to help critical infrastructure organizations become more secure and resilient.
The new campaign, called Shields Ready, complements an existing campaign named Shields Up, which focuses on providing recommendations and other resources that can help critical infrastructure organizations reduce risk in response to specific threat intelligence.
DoD to release first industrial strategy by end of year
The Defense Department will release its first defense industrial strategy by the end of the year to better utilize the defense industrial base, while helping to secure supply chains to ensure the DoD is well prepared for the future.
The strategy will focus on four key pillars, said Justin McFarlin, the deputy assistant secretary of Defense for industrial base development and international engagement: resilient supply chains, workforce readiness, flexible acquisition and economic deterrence.
McFarlin said that supply chain and workforce are issues also affecting industry, which is still experiencing the impact of the COVID-19 pandemic and retention challenges.
FBI shares AvosLocker ransomware technical details, defense tips
The U.S. government has updated the list of tools AvosLocker ransomware affiliates use in attacks to include open-source utilities along with custom PowerShell, and batch scripts.
In a joint cybersecurity advisory, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) also share a YARA rule for detecting malware in the guise of a legitimate network monitoring tool.
Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
A high-severity remote code execution (RCE) vulnerability in Apache NiFi, for which an exploitation tool already exists, can lead to unauthorized access and data breaches, cybersecurity firm Cyfirma warns.
ICS Computers in Western Countries See Increasing Attacks: Report
Industrial control system (ICS) computers in the Western world have been increasingly attacked, but the percentages are still smaller compared to other parts of the globe, according to Kaspersky’s latest ICS threat landscape report.
VMConnect Supply Chain Attack Persists
In early August, the research team at ReversingLabs came across a malicious supply chain campaign that included 24 harmful Python packages called VMConnect. The team has associated the campaign with three very common open-source Python tools.
Microsoft PowerShell Gallery vulnerable to spoofing, supply chain attacks
Lax policies for package naming on Microsoft’s PowerShell Gallery code repository allow threat actors to perform typosquatting attacks, spoof popular packages and potentially lay the ground for massive supply chain attacks.
PowerShell Gallery is a Microsoft-run online repository of packages uploaded by the wider PowerShell community, hosting a large number of scripts and cmdlet modules for various purposes.
U.S. hunts Chinese malware that could disrupt American military operations
The Biden administration is hunting for malicious computer code it believes China has hidden deep inside the networks controlling power grids, communications systems and water supplies that feed military bases in the United States and around the world, according to American military, intelligence and national security officials.
The discovery of the malware has raised fears that Chinese hackers, probably working for the People’s Liberation Army, have inserted code designed to disrupt U.S. military operations in the event of a conflict, including if Beijing moves against Taiwan in coming years.
IBM Calls for Fed Supply Chain Security Center of Excellence
Tech giant International Business Machines (IBM) has called on the government to establish a shared service center of excellence to develop protections against supply chain disruptions, according to a recent report it released in collaboration with experts from government, business, academia, and the nonprofit sectors.