David Jones

Newark

Reporter at Cybersecurity Dive

Articles

Mitre CVE program regains funding as renewal deal reached

1 week ago | cybersecuritydive.com | David Jones

The Cybersecurity and Infrastructure Security Agency said it reached an agreement to renew funding for a software vulnerability program that is used by the information security community to address security flaws. The funding will be restored for a period of 11 months, according to officials familiar with the decision. Mitre Corp. on Tuesday had warned that funding to operate the Common Vulnerabilities and Exposures program would expire as of today.
CISA launches new wave of job cuts

1 week ago | cybersecuritydive.com | David Jones

The Cybersecurity and Infrastructure Security Agency is in the process of a major push to eliminatejobs, starting with a voluntary resignation program, part of a wider effort by the Trump administration to reduce the size of the federal workforce. CISA is now participating in workforce transition programs from the Department of Homeland Security, according to an agency spokesperson.
Hertz says personal data breached in connection with Cleo file-transfer flaws

1 week ago | cybersecuritydive.com | David Jones

Hertz Corp. confirmed a threat actor gained access to sensitive personal data in a breach linked to vulnerabilities in Cleo file-transfer software, according to a filing Friday with the Maine Attorney General’s office. Hertz said it learned on Feb. 10 that an unauthorized third party obtained the data in connection with an attack spree that took place between October and December 2024. Hertz completed an analysis of the stolen data on April 2.
Aviation sector faces rising cyber risks due to vulnerable software, aging tech

1 week ago | ciodive.com | David Jones

The aviation industry is facing significant threats to its ability to maintain cyber resilience and must address key issues ranging from aging technology, outdated software and growing risks from sophisticated threat actors, according to a report released Thursday from the Foundation for Defense of Democracies. The report calls on the Federal Aviation Administration to conduct a comprehensive modernization of the nation’s air traffic control system with a strong focus on cyber resilience.
Aviation sector faces heightened cyber risks due to vulnerable software, aging tech

1 week ago | cybersecuritydive.com | David Jones

The aviation industry is facing significant threats to its ability to maintain cyber resilience and must address key issues ranging from aging technology, outdated software and growing risks from sophisticated threat actors, according to a report released Thursday from the Foundation for Defense of Democracies. The report calls on the Federal Aviation Administration to conduct a comprehensive modernization of the nation’s air traffic control system with a strong focus on cyber resilience.
FCCが調査を開始米国の国家安全保障措置を中国関連企業が回避した疑い：Cybersecurity Dive

1 week ago | itmedia.co.jp | David Jones

この記事は会員限定です。会員登録すると全てご覧いただけます。連邦通信委員会（FCC）は2025年3月21日（現地時間）に、中国と関係のある企業が、米国で禁止された機器やサービスを依然として販売しているかどうかを調査していると発表した（注1）。中国の脅威に対する米国の対応 FCCは安全保障上のリスクがあると見なされた複数の企業に対し、質問状と1通の召喚状を送付した。現在、同庁は追加の対応が必要かどうかを判断するための情報を収集している。 FCCによると、これらの企業は同庁の「対象リスト」に掲載された後もなお（注2）、米国内で事業を続け、国家安全保障において容認できないリスクを伴う機器を販売している可能性があるという。 FCCのブレンダン・カー氏（委員長）は、声明の中で次のように述べた。「これらの措置にもかかわらず、対象リストに載っている企業の一部または全部が、民間企業の形態や、規制の及ばない方法で米国国内で事業を続けており、FCCの禁止措置の回避を試みていると考える理由がある。私たちはそれを見逃すつもりはない」...
GitHub Actionsを狙ったサプライチェーン攻撃攻撃者たちの真意は？：Cybersecurity Dive

1 week ago | itmedia.co.jp | David Jones

この記事は会員限定です。会員登録すると全てご覧いただけます。 Palo Alto Networksの研究チーム「Unit 42」の報告書によると（注1）、「GitHub Actions」に対するサプライチェーン攻撃を仕掛けた攻撃者は、最初の攻撃で、暗号資産取引所のCoinbaseを標的にしていたという。クラウドセキュリティサービスを提供するWizの研究者たちも、更新されたブログ投稿の中で、Coinbaseが最初の標的だったことを確認している（注2）。 GitHub Actionsを狙ったサプライチェーン攻撃攻撃者たちの真意は？この攻撃は、暗号資産取引所が公開しているオープンソースプロジェクト「agentkit」におけるCI/CD（継続的インテグレーション／継続的デリバリー）のフローを悪用するよう設計されていた。研究者たちによると、攻撃者はこのプロジェクトを利用してさらなる侵害を計画していた可能性が高い。だが、Coinbaseの機密情報にアクセスしたり、パッケージを公開したりはできなかったという。 Palo Alto...
Remote access tools most frequently targeted as ransomware entry points

1 week ago | cybersecuritydive.com | David Jones

Remote access tools were the initial entry point in eight of every 10 ransomware attacks in 2024, according to a report released Thursday by At-Bay. VPNs accounted for about two-thirds of ransomware attack entry points. Indirect ransomware claims continue to rise, showing a 43% increase in 2024, according to At-Bay. Indirect ransomware is when an attack begins on a third-party vendor or business partner, often leading to a data breach or business interruption of a downstream client or partner.
Plankey nomination at CISA placed on hold after Wyden pushes for telecom report

2 weeks ago | cybersecuritydive.com | David Jones

Sen. Ron Wyden has placed the nomination of Sean Plankey as director of the Cybersecurity and Infrastructure Security Agency on hold, citing the refusal to publicly release an unclassified 2022 report on security practices at U.S. telecom firms.
Windows CLFS zero-day exploited in ransomware attacks

2 weeks ago | cybersecuritydive.com | David Jones

Attackers are exploiting a zero-day vulnerability in the Windows Common Log File System to deploy ransomware against various targets, including information technology and real estate organizations in the U.S., according to researchers at Microsoft. ‘Researchers who discovered the flaw said the exploit had been deployed via PipeMagic malware. A threat actor tracked as Storm-2460 has used PipeMagic to deploy ransomware, according to researchers.