CISA and FBI released a joint Cybersecurity Advisory (CSA), Known Indicators of Compromise Associated with Androxgh0st Malware, to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with threat actors deploying Androxgh0st malware.
🔗 https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-016a
So, who's lying and who's doing a PR stunt? :birdsite:
If the SEC had failed to enable two-factor authentication — as the statement from X claimed — the agency would be in violation of federal government guidance. A December 2021 advisory from the Cybersecurity and Infrastructure Security Agency urges federal agencies to enforce multi-factor authentication for their social media accounts, among other actions.
CISA’s Security by Design (SbD) Alert emphasizes the need for technology manufacturers to take proactive steps to eliminate the risk of default password exploitation.
#SBOM: The NSA, #CISA, ODNI and the CyberSecurity industry partners have released a cybersecurity technical report: “Securing the Software Supply Chain: Recommended Practices for Managing #OpenSource Software and Software Bill of Materials (SBOM):
[PDF]👇
CISA said the agency is working to identify water utility operators using devices from Israeli company Unitronics and notifying those organizations if they are at risk of cyberattack