DHS

Pierluigi Paganini October 02, 2023
Ransomware attack on Johnson Controls may have exposed sensitive DHS data

Experts warn that the recent attack on building automation giant Johnson Controls may have exposed data of the Department of Homeland Security (DHS). Johnson Controls International plc is a multinational conglomerate with a diversified portfolio of products and services primarily focused on building technologies and solutions. The company provides HVAC (heating, ventilation, and air conditioning), […]

Pierluigi Paganini August 05, 2022
DHS warns of critical flaws in Emergency Alert System encoder/decoder devices

The U.S. DHS warns of critical security vulnerabilities in Emergency Alert System (EAS) encoder/decoder devices. The Department of Homeland Security (DHS) warned of critical security vulnerabilities in Emergency Alert System (EAS) encoder/decoder devices. Threat actors could exploit the flaws to send fake emergency alerts via TV, radio networks, and cable networks. The Emergency Alert System […]

Pierluigi Paganini December 15, 2021
DHS announces its ‘Hack DHS’ bug bounty program

The DHS has launched a new bug bounty program dubbed ‘Hack DHS’ to discover security vulnerabilities in external DHS systems. The Department of Homeland Security (DHS) has launched a new bug bounty program dubbed ‘Hack DHS’ that allows vetted white hat hackers to discover and report security vulnerabilities in external DHS systems. “As the federal […]

Pierluigi Paganini May 27, 2021
DHS announces security measures for critical pipeline industry

The US Department of Homeland Security (DHS) has announced new cybersecurity requirements for critical pipeline owners and operators. The Colonial pipeline incident continues to have a serious impact on the critical infrastructure sector. The US Department of Homeland Security (DHS) has announced new cybersecurity requirements for owners and operators of critical pipelines. The new security directive requires critical […]

Pierluigi Paganini April 02, 2021
DHS CISA requires federal agencies to assess their Microsoft Exchange servers by April 5

The DHS CISA has issued a supplemental directive that requires all federal agencies to identify vulnerable Microsoft Exchange servers in their infrastructure within five days. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a supplemental directive requiring all federal agencies to identify Microsoft Exchange servers in their environments impacted by […]

Pierluigi Paganini March 31, 2021
Email accounts of DHS members were compromised in the SolarWinds hack

Russian hackers accessed the email accounts of US Department of Homeland Security (DHS) officials as a result of the SolarWinds hack. Russia-linked hackers were able to access email accounts belonging to US Department of Homeland Security (DHS) officials during the SolarWinds supply chain attack.  “Suspected Russian hackers gained access to email accounts belonging to the […]

Pierluigi Paganini September 21, 2020
DHS CISA orders federal agencies to fix Zerologon flaw by Monday

DHS CISA issued an emergency directive to tells government agencies to address the Zerologon vulnerability (CVE-2020-1472) by Monday. The Department of Homeland Security’s CISA issued an emergency directive to order government agencies to address the Zerologon vulnerability (CVE-2020-1472) by Monday. The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon. The Netlogon service is an Authentication Mechanism […]

Pierluigi Paganini May 04, 2020
DHS CISA alert provides recommendations on securing Office 365 installs

The US DHS CISA agency issued a new alert that includes recommendations on how organizations should properly secure Microsoft Office 365 installs. The current COVID-19 pandemic is pushing organizations to adopt a growing number of cloud-based services, for this reason, the DHS CISA published a new alert that provides recommendations to secure Office 365 deployments. […]

Pierluigi Paganini February 19, 2020
US CISA warns of Ransomware attacks impacting pipeline operations

The Cybersecurity and Infrastructure Security Agency (CISA) is warning critical U.S. infrastructure operators of a recent ransomware attack that affected a natural gas compression facility. The Cybersecurity and Infrastructure Security Agency (CISA) issued an alert across critical U.S. infrastructure sectors about a recent infection at a natural gas compression facility. “The Cybersecurity and Infrastructure Security Agency (CISA) […]

Pierluigi Paganini January 06, 2020
DHS warns of Iran-linked attacks in a National Terrorism Advisory System bulletin

The U.S. Department of Homeland Security (DHS) has issued warnings about the possibility of cyber-attacks launched by Iran-linked hackers. The U.S. Department of Homeland Security (DHS) has issued warnings about the possibility of cyber-attacks launched by Iran-linked threat actors. The attacks could be the response of Teheran after Maj. Gen. Qassim Suleimani was killed by a U.S. drone airstrike […]